Disaster Recovery, IT Service Management, IT Job Description, Sarbanes Oxley, and IT Salary
Full news feed

The 27-count indictment, returned in Central Islip, N.Y., charges a Ukrainian , and an Estonian with wire fraud conspiracy, wire fraud, conspiracy to possess unauthorized access devices, access device fraud, aggravated identity theft, conspiracy to commit computer fraud, computer fraud and counts of interception of electronic communications.  In addition a one-count complaint charges a Miami resident with wire fraud conspiracy related to the scheme.

According to the indictment and complaint, they engaged in a scheme in which they hacked into cash register terminals for restaurants at various locations around the United States in order to acquire credit and debit card information. The defendants then sold the stolen data to others who used it to make fraudulent purchases or re-sold it to make such purchases, causing losses to financial institutions that issued the credit and debit cards.

The data included the customer account number and expiration date, but not the cardholderÂ’s name or other personally identifiable information.  The indictment alleges that in or about May 2007, gained unauthorized access to the cash register terminals and installed at each restaurant a packet sniffer, a malicious piece of computer code designed to capture communications between two or more computer systems on a single network. The packet sniffer was configured to capture the credit card data as it moved from the restaurant point-of-sale server through the computer system at the companys corporate headquarters to the data processors computer system. At one restaurant location the packet sniffer captured data for approximately 5,000 credit and debit cards, eventually causing losses of at least $600,000 to the financial institutions that issued the credit and debit cards.

    The 25 percent figure is 3 points higher than a study conducted in January and 11 points higher than one completed in October, indicating a deepening trend.  The study also found that  55 percent of the respondents said software spending will not change in the next 90 days, and just 12 percent indicated it will rise.

Cuts to capital budgets appear to be a factor, according to the survey. Twenty-six percent of people who took it said their capital budgets had been cut over the past three months, a 4 point rise from January. In contrast, only 8 percent reported an increase in their capital budgets.  However, 27 percent reported they simply did not need to buy any new software, down two points from the January survey.

A number of major software categories, such as ERP (enterprise resource planning) and CRM (customer relationship management) applications, showed weakness moving forward.  But spending on two, virtualization and security, will see a modest jump in the next 90 days, according to the study.

But in a May 2 filing with the FCC, Google contends Verizon has no such intentions. Instead, Google claims, Verizon plans to institute a two-door policy: one door for open access devices and applications and another door for closed devices that only support Verizon's proprietary applications.

In the filing, Google urged the FCC to deny Verizon a license to use the spectrum until it fully commits to an open network.

Verizon has taken the public position that it may exclude its handsets from the open access condition, Google states in the filing. Verizon believes it may force customers who want to access the open platform using a device not purchased from Verizon to go through Door No. 1, while allowing customers who obtain their device from Verizon access through Door No. 2.

It is door No. 2 that troubles Google, which is heavily invested in promoting its own Android open-source mobile platform. As the search giant sees it, Verizon plans to deny Verizon customers full open access to competing devices and applications.

Accourding to Google, the FCCmandates opening the C Block network for the use of any device, and for the use of any application on any device, regardless of whether an end user obtains the device from the licensee, another service provider, a manufacturer or other third party.

Verizon promptly dismissed the Google concerns.

The Google  filing has no legal basis.  It is really no surprise that despite not winning spectrum, they continue to try to change the rules and further their own business interests through the regulatory process, Verizon spokesman said in a statement, adding that Verizon plans an FCC filing in next several days to counter the Google claims.  

Last summer, Google lobbied the FCC into adopting open access standards for the prime C Block of spectrum, a notion Verizon initially opposed in a lawsuit, contending that the spectrum should go the highest bidder with no restrictions. Verizon eventually dropped the legal challenge.

Verizon Wireless Â… understood the FCC rules for using that spectrum in advance of the auction, a Verizon spokesman said. Of course Verizon will abide by those rules.  As Verizon works to put the spectrum we won to good use, if Google or anybody else has evidence that we aren't playing by the rules, there are legitimate and expedited ways to address that.

Such a discount could cause a surge in demand. At last count, Apple had sold some 5.4 million units, the vast majority of them for AT&Ts network, even with price tags of $400 to $600—essentially unheard of in the U.S. cellular market. Impressively, AT&T says 40% of its iPhone users are new customers. Yet with rival smartphones like Research In Motion's (RIMM) BlackBerry and a new Palm (PALM) Treo selling for as little at $99 at some carriers, competitive pressures are building.

But a price cut might be about more than nabbing new customers. AT&Ts goal may also be to boost monthly revenues from existing subscribers who switch to the iPhone, as the big colorful screen and robust Web browser on the Apple device tends to make iPhone owners heavier users of AT&Ts wireless data services. AT&T brings in about $90 a month from each iPhone user, reckons an analyst with UBS Investment Research (UBS). When Apple cut the price on the iPhone by 33% earlier this year, it stimulated demand, he says. If this new price turns out to be true, it would do it again. It's like déjà vu all over again.

For AT&T, eager to generate returns on its multibillion-dollar investments in a next-generation data network, a $200 subsidy on a device with a proven success record may be a no-brainer. This is not unexpected at all. The $200 is a small fraction of the revenue that AT&T makes over a two-year contract.

The topics covered in this issue are:

• IT Service Management (ITSM) is impacted by the recession
• Technology Investments Approaching the Point of Diminishing Returns
• Productivity Tools

In addition the newletter has links to:

• Metrics HandiGuide
• ITSM Template
• CIO Productivity Toolkit
• IT Job Descriptions
• 2008 Salary Survey

There are a number of steps that your company can follow to minimize the exposure to the security breaches.  These include:

• Monitor financial databases directly
• Test access to databases and fix all weakness found
• Audit user access
• Limit downloading of more than 5% of the data to a single source and validate the destruction of that data within a reasonable period of time
• Validate if the way users use the data to see that it complies with company policies
• Validate transactions are authentic
• Conduct an audit with independent auditors
• Automate the system of internal controls with a clear audit trail that is reviewed in real time
• Encrypt data

The need for continued focus and investment is clear, especially when you consider that data-at-rest in enterprises is growing at a compounded rate of 55 percent a year.

Moving all that data is a mounting challenge, and business simply cannot wait.

To meet these growing demands at a reasonable cost, organizations are moving to IP-based networks; 70 percent of North American and 79 percent of European organizations use some combination of the Internet, MPLS or Ethernet to connect to their primary backup datacenter. Bandwidth prices may be in decline, but that doesnÂ’t mean it comes cheap. Bandwidth, on average, is 29 percent of the total cost of replication, backup and recovery solutions, and is often constrained by the effects of latency.

End-to-end plans for turning disaster recovery into full business continuity are very complex, but from an IP-network perspective it can be reduced to three main challenges.

The first is to accomplish backups in a timely yet accurate manner. Given organic data growth, and that each logical data object has between four and eight copies somewhere in the network, even differential backups can be tough to fit into assigned windows. Synchronous or live-to-live data models are even more bandwidth intensive and latency intolerant.

The second challenge is minimizing downtime. In the event of a failure or disaster, how quickly can backed-up data be restored? Considering a differential backup can take 8 hours or more to complete, and only represents 10-20 percent of the total data set, a full restore can be daunting. According to Ziff Davis Research, the average organization has 94TB of managed storage, and getting that data across the network only begins after the systems have been physically restored.

Finally, because of how long full data recovery can take, most organizations are moving from disaster recovery to disaster tolerance, where some level of service can be quickly restored in the name of business continuity. To do this effectively requires both warm – or even hot – standby servers and the ability to quickly re-route users, customers and partners to the secondary location. Beyond the clear routing and networking challenges, there are additional application performance concerns. Users may have to cross physically or logically longer networks with higher latency to reach the redundant datacenter, and do so over links whose bandwidth is typically provisioned as sparingly as possible.

The first is to accomplish backups in a timely yet accurate manner. Given organic data growth, and that each logical data object has between four and eight copies somewhere in the network, even differential backups can be tough to fit into assigned windows. Synchronous or live-to-live data models are even more bandwidth intensive and latency intolerant.

The second challenge is minimizing downtime. In the event of a failure or disaster, how quickly can backed-up data be restored? Considering a differential backup can take 8 hours or more to complete, and only represents 10-20 percent of the total data set, a full restore can be daunting. According to Ziff Davis Research, the average organization has 94TB of managed storage, and getting that data across the network only begins after the systems have been physically restored.

Rather than add more bandwidth, or invest in expensive, dedicated storage networks, WAN optimization can improve IP network performance sufficient to turn recovery into continuity. To help meet the objectives outlined above, a WAN optimization solution must be able to do three separate tasks for true business continuity: restrict bandwidth to backup applications during the allowed window and allocate it to critical applications in the event of a disaster, overcome latency and bandwidth limitations on the wire, and provide acceleration to roaming or displaced users redirected to alternative data sources.

Since then, more states have become tax-inclined. In 2008 alone, Indiana, Utah, and South Dakota have enacted laws reiterating their commitments to collect taxes on digital downloads, while Nebraska recently voted to send its governor a bill (PDF) that would tax downloads of books, movies, and music starting October 1. Others, including Wisconsin and Massachusetts, have formed groups to study new iTunes taxes.

I would not be surprised to see other states attempting to impose taxes on digital goods, said an attorney who represents a group of Fortune 500 digital goods vendors opposed to new taxes. He could not name the companies because irked tax administrators might retaliate by singling out his clients for audits.

One reason that music and movie downloads have partially escaped the notice of tax collectors is that, until a few years ago, the market was relatively small and state tax laws sometimes apply only to tangible goods. But their attitude has changed now that iTunes, Amazon.com, eMusic, Rhapsody, Wal-Mart Music, Yahoo Music Unlimited, and others have demonstrated that there is plenty of untapped revenue for tax-hungry politicians--underscored by reports like one in February stating that iTunes has sold more than 4 billion songs.

Arguably the most heated showdown is looming in California, home to an $8 billion deficit and lawmakers who are scrambling to do something about it. The state legislature is considering a bill proposed earlier this year by Democratic Assemblyman, who represents a district east of Los Angeles. The bill calls for new taxes to sweep in digital property, which includes, but is not limited to, products like music, movies, and books.

Some opponents fear that broad definition could sweep up everything from electronic tax-preparation services to video games to advertising, causing new headaches for online retailers and their customers.

Backers of the new taxes--which, in the California case, include the AFL-CIO and associations that represent state, county, and municipal employees, teachers, firefighters, and county governments--contend they're necessary to offset budget deficits and to create parity with the physical versions of those products that would otherwise be taxed.

• Quickly resolve technical problems and save time;
• Rapidly resolve complex, mission-critical incidents; and
• Handle increasing call volume without increasing budgets.

Wireless Network Options
No Server	Server
Best suited for small office/home office environments.	Smart choice for small to medium businesses, especially those with aggressive growth plans.
Relatively easy for a novice to set up.	Does not require significant technical knowledge to set up, but novices may need outside technical support/help desk.
Requires a wireless gateway or wireless router.	Requires one or more wireless gateways that support 802.11X network.
Does not provide centralized management of user accounts or user authentication.	Enables centralized management of user accounts and user authentication.
Provides limited methods to control or manage workgroup members.	Provides robust methods to manage domain member accounts. Controls can be fine-tuned.

A summary of the Janco browser market share data can be found on the Janco web site (http://www.e-janco.com/browser.php) and the IT Productivity Center web site (http://www.itproductivity.org/browser.php).  In addition the full white paper with excel spread sheets can be purchased at both sites for $249.

Thousands of companies have embraced the idea of giving employees an unfiltered voice as a means to keep in touch with customers, suppliers, and the media. Sun Microsystems boasts a 4,000-employee-strong blog network, including its chief executive, and some corporate spokesbloggers"have even rocketed to Internet stardom.

Ciscos legal trouble stems from a Blogspot-hosted blog called Patent Troll Tracker which directs the company's intellectual property department, launched last May. The posts focused on patents and patent litigation--an issue that Cisco has pressed Congress to address by overhauling what it views as a broken U.S. patent system.

A few weeks ago, Frenkel revealed his identity, and two patent attorneys in Texas filed suit, accusing him of tarnishing their good names and disparaging a patent case their client had filed against Cisco--all the while allegedly concealing his affiliation with the company.

Cisco has responded by rethinking how it does blogging. Now the Patent Troll Tracker posts appear to be open only to invited readers. Although the company says it's standing by Frenkel and allowing him to continue his personal blog, the incident also highlighted a number of important "lessons," Cisco said in a statement--including the potential perils of unchecked anonymous blogging.

Cisco said it still believes "common sense" should be a guiding force for employees sharing information online, but it also added the following rule to its three-year-old Internet postings policy: "If you comment on any aspect of the company's business or any policy issue the company is involved in where you have responsibility for Cisco's engagement, you must clearly identify yourself as a Cisco employee in your postings or blog site(s) and include a disclaimer that the views are your own and not those of Cisco."

Paradoxically, while IT investment has been repaid many times over in accelerated times to market, improved customer relationships and faster supply chains, it has precipitated an exponential growth in IT assets that threatens future gains. The proliferation of assets has increased the complexity of the IT environment, raising operational and administrative costs and reducing infrastructure productivity.

These three trends are seriously constraining the ability of CIOs to deliver new applications, support business expansion and align IT with overall business strategy. There is increasing concern that IT investment is approaching the point of diminishing marginal returns.

CIOs were asked, What is the ratio of internal end-users to technical support employees at your company?  The mean response was 136:1.

CIOs also were asked, What would be the ideal ratio of internal end-users to technical support employees at your company?  The mean response was 82:1.

Survey results also indicated that CIOs from the largest companies (greater than 1,000 employees) were closest to their ideal level of technical support, with a ratio of end-users to IT staff of 118:1 versus an ideal of 82:1.  Farthest from their ideal were CIOs from midsize firms (250-499 employees), who said that their ratio of end-users to IT support staff is 131:1, when in a perfect world it would be 64:1.

Many managers, particularly those with organizations experiencing growth, are realizing their technical support or help desk teams can no longer keep up with increasing end-user needs.  An understaffed technical support function can lead to a frustrated and less productive workforce, which ultimately affects the companys bottom line.

Organizations with ongoing, proactive information technology recruiting strategies are in the best position to provide staff the resources they need to succeed.  It is particularly difficult to find skilled technical support professionals in the current competitive hiring environment.  Employers are now using multiple recruiting tactics, including placing want ads in a variety of places, networking and enlisting the help of a specialized staffing firm to help ensure a consistent pipeline of talent.

Some cities have already put the technology into production use. For instance, the government in Fredericksburg, Va., is using a system developed by Tannery Creek Systems Inc. that can check two cars per second via cameras that capture images of license plates as well as the shapes of parked vehicles.

A GPS device that Tannery claims is accurate to within a meter marks the locations of parked cars. The system then "compares the characteristics" of the cars in individual spaces the next time it drives by them, in order to determine whether drivers have overstayed their welcome, said Bill Franklin, president of the Concord, Ontario-based vendor.

The D.C. governments venture into digital recognition technology began about two years ago, when the city began using a system from Elsag North America to search for parking ticket scofflaws. That system uses infrared cameras to scan license plates, which are checked against a database on a laptop PC. If the system says a vehicle is eligible for the boot, the enforcement agent first checks to make sure that the tickets haven't been paid since the last time the information in the database was updated.

Not everyone is as equally impressed with the latest update, which may account for why sales of Vista into business environments are improving slowly, which may also account for why Microsoft felt compelled to quietly release an update to Windows XP even as it plans its ultimate demise. Elsewhere, Bill Gates gave his views on the state of software at Stanford.

• Look objectively at your technology environment.  Take a hard look at your voice and data communications.  How is your company using them now?  How are messages both voice mail and email handled?  How can integrated voice and data help your mobile workers?  Make sure your networks can handle remote traffic at current and expected volumes.  How are your communications resources organized? How are remote connections to your network supported?  Are they secure?  What are your current methods for authentication and authorization of remote workers?  Once these questions are answered, youÂ’ll need to step back and determine where the greatest weaknesses are. What needs to be improved to help your own efficiency?
• Look objectively at your staff.  How are your people organized, and how are you empowering them, especially mobile and remote workers?  Where are your employees headed and where should they be headed in terms of professional development and success?  What are their capabilities, interests, and needs?  Your workers are looking to do as good a job as possible, but not waste time hearing about technology that wonÂ’t be immediately useful (especially your sales staff). Make sure the "active learners" have the help they need to get up and running quickly. This group will consist of core users who can help others get up to speed quickly as well.  Of course, youÂ’ll likely find smartphones being used in ways you havenÂ’t considered. YouÂ’ll want to have formal and informal ways of exchanging tips and techniques. Informal chats as well as written briefs can ensure can that people have access to information in a format that will be most appropriate for each learner.
• Listen to your customers, prospects, and suppliers. These stakeholders will be happy to tell you where you can do better, though you may have to encourage some of them to be candid (and sometimes wish that others maybe were not so candid).  Make sure also to ask how your competition is doing.  Ask about your areas of weaknesses and how sales and support are doing.  You may be able to identify ways that technology can help improve your position.  At an even more basic level, ask about your availability and the quality of your communications as well as the timeliness and effectiveness of your responses to questions and problems.  How do your customers prefer to interact with you? While email and voicemail or even online queries might be fine for some, others might want to hear a live human voice (which could be essential to closing a sale). Technology may let you expand without having to add staff, but you will have to make sure you continue to engage your customers in ways that they prefer.
• Move effectively to invest in resources for coordinated support of remote workers.  This really is about smart investing in resources that will help your business achieve its goals.  The key is to move quickly once the initial assessment is complete.  You will not have all the answers, but putting in place the technology will provide the foundation of experience for long-term success.  In addition, as noted earlier, do not be surprised if you see wireless mobile technology used in ways you did not anticipate.  Almost every new technology used by small businesses has delivered benefits that are quite different from (and often much greater than) those included in early ROI calculations.

Essentially, as a small business, you need to look strategically at mobile technology investment but implement tactically.  Start with the immediate need, the one with the most obvious payback, and build from there.  Your adoption plan will likely need constant revision, but at least it will give you a place to start and measure progress. Sound planning, combined with flexibility in technology use, will ensure that investments in smartphones and related mobile support will pay off for your organization.

1. No evidence needed to take your laptop

Border agents do not need any evidence or suspicion of illegal activity to examine a laptop or other electronic device.

Every time you cross the border, customs officials have the right to look at anything in your possession, including the content on your laptop, handheld device, cell phone, USB memory stick and digital cameras, Gurley said. They have the right to both view that information and to download or mirror it if they think it's necessary, she said.

2. Anything can be searched

Everything on an electronic device is open to search. This includes personal photographs, personal banking, any business documents and stored or unopened e-mail, Gurley said.

3. Your PC might not be returned right away

Seized devices may be kept for an indefinite period of time. Carry only a laptop or electronic device you can afford to lose or hand over for an unspecified period of time.

Sensitive data should be sent by e-mail before crossing the border in case the data becomes unavailable if the device is seized, she said.

4. Don't take anything you don't want to share

Don't carry anything on these devices that could potentially embarrass you or that you don't want others to see, Gurley said.

If it's information you don't want to share, don't carry it. That includes data such as personal banking information, photos, correspondence, health and password information. If the device is a company-owned computer, don't carry proprietary business information or personnel records on it, the ACTE advised.

5. Be cooperative

Cooperate with customs officials. Ask for a receipt and a badge number if your computer is seized. Try and get whatever information you can on the reason why it was seized.