IT NCM Center

BOSTON — Federal dollars being pumped into grant programs to spur students to enter IT careers in the health care industry should help to create between 45,000 and 50,000 jobs over the next five years, a top federal health official said on Thursday. Read more…

Robert L. Mitchell

E-mail is the third rail of enterprise IT operations. You can mess up elsewhere, but bring down people’s e-mail and you’ll start getting irate calls literally in seconds.

Manesh Patel knows those risks well, but that didn’t stop the senior vice president and CIO at Sanmina-SCI Corp. from stepping off the Microsoft Outlook/Exchange platform and moving the company’s 16,000 users into Google’s cloud — thereby running the risk of interrupting users’ e-mail, even if just temporarily, in the process. The cost savings were simply too good to pass up. Read more…

written by: Jeffrey Wolf & Bazi Kanani

DENVER – It can list your address, a picture of your home, how much it cost, how long you have lived there, your approximate age and income, your relationship status and more. And it is online for anyone to see.

Spokeo.com takes information from social networking sites like Facebook and Twitter, and from phone books, marketing surveys and real estate listings to create a profile on you without asking. Read more…

Juan Carlos Perez

Google has stopped censoring results in China, acting on a decision it made in January.

On Monday, Google stopped censoring Google Search, Google News and Google Images on Google.cn, according to a blog post from Chief Legal Officer David Drummond.

“Users visiting Google.cn are now being redirected to Google.com.hk, where we are offering uncensored search in simplified Chinese, specifically designed for users in mainland China and delivered via our servers in Hong Kong,” he wrote. Read more…

Susan Cramm

When downturns hit, budgets are cut. And yet, the IT budget seems remarkably impervious to budget cuts.

There’s many reason it survives. First of all, it’s mostly fixed – the majority of the IT budget is required to keep the lights on. Also, other parts of the business influence IT budget growth, so to cut it back, you have to affect the behavior of the entire leadership team, not just those who reside in IT.

Third, there isn’t much chaff to separate from the wheat. IT costs have been under tight scrutiny in response to the runaway IT spending of the late 90′s. Data centers and call centers have been consolidated, contracts have been renegotiated, and services have been off-shored. Read more…

By Serdar Yegulalp

There’s the danger you know, and then there’s the danger you don’t know.

Most of us are rightfully wary of downloading and running programs that have no pedigree, or of performing day-to-day operations as an administrative user. But with each passing year, new security [1] threats march in to eclipse the old — many of them not getting their share of attention until it’s too late. Read more…

By Eric Lai

It was a startling claim: Like a virtual trail of cookie crumbs, your laptop could be beaming out invisible signals that are attracting intrepid thieves armed with a common $5 gadget.

This alarming scenario comes by way of a press release from security vendor Credant Technologies.

Citing a news report from Jamaica, Credant’s vice president of marketing, Sean Glynn, notes that “low-cost key fob Wi-Fi detectors for under a fiver, and quite sophisticated directional detectors for around the 30 pounds mark … [and could be] used by thieves to detect the presence of an out of sight laptop.”

That’s because newer laptops have a set time — sometimes up to 30 minutes — before they go into sleep mode when the laptop’s lid is closed, Glynn asserts. Read more…

To effectively and efficiently control privileged accounts, a combination of adaptive access management components is required:

• Centralized administrative management of user accounts across all servers (both “real” and “virtual”): Centralized administration of user accounts across your diverse server estate ensures that you can monitor and audit which specific user has what type of access on which machine. Centralized management will also facilitate automatic provisioning and rapid disabling of user accounts as needed across the security domain.
• Contextual authentication: Authentication is the first step in any access request process. You must first authenticate that the user is who they say they are before you can authorize the access. Read more…

All computer operating systems require some kind of unrestricted administrative access to enable system management. Security models based on group policies and privileges, overlaid and accumulated through group membership and security principals, as is the case in Microsoft Windows environments, generates one set of challenges. On UNIX and Linux systems, the unrestricted “root” account poses a different and particularly troublesome situation. And similar super user issues can also arise with privileged accounts for database administrators. Read more…

This research describes the evolution of adaptive access control, an emerging concept in identity and access management (IAM). This approach provides a flexible way of managing users’ entitlements and authentication needs that enables enterprises to better address access-related risks and minimize the burden of authentication on users.

• Traditional access control systems have limited or no context awareness, resulting in static authentication and authorization mechanisms that burden administrators and end users.
• Adaptive access control encompasses the use of context awareness and dynamic risk assessment to deliver a more flexible and granular authorization mechanism and to ensure the authentication methods used provide appropriate levels of trust.
• Early forms of context awareness are available in some access control products today, but no consistent, formal method to apply this capability is yet available. Read more…