Susan Cramm
When downturns hit, budgets are cut. And yet, the IT budget seems remarkably impervious to budget cuts.
There’s many reason it survives. First of all, it’s mostly fixed – the majority of the IT budget is required to keep the lights on. Also, other parts of the business influence IT budget growth, so to cut it back, you have to affect the behavior of the entire leadership team, not just those who reside in IT.
Third, there isn’t much chaff to separate from the wheat. IT costs have been under tight scrutiny in response to the runaway IT spending of the late 90’s. Data centers and call centers have been consolidated, contracts have been renegotiated, and services have been off-shored. Read more…
By Serdar Yegulalp
There’s the danger you know, and then there’s the danger you don’t know.
Most of us are rightfully wary of downloading and running programs that have no pedigree, or of performing day-to-day operations as an administrative user. But with each passing year, new security [1] threats march in to eclipse the old — many of them not getting their share of attention until it’s too late. Read more…
By Eric Lai
It was a startling claim: Like a virtual trail of cookie crumbs, your laptop could be beaming out invisible signals that are attracting intrepid thieves armed with a common $5 gadget.
This alarming scenario comes by way of a press release from security vendor Credant Technologies.
Citing a news report from Jamaica, Credant’s vice president of marketing, Sean Glynn, notes that “low-cost key fob Wi-Fi detectors for under a fiver, and quite sophisticated directional detectors for around the 30 pounds mark … [and could be] used by thieves to detect the presence of an out of sight laptop.”
That’s because newer laptops have a set time — sometimes up to 30 minutes — before they go into sleep mode when the laptop’s lid is closed, Glynn asserts. Read more…
By Thomas Wailgum
Got issues? Enterprise software sure does. That’s according to a new report from Forrester Research’s principal analyst Paul Hamerman, appropriately titled “Enterprise Apps Customers Have Issues.”
What issues, you might ask? Respondents to the 2009 survey on business process and applications pros from 111 enterprises cite their top five:
1. High cost of ownership: 91 percent of respondents said it was a “significant” or “very significant” business problem. “We believe that the concerns related to cost of ownership are primarily due to the installations of on-premises packaged applications, where internal support requirements and vendor maintenance contracts are a significant burden to IT shops, often causing other projects to take the back seat,” Hamerman says. Read more…
To effectively and efficiently control privileged accounts, a combination of adaptive access management components is required:
- Centralized administrative management of user accounts across all servers (both “real” and “virtual”): Centralized administration of user accounts across your diverse server estate ensures that you can monitor and audit which specific user has what type of access on which machine. Centralized management will also facilitate automatic provisioning and rapid disabling of user accounts as needed across the security domain.
- Contextual authentication: Authentication is the first step in any access request process. You must first authenticate that the user is who they say they are before you can authorize the access. Read more…
All computer operating systems require some kind of unrestricted administrative access to enable system management. Security models based on group policies and privileges, overlaid and accumulated through group membership and security principals, as is the case in Microsoft Windows environments, generates one set of challenges. On UNIX and Linux systems, the unrestricted “root” account poses a different and particularly troublesome situation. And similar super user issues can also arise with privileged accounts for database administrators. Read more…
This research describes the evolution of adaptive access control, an emerging concept in identity and access management (IAM). This approach provides a flexible way of managing users’ entitlements and authentication needs that enables enterprises to better address access-related risks and minimize the burden of authentication on users.
Key Findings
- Traditional access control systems have limited or no context awareness, resulting in static authentication and authorization mechanisms that burden administrators and end users.
- Adaptive access control encompasses the use of context awareness and dynamic risk assessment to deliver a more flexible and granular authorization mechanism and to ensure the authentication methods used provide appropriate levels of trust.
- Early forms of context awareness are available in some access control products today, but no consistent, formal method to apply this capability is yet available. Read more…
By all accounts, Red Hat is the undisputed leader in enterprise Linux, but Ubuntu is proving its up to the challenge. Is it time to evaluate Ubuntu in your enterprise?
Like many of you, I haven’t given the Linux market too much thought beyond Red Hat Enterprise Linux (RHEL) being the leaders and Novell Suse running a distant second. Last May, while reading the Eclipse Survey 2009 results (see the chart below), I came across two very interesting pieces of data about Linux adoption that made me reconsider this point of view. Read more…
By Jon Brodkin
With 170,000 customers, including every member of the Fortune 100, you might think VMware’s toughest task is stocking enough paper to print up new customer contracts. But the industry’s biggest x86 virtualization vendor is facing a strong challenge from Microsoft, which is enticing IT executives with Hyper-V, an alternative that may not be quite as sophisticated as VMware but is less expensive. Read more…
By Bill Snyder
Batten down the security hatches. Hackers are poisoning social networking sites, particularly Facebook, and loosely regulated app stores like the Google Android marketplace, with increasing ferocity. A new study by security vendor AVG found that poisoned URLs posted on Facebook soared by 200 percent in February (compared to the previous month) after increasing by 300 percent in January. (AVG derived its statistics by analyzing URLs blocked by its software.) Read more…
