www.3w.com.au has seen it's outsourced IT Contracting Business in Manila grow at 4 times the rate of its traditional Australian Based...
4 hours 53 minutes ago by brucemills on Companies' outsourcing spend to increase
We have relaunched: What's new at ZDNet Asia?
ZDNet / Insight / Hardware / Story
Save your IT infrastructure from becoming the economy's latest victim
Summary
Enterprise infrastructures are only as strong as their weakest links. Consider the area of patch management, involving the monitoring and installation of new patches to prevent virus attacks. This is an area where availability and security go hand in hand.
Events
Microsoft MSDN/Developer Event
25 Mar 2010
One Marina Boulevard, Microsoft Singapore
IT Architect Regional Conference Singapore 2010
20 - 21 Apr 2010
Singapore Management University, Singapore
The Internet Show 2010
21-22 Apr 2010
Suntec Singapore
As cyberterrorism threats move to the forefront, we're becoming increasingly
aware that our best IT defenses may not be good enough. Yet doing more to
prevent cyberterrorism during a slow economy seems impossible to many IT
executives whose budgets are frozen or reduced. Many corporate IT
infrastructures are becoming increasingly compromised and more vulnerable to
cyberattacks. They're choosing between staying up and staying secure. The result
is the same as driving without an insurance policy—an increased chance of
enormous loss.
Security the right way
IT security should be an ongoing process instead of a one-off event. It should be part of a holistic IT environment in which all components (including security technologies) affect the health of the system. But today, many CIOs have shifted their priority to uptime percentages and believe security is a one-time event.
Enterprise infrastructures are only as strong as their weakest links. Consider the area of patch management, involving the monitoring and installation of new patches to prevent virus attacks. This is an area where availability and security go hand in hand. Viruses can, of course, reduce uptime to zero, meaning warding them off should be high on the list of availability priorities. And 80 percent of outages are due to the exploitation of known bugs, including bugs for which patches are available.
But what happens in practice is another matter. CIOs and IT managers, even at highly visible Fortune 500 companies, are making repair decisions on the basis of what they may lose in the short-term by bringing systems down to install new revisions and patches, rather than what they'll lose in the long-term by performing proper software maintenance. They should be assigning dedicated resources to researching current viruses and the antidotes already available, and ensuring that patches are being properly and thoroughly deployed. They should also be investing in redundant systems so downtime is not an issue.
CIOs should take charge
This example points to a larger issue—the responsibility of IT executives to step up to the plate. The CIO's value is in enabling a company to leverage information to support its revenue, profitability, and productivity goals. This means implementing standards-based and reliable security technologies, and not being overly dependent on old systems. Many CIOs have developed a false sense of security and are becoming overly reliant on their firewalls. Any IT executive who believes that a firewall is a simple commodity, requiring limited skills to turn up and solve security requirements, is truly exposing his or her firm to any number of dangers. This is much like a man with a bodyguard who keeps wandering into dangerous territory. Even with a well-trained guard, he is putting himself in greater danger by not considering the full spectrum of potential security hazards.
Given the challenges, how can you mitigate or avoid an attack altogether? On the technological side, consider several short-term options to maximize availability and security at the same time:
Security the right way
IT security should be an ongoing process instead of a one-off event. It should be part of a holistic IT environment in which all components (including security technologies) affect the health of the system. But today, many CIOs have shifted their priority to uptime percentages and believe security is a one-time event.
Enterprise infrastructures are only as strong as their weakest links. Consider the area of patch management, involving the monitoring and installation of new patches to prevent virus attacks. This is an area where availability and security go hand in hand. Viruses can, of course, reduce uptime to zero, meaning warding them off should be high on the list of availability priorities. And 80 percent of outages are due to the exploitation of known bugs, including bugs for which patches are available.
But what happens in practice is another matter. CIOs and IT managers, even at highly visible Fortune 500 companies, are making repair decisions on the basis of what they may lose in the short-term by bringing systems down to install new revisions and patches, rather than what they'll lose in the long-term by performing proper software maintenance. They should be assigning dedicated resources to researching current viruses and the antidotes already available, and ensuring that patches are being properly and thoroughly deployed. They should also be investing in redundant systems so downtime is not an issue.
CIOs should take charge
This example points to a larger issue—the responsibility of IT executives to step up to the plate. The CIO's value is in enabling a company to leverage information to support its revenue, profitability, and productivity goals. This means implementing standards-based and reliable security technologies, and not being overly dependent on old systems. Many CIOs have developed a false sense of security and are becoming overly reliant on their firewalls. Any IT executive who believes that a firewall is a simple commodity, requiring limited skills to turn up and solve security requirements, is truly exposing his or her firm to any number of dangers. This is much like a man with a bodyguard who keeps wandering into dangerous territory. Even with a well-trained guard, he is putting himself in greater danger by not considering the full spectrum of potential security hazards.
Given the challenges, how can you mitigate or avoid an attack altogether? On the technological side, consider several short-term options to maximize availability and security at the same time:
- Practice due diligence, including use of the security features and best practices already integrated within most systems and available from most vendors. These can reduce the known vulnerabilities to which these systems are subject.
- Assign purchasing decisions to the IT department, rather than accounting. IT managers are the only individuals who can truly discriminate between systems and solutions, especially where security issues are involved. Price should be an important differentiator, but not the sole factor in influencing decisions.
- Add a dark Web site. A dark Web site is typically hosted off-site but is only activated under certain circumstances. Hosting off-site eliminates the vulnerability produced by a building casualty. This serves many purposes, including customer relations, public relations, emergency communications, and situational awareness.
- Create virtual systems and security zones. These allow logical partitioning of your IT infrastructure into separate security domains for traffic, policy, and management separation.
- Rely on strategies above and beyond intrusion detection. Although helpful, intrusion detection produces false positives and is subject to human error. When combined with intrusion prevention, however, intrusion detection is more effective and creates a smaller burden on the security management team.
A lock only keeps an honest man honest. CIOs must continually
look over their shoulders to make sure that lock isn't easy to pick. On the
strategic side, continue insisting on a holistic planning process to keep
security virtually airtight. It's very possible to build a well-designed, highly
secure, and continuously available IT infrastructure that addresses budgetary
imperatives. It starts with urging senior management to bring the security of
the IT infrastructure back to the position it once held, a critical priority.
The result is business continuity, for which IT executives will be held
accountable whether their budgets are generous or lean.
Robert C. Norton is founder, executive vice president, and COO of StrategIT, a strategic IT consultancy based in Westwood, MA, with an exclusive focus on the infrastructure.
Transform your business interactions with real-time voice, video and telepresence solutions.
Tech Vendor: Cisco
Tech Vendor: Cisco
ZDNet Asia Live
RT @3wconsulting: Whitepaper from http://3W.com.au "Outsourcing Your IT Requirements to Philippines" now on @zdnetaustralia & @zdnetasia http://ow.ly/1oY9f
5 hours 2 minutes ago by LeesaAT3W on twitter
Whitepaper from http://3W.com.au "Outsourcing Your IT Requirements to Philippines" now on @zdnetaustralia & @zdnetasia http://ow.ly/1oYbA
5 hours 3 minutes ago by itemployment on twitter
Whitepaper from http://3W.com.au "Outsourcing Your IT Requirements to Philippines" now on @zdnetaustralia & @zdnetasia http://ow.ly/1oYbz
5 hours 3 minutes ago by brucemills on twitter
Zdnetasia.com Estimated Worth $178,365 USD. Daily Ad Revenue:$244 USD, Daily Views:81,445 Pages... - http://www.haplog.com/www.zdneta...
14 hours 46 minutes ago by Haplog on twitterrecently estimated website net worth of zdnetasia.com - http://www.haplog.com/www.zdneta...
14 hours 46 minutes ago by haplog on topsyWhen I create an event, I click on an approximate time during the day when I want the event to occur, then I click "edit event detail...
1 day 22 minutes ago by bessellbrowne on Google Calendar gets 'smart' reschedulingipads break alott i had one it broke three times in the month i had it so i got rid of the damn thing id just go for the laptop Top Grade...
1 day 24 minutes ago by bessellbrowne on Report: 'Hundreds of thousands' of iPad preordersThere are a number of websites that still require Internet Explorer to view and IE for Mac Stinks (it is really ies4osx which is the Wind...
1 day 26 minutes ago by bessellbrowne on Microsoft: Only minor tweaks in Windows 7 SP1The receivers don't transmit back to the satellite. Unless there is a phone line attached to the receiver, they don't have any wa...
1 day 28 minutes ago by bessellbrowne on Apple to join the geolocation craze?What to expect from open source Symbian http://is.gd/aPIGL
1 day 43 minutes ago by rebelk0de on topsy"Lead Cognos BI Developer Insurance - Jobs - ZDNet Asia" http://bit.ly/bRcxOG
1 day 23 minutes ago by rhrcognos on topsywhatever little understanding I have we 'll only progress toward end of the world if we use HPCs to lenthen life of human being. Huma...
1 day 35 minutes ago by abhi32002@gmail.com on High computing promises elixir of lifeThanks for the knowledgeable article on SDDs. Allas...when all this reasearch will happen in Indian Universities. Hope the new bill on Fo...
1 day 48 minutes ago by abhi32002@gmail.com on APAC HPC users eye solid-state drivesIt was a good article. This brings a good opportunity for Indian IT firms to come up with new solutions in this field. HPC can become a b...
1 day 6 minutes ago by abhi32002@gmail.com on High computing most-wanted job in AsiaCOL KR DHARMADHIKARY(RETD) its very late to reply the link, but if it is still alive and looking for opportunity, i would like to know th...
1 day 4 minutes ago by deb021280 on Education takes off in rural India, helped by PCsIt was just a matter of time until google was marginalised anyway. I'm afraid this will be forgotten in China very quickly. Still, it...
1 day 8 minutes ago by robinsmith on Report: Google to leave China on April 10
High performance computing (HPC) most-wanted job in Asia http://bit.ly/9vFC3i (via @zdnetasia) #singapore
1 day 20 minutes ago by mySingapore on twitterHe doesn't care if her shoes are of glass, All he wants to see is a huge rack and nice a*s. Sleeping beauty's not awoken by true ...
1 day 37 minutes ago by warlowdavies on One pair of 3D glasses to rule them all
RT @zdnetasia: EMC COO, Pat Gelsinger, on bridging gaps in the organization and its cloud ambitions in Asia. (cont) http://tl.gd/i5jjd
1 day 9 minutes ago by mistymaitimoe on twitter
EMC COO, Pat Gelsinger, on bridging gaps in the organization and its cloud ambitions in Asia. http://bit.ly/9etOZW
1 day 13 minutes ago by zdnetasia on twitter
Asian SMBs need to pay more attention to disaster recovery planning http://bit.ly/bDet08 via @zdnetasia
1 day 29 minutes ago by asiapacsolution on twitterAsian SMBs need to pay more attention to disaster recovery planning http://bit.ly/bDet08
1 day 43 minutes ago by zdnetasia on twitter
[TECH] URL Shorteners slow Web redirection. - http://bit.ly/bySnWK @zdnetasia
2 days 26 minutes ago by danielcktan on twitter
URL shorteners are great but they can slow web redirection & you pray it would never go down http://bit.ly/bySnWK via @zdnetasia
2 days 54 minutes ago by angahsin on twitterTemasek Holdings eyeing tech stocks, indicating optimistic outlook on IT sector. http://bit.ly/aM7VwU
2 days 23 minutes ago by zdnetasia on twitterURL shorteners slow Web redirection. http://bit.ly/bySnWK
2 days 23 minutes ago by zdnetasia on twitterChinese agencies cry foul over Google. http://bit.ly/by6rwV
2 days 30 minutes ago by zdnetasia on twitterall of sg's isps have been practising compulsory invisible proxy for all home subscribers at their backend since many years back alre...
3 days 47 minutes ago by melvinchia on Web filters mean bad news for businessit is not to good for china.
Proactol
IT security insiders rob casinos of $50K http://is.gd/aPIKR
3 days 4 minutes ago by rebelk0de on topsyVery good explanation of JMX
4 days 37 minutes ago by Babith B on Managing applications with JMXThe reaction to a report issued Tuesday by Flurry Analytics managed to completely overlook some interesting news--the Android-based Motorola Droid outsold the original iPhone over the same period of time following their respective launches--to focus instead on the sales numbers for the Nexus One.
4 days 41 minutes ago by lonemavericks on diggsAnother ZTE story....
4 days 43 minutes ago by Moderate Your Greed on Philippines opens bid for final 3G licenseKeep up with ZDNet Asia
Linkedin 
RSS Feeds 
Newsletters 
Twitter Inside ZDNet Asia
Sponsored
The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power
2010 IT Salary & Skills Report
Find out the salary range of IT professionals. Join activeTechPros for free access to the report.
The Internet Show 2010, 21-22 Apr 2010, Singapore
FREE admission for visitors who pre-register online. Register Today!
