April 1st… Meltdown or Joke?

So, tomorrow is the big day – what will Conficker do? Will it be like Y2K where there was a thought that the Internet was going to melt down – but it ultimately turned into ‘just another day’… or will Conficker (aka Downadup and Kido) bring the Internet to a standstill. Of course the answer is that we will have to wait.

We do know that the latest incarnation Conficker-C will ‘change’ tomorrow, it will harden itself against security updates and OS patches and the number of servers it will reach out to will increase from hundreds to thousands, but as to what it will download… who knows. With millions of machines around the world infected it could be used for a massive denial of service attack, or perhaps a spam / phishing one.

You can protect yourself – a good anti-virus / Internet security suite will do the trick (I have Norton on my home machines and, of course we use Symantec on the corporate ones) , and if you are infected, then there is plenty of information as to how to remove it. Conficker has caught the imagination of the press and so there is a lot being written about it, however, there were more pieces of malware created in2008 than in all the preceding years put together… and Conficker is just one of them (well three, but it depends how you count!) Of course, compared to the average nasty, Conficker is smarter, it transforms itself and uses multiple routes to infect the unpatched, unsecured targets.

Sitting here in the UK, we have a small advantage, like with Y2K, we will see the effects in Australia and AsiaPac before it gets to us – and for them its now less than 2 hours to go…

March 31, 2009 | Filed Under security | Leave a Comment 

I’m An Employee… Use My Discount

Police in Florida are looking for ‘Plasma Pat‘ who hangs around outside supermarkets befriending people and offering to buy things for them using his staff discount card. Of course, when they had over the money he makes a swift exit and the customer is left there waiting… and waiting… and waiting.

OK, so this isn’t traditional cyber-fraud, but what would happen if Plasma Pat was borrowing credit cards and PINs in order to ‘buy’ the discounted goods?

Moral of the story… if it sounds too good to be true, it probably is. Don’t hand over your money, let alone a credit card to a stranger who can get you a bargain.

March 26, 2009 | Filed Under Education, data-loss | Leave a Comment 

Blogging

There’s a good article in this months CIO magazine on how to create a successful blog, and while I am in there with some of my thoughts, there are also some other excellent points – which I have made a note of, including from Phil Windleywho has one of the most interesting blogs (it features in my Blogroll).

The article isn’t (as far as I can tell) available on the web yet – so you will have to hunt down a paper copy for now.

March 26, 2009 | Filed Under Education, Miscellaneous | Leave a Comment 

Turn It Off & Save Money

A report released this week shows that UK businesses are wasting £300 million each year by powering idle PCs. I have written before that switching off idle desktops is something we do – and it saves a lot of money. I guess I could have done the maths and figured out a rough number for the whole of the UK – but someone else has done it for me… the good news is that we are the best in Europe… the bad news is that it is only 27% who switch them off. I like comparisons and the one they give is that if we all did it, it would be the equivalent of taking 243,440 cars off the road. Now there’s a number that rings a bell.

So… why not send round an email about the benefits of switching off at night – or you could invest in some software to do it for you.

March 26, 2009 | Filed Under Green IT | Leave a Comment 

ERP In The Cloud…

So, while some CIOs are saying noto the cloud, others are evidently wanting more. Compiere made an announcement for their ERP solution to be cloud based, and if the numbers are true, then the savings could be huge.

Salesforce.com created a shift in the marketplace for CRM – and basically it came down to the fact that most customers could use what they had to offer – so no massive amounts of bespoke tinkering and the result is a cost effective solution. CRM is small compared to ERP, so will ERP work? I think the answer is yes – and what’s more it will bring an industrial strength solution at a price small to medium businesses can afford.

Security and availability will, as with all cloud services, be critical, especially around data security. However, the solution is deployed as ’your own instance’ so many of the co-lo issues disappear or are at least minimized. Most of it is GPL, so the possibility exists of non-proprietary and therefore interoperable solutions existing in the future.

As to whether ERP delivered through the cloud will create a shift in the market for the larger enterprise to move to a cloud based solution… well, salesforce.com has already proved that it is possible.

March 19, 2009 | Filed Under Cloud computing | 1 Comment 

No To Cloud Computing?

In a recent survey, CIOs said no to cloud computing – or at least ‘not yet’. The industry needs to sit up and take notice and address their issues.

Cloud computing will offer benefits to enterprises of all sizes – it will enable an agile IT environment which is not constrained by internal skills and resources. But… only if security, availability are improved to a point where businesses will put their most valuable asset, their data into the cloud. We also need to address interoperability and remove the proprietary roadblocks which are already cropping up.

Sun made their cloud announcement – and while they are taking aim at Amazon’s cloud services, perhaps the most important step is that they have made some of their offerings compatible with Amazon’s. OK, so this is done to try and get people to move to their service, but – the outcome is interoperability and the freedom to choose. Hurray – a step in the right direction.

In the mean time cloud computing ’standards’ bodies are popping up everywhere. As with grid computing standards a decade ago it will take a little while to sort it out – but we will get there. Jericho, DMTF and SNIA all lead the way and those of use who participate in more than one will look at how they can interoperate and not overlap.

We live in interesting times and cloud computing is one of the things, in IT, which makes it interesting.

March 19, 2009 | Filed Under Cloud computing | 1 Comment 

Flexing The BICEPs

In the US there is an organization called the Business for Innovative and Climate and Energy Policy (BICEP). In essence its a group of big household-name companies with more are joining all the time who are now lobbying congress to pass a number of pieces of green legislation, including to reduce greenhouse gas emissions by 2020 to 25% below those in 1990. It’s good to see corporate America pushing for the legislation – and it should be passed because the man at the top is interested in climate change and doing something about it. A grass roots movement pushing for change… but with billion dollar companies.

Of course, actually achieving it will be tougher than talking about it… and by then there may have been another change (or two) on the political front – in the mean time, it would be good to have those same organizations lobby the governments in the other countries they operate in to do the same – and work on making the changes happen. Time will tell…

March 13, 2009 | Filed Under Green IT | Leave a Comment 

We’re #23…

Corporate Responsibility Officer magazine has just published a  list of ‘Best Corporate Citizens‘ and Symantec made it onto the list at #23. The number is made up from various measures, including metrics for environment, climate change, human rights and philanthropy. We have been working hard to ‘green’ our internal systems as well as producing products which can be used to green those of our customers and so it’s nice to have some recognition. I look forward to next year’s results as we try to push higher up the list.

100-best-corporate-citizens

March 13, 2009 | Filed Under Green IT | Leave a Comment 

Is The Internet Doomed?

Bobby Johnson wrote an interesting article on how criminals are attacking some of the fundamental building blocks of the Internet – and unfortunately, this is true, we have seen a variety of cases where attacks have gone after things like DNS servers (big and small) and we have seen denial of service operations almost take whole countries off the net. So the Internet can be used as a serious ‘weapon’ against individuals, companies and countries.

Reputation plays a big part of this, if you cannot guarantee who is on the other end of the wire, then there is a risk. In the all important case of a transaction, the consumer doesn’t know if the company is bona fide and similarly the company doesn’t know if the consumer is. If either isn’t who they say they are then the problems arise. You can take this further with the spread of botnets, spam and malware in general – if people were in control of their computers then many of the problems would be eased – I wouldn’t like to say they will go away, because we have seen how cyber-criminals have changed their tactics over and over to adapt to the ever-changing Internet and the way people use it.

Educating people on Internet security is tough, we still see people click on attachments or dodgy links and the associated virus outbreaks and identity theft. People switch off auto-updates for the OS and applications – which would reduce their risk of exposure because its either inconvenient or they don’t see the point of it. Many changes to the OS and to applications have been done to make it easier for people to use computers – but this same ease of use also makes it easier for criminals as well.

We need to rethink some of the fundamental decisions and design elements for today’s world. Getting security right for all involved is going to be essential to move forwards, we do need to remove all security risk decisions from the consumer in order to improve security. One example to prevent malware from being installed would be to block any / all installs  (and this includes browser plug-ins) unless the application install package has been OK’d by a whitelisting service. If the functionality was built into the OS and the whitelisting service was ‘free’ then it would be possible to prevent malware from being installed. Hey, that would be a start. It seems we (as an industry) need the step change in thinking… and now seems like a good time to do it before the Internet becomes a no-go area, which, frankly, is not a good option.

March 13, 2009 | Filed Under cyber-crime, security | Leave a Comment 

Take Back Your Files… This Cloud Is Closing

I suspect the announcement from HP has raised a few eyebrows across the globe. HP are exiting the consumer storage cloud business – and if you had data stored with them, then you need to copy it back before the cloud disappears at the end of the month.

While you might not consider HP one of the places to store your information, it makes sense, or at least it did. HP laptops and printers are popular with consumers, a trusted brand, so why not store data with them as well? I guess it all comes down to economics, other service providers offer more storage for less cost – and that is what drives the consumer. If the storage is subsidised by advertising revenue then an even better deal is to be had. However, in the long run, I think consumers will want more than this – security (is my stuff being properly looked after) and availability (can I get to my stuff when I want to) will become more important than just cost. Time will tell.

March 6, 2009 | Filed Under Uncategorized | Leave a Comment 

Next Page »