Read All About It

The government is to review the way they handle data loss incidents, well the good news is that there is a great book coming out that can help. OK, so it’s a book I’m co-authoring with a colleague, Data Leaks For Dummies,  and it is aimed at anyone who handles sensitive or confidential data. It will be published in February 2009, but available for pre-order from Amazon today.

September 29, 2008 | Filed Under announcements, data-loss | Leave a Comment 

A Meeting Of Minds

So next week is our annual engineering conference, CuttingEdge 2008. I’ll be there along with 400 other engineers to discuss - well just about anything. My sessions include ‘When backup meets archive’ and ’The future of IT in business’. We also have guest speakers from customers, partners and a scientist from CERN. Probably the highlight for me will be the demo area where latest products and research projects are shown off and discussed at length - so, why am I telling you this, well, the other highlight this year is the inclusion of some press people. They won’t be allowed in all the sessions, but they will see a little bit of what happens behind the scenes in our engineering and research groups and some of the cool stuff we are working on.

So, if you happen to be in downtown Salt Lake City next week and you hear people getting overly excited about storage, availability and security - that will be us. Coming up with Symantec’s next generation of products and putting the world to rights.

September 29, 2008 | Filed Under Speaking | Leave a Comment 

Time For Encryption - Everywhere

With the news that three hard disks have been stolen and the details of 50,000 people put at risk, perhaps it is now time to look at encryption everywhere. We know that full disk encryption is great in laptops, but what happens when desktops are stolen or when datacentres have been raided and servers stolen and even a disk array taken. What happens then? Well, it is back to the apologies and the ‘we must do something about it’ and the other excuses… if this is the case, and it is… we should act now and put encryption everywhere, prevent the disasters before they happen.

September 29, 2008 | Filed Under Information Policy, data-loss | Leave a Comment 

See You In The Hague

Symantec’s user conference Vision combined with Altiris’ user conference Manage Fusion makes its way to EMEA from October 7-9 at the World Forum Convention Centre in The Hague. Lots of good sessions, with some great sessions from Symantec experts as well as our customers. If you’re coming along give me a shout, it would be good to meet some of my readers face-to-face.

September 29, 2008 | Filed Under Speaking, announcements | Leave a Comment 

Think Of A Number… Any Number…

Just make sure you can’t find it on the Internet, or rather that it can’t be associated with you. Oh, and by the way, make sure other questions you use to validate who you are, are not on the Internet either. Sarah Palin had her email account broken into and the contents spread across the unforgiving web. The hack was allegedly done by either guessing the password resetting the password and in order to reset the password another piece of information was required, in this case where she had met her husband… information that could be found on the web.

Most banks rely on things like your Mother’s maiden name as a proof of identity, but now you can easily find that on the web. In an age where people like to tell all on social networking sites from favourite films to names of first pets, it seems no ’secret’ fact is a secret any more - unless you want it to be. So when it comes to deciding on security questions, have a thought for what is already out there and readily found.

September 24, 2008 | Filed Under security | Leave a Comment 

A Little Somthing For The Weekend?

It emerged that one of the BBC’s email lists has been exploited and all the recipients have been targeted with spam, in particular anti-impotence drugs. While the article starts out claiming hackers were at the heart of the matter, the reality was that the email was forwarded to the list, hence it was really the BBC who were spamming their own customers.

Several things can be learned from this incident…

1) Email lists are particularly dangerous when it comes to ‘The Wrong Dave‘ type of incidents.

2) People while the biggest asset can also be the weakest link.

3) People still read spam - and even forward it on!

Once more it should be awareness to the rescue. Inform people about the real threat of spam, not that it is annoying but that most of it is just a front to either get you to give your bank account details to the cyber-criminals or to get you to click on a link, which then infects your machine with a keylogger or other Trojan to… get your bank account details and your passwords and to generally make like miserable while it is sorted out.

Spam… come on now, you know what it looks like, just delete it.

September 22, 2008 | Filed Under Spam | Leave a Comment 

How Much Data Do You Have At Home?

Tivo released a new version of their product this week - this one with a terabyte of storage. It seems pretty incredible really, but by the time you add up all the storage in the home today (hard disk recorders, digital cameras and frames, laptops, desktops, USB drives, iPods, the list continues…) we are rapidly approaching the amount a small to medium sized business has! And its all so cheap… I bought another 1/2 TB today for home, for a measly £50. OK, so I am probably more paranoid than most when it comes to backup, but it is so much cheaper to buy a new drive than it is to figure out what it is I can delete.

Businesses suffer from the same problem, but there are tools and products around to make it simpler to reduce the amount of duplicated content. Single Instance Storage is the way to go for business… I look forward to it arriving in the home.

September 18, 2008 | Filed Under Storage | 3 Comments 

Who’s Afraid Of The Big Bad Cyber-Criminal?

Well according to one survey, 9 out of 10 CIOs and CSOs! It’s great that finally the people who can make changes are starting to take notice - of course whether they will is altogether a different matter. After all we are several years on from the first ‘big’ data breach - the US Veterans Association lost 26.5 million personal records back in 2006 and seldom more than a few days goes by without another data loss / leak / breach story making the news… more than 200m records have been lost in the last 12 months - surely now is the time for action. Data loss, at present, is not a matter of ‘if’ but ‘when’.

September 11, 2008 | Filed Under data-loss | Leave a Comment 

Head In The Clouds… A Few Questions To Ask…

If you are considering putting your information into the cloud then you should ask a few ‘hard’ questions before you trust your business to someone else. Here are five plus one to get you started…

1) How are you going to protect my information? What is their Information Protection Policy? (After all you don’t want them to sell a server on eBay and throw in your data for free, Lose a DC ROM in the post or leave a laptop in a restaurant…)

2) Who has access to my data? Just how many people can see it, copy it… lose it…

3) What are you doing about system availability? What is the time to recover after an outage? How much data will I lose? (What are the Recovery Time Objectives and the Recovery Point Objectives?) Is there a second data centre where you can automatically move the application and data to?

4) How do you monitor performance? Hopefully end-to-end rather than just server uptime… what if the network is down?

5) Do you have alternative network and power connections?

And finally… How easy is it for me to migrate my data somewhere else? This is the one that is hard to ask (after all it sounds like you might run to a competitor at any minute) but is essential. While you have a lot of choice of vendors to start with, you don’t want to be locked in - so it needs to be easy to migrate your information (and applications) elsewhere.

September 11, 2008 | Filed Under Cloud computing, Information Policy | Leave a Comment 

One Small Memory Stick… £1.5M…

The government today cancelled the contract with the 3rd party who lost data on a memory stick. The cost of the contract… £1.5m. They are also reviewing other contracts held with that company so it could end up costing them a lot more - not to mention the contracts they won’t get in the future because of the error. However, I hope that the government hasn’t also given up the rights to sue them, should they be sued for having lost the data.

The good news about this, is that somebody actually did something. This wasn’t a case of ‘opps there goes some data - oh well, tomorrow is another day’, this actually came to something. Of course, someone else has to be found to do the work (and what’s the betting that in the contract there will be small print to say that they are not liable to lost information, or some other weasly words), but perhaps this will make contractors sit up and notice - and protect the information that is entrusted to them.

In the mean time… what do your suppliers, contractors and partners do with your information? Lose it on memory sticks, allow staff to copy it onto iPods, sell servers with it on, on eBay… perhaps its time to find out?

September 10, 2008 | Filed Under data-loss | Leave a Comment 

Next Page »