Subscribe to the RSS feed

Oh, sure, you may be a high flying enterprise architect, DBA, infrastructure engineer, or coder, but your friends and family all think: you work in IT. You love IT. And, "you must want to take care of my consumer grade tech needs because you love IT so much." Riiiight. How can you satisfy them and still have time for summer fun?

Comments(1)

I chatted up a group of IT pros running full tilt towards virtualization. They all seemed to have left their management hats at home... How 'bout you? We'd love to get your view on VM management.

Comment on this blog entry

For large enterprises, the procurement of IT hardware, software, and services is in desperate need of an overhaul. Federal CIO Vivek Kundra would like to see the GSA provide a central location for ordering these services, and eventually to move its IT procurement processes away from schedules and toward what he calls a "storefront" model.

Comments(2)

It’s time to think differently. Mike Fratto, lead Analyst at InformationWeek Analytics, has a new report on improving delivery of applications by leveraging performance tools and appliances.

He does a great job digging into the challenges of managing application performance across a wide range of organizations. The report is based upon a survey of 267 tech folks across the US.

Comment on this blog entry

I ran my local chamber of commerce's 5k this past Friday. Total time elapsed from leaving the office to going home: 90 minutes. Previous experience showed that I could change, travel, then run the same course on my own with half the total elapsed time: 45 minutes. Many participants of a large IT project would be seriously ticked off at a 200% inefficiency; but that would be silly.

Comment on this blog entry

Finjan's most recent Cybercrime Intelligence report pulls the covers off a clandestine, underground network of buyers and sellers of a new and valuable commodity, your spyware infected computer! Read on for the details.

Comment on this blog entry

Back when I did a lot of security work, we used to joke around that single sign on should be called "single vulnerability". Maybe single provider cloud models should be called "single point of failure".

Comment on this blog entry

It's ironic that I had made the decision to totally abandon the Palm platform just as the Pre was announced. For me, Palm's efforts were just too little, too late. I had put up with the complete lack of updates, the poor memory management, the frequent crashes. the fleeing developers, and hung on in desperate hope that a real platform might emerge. But finally, Palm, I started seeing other people. And it's working out fine, thank you, and I don't want to get back together.

Comment on this blog entry

Sometimes you just have to accept defeat. Such was the case for a friend of mine who recently spent a great deal of time pondering how a corporate rival always seemed to be a step ahead, knowing things he shouldn't have known and one-upping him at almost every turn. This friend asked me to drop by and scan his PC, and guess what I found........

Comments(1)

More than ever, IT managers are tuned in to change management and handling the consequences of bad changes. But IT managers would do well to remember two maxims: He who shoots the bearer of bad news will quickly join the ranks of the uninformed. And, those who do nothing are also likely to break nothing.

Comment on this blog entry

Business Services are key to a successful mobile strategy.

Comment on this blog entry

In the wake of the terrorist attacks on September 11, 2001, law enforcement and national security establishments determined that traditional information sharing methods among public safety, intelligence, and emergency management agencies no longer met the information needs of those communities. Thus was born the concept of a Fusion Center.

Comment on this blog entry

The IEEE-ISTO (International Standards and Technology Organization) held its first conference on product certification and conformance at their IEEE headquarters in New Jersey. The goal of the IEEE Conformity Assessment Program (ICAP) is to provide support to other IEEE standards groups, test labs, and industry groups in developing conformance tests. It’s a first step on a long road for the ICAP.

Comment on this blog entry

Our exclusive InformationWeek survey shows that IT and executives are on the same page when it comes to information security threats, policies and more.

Comment on this blog entry

Whatever side of the fence you're on about supporting the iPhone in the Enterprise, you're probably going to have to do it eventually. The question is, can you appease your users and keep your data safe simultaneously? There might be a middle ground to be found.

Comments(1)

That's just one of the questions InformationWeek Analytics is looking to answer with our first-ever "Wireless Nation" report. Security and compliance are also high on our coverage list.

Comment on this blog entry

That's just one of the questions InformationWeek Analytics is looking to answer with our first-ever "Wireless Nation" report. Security and compliance are also high on our coverage list.

Comment on this blog entry

Yes, I'm still sifting through data for our upcoming InformationWeek Analytics Service Assurance report, and here's tonight's bit of data magic for your consideration: IT organizations that collect customer feedback on a regular basis are also more likely to use automation tools to ensure consistent quality deployments for their organizations. My question for the studio audience is, "why?"

Comment on this blog entry

I just finished a panel discussion on the future of the data center with leaders from all four companies, and while they disagree on some practices, there was unanimous agreement that now is a good time to be consolidating servers, networking, storage, and even data centers.

Comment on this blog entry

If networking is cool at Interop, then testing, the red-headed stepchild of networking, is going to make itself known. Factors like data center consolidation and virtualization are changing the demands made of the network for more resilient, low latency and high speed capacity.

Comment on this blog entry

If you didn't know IBM was in the "game" business, don't feel bad -- I didn't know either. But I wanted to find out everything I could about IBM's BPM Simulator -- Innov8 from Phaedra Boinodiris, the Serious Games Program Manager in IBM's Software Group.

Comment on this blog entry

What exactly is IBM's BPM BlueWorks? At IBM's IMPACT 2009, Dr. Angel Luis Diaz and I talked about BPM working in the cloud and how he sees Business Event Processing (BEP) differ from traditional Complex Event Processing (CEP).

Comment on this blog entry

Scott Hebner, Marketing and Strategy Vice President for IBM's Rational Software talks about Rational's transformation during the last six years and its role in SOA and Cloud Computing.

Comment on this blog entry

Talking about cloud computing and real-time BI via complex event processing (CEP) with Tom Rosamilia, General Manager of the Application & Integration Middleware Division in the IBM Software Group at IBM's IMPACT 2009 conference.

Comment on this blog entry

Brady Orand's new book, Foundations of IT Service Management is a self-described unofficial guide to the ITIL v3 foundations course. It's definitely written as an exam prep guide -- it's peppered with reminders about what will or won't be on The Big Exam -- but it also got me to musing about what type of technical preparation guides you want your staff using: one with, or without an extra-vitaminy-dose of the right service attitude?

Comments(1)

Talking Web 2.0, how IBM's WebSphere Cloudburst appliance came about and mobile computing with Sandy Carter, IBM's Vice President of SOA, BPM and WebSphere Marketing at IBM's IMPACT 2009 conference.

Comment on this blog entry

True security geeks love to one-up each other. In much the same way that Chloe O'Brian one-upped Janeane Garofalo's character, Janis Gold, on 24 last night, I just out-dueled a fellow security pro. Have you ever played a game of hacker chess? If you can find someone you trust to play with, you could be saving your job by engaging in this high-stakes exercise, because it's not a game at all, it's a simple penetration-testing exercise that should be a routine part of your monthly to-do list. Read on to find out how I checkmated my enemy.

Comment on this blog entry

I just had an interesting data moment. I'm at work on a research report about service assurance. Isn't that what everybody does on Mother's day?

Comment on this blog entry

In an economic downturn, it makes more sense than ever to carefully guard your organization's resources. The value proposition of PPM (Project Portfolio Management), which is the project management equivalent of ERP, has never been more compelling. And, if my own experience and that of my peers is any indication, IT managers are getting more sales calls than ever from PPM tool vendors.

Comments(3)

I experienced what felt like a death in the family recently when my own laptop was stolen right from my office, along with all of my work, personal financial data, and most importantly to me, family photos. Being a security analyst, I felt a sense of complicity for not being better prepared for this eventuality. Don't let what happened to me happen to you. You can fight back, and on the cheap...read on.

Comments(5)

With a packed house of over 5,400 attendees, IBM's IMPACT 2009 conference officially kicked off this morning.

Comments(1)

Is Windows 7 with XP on its back going to be your next corporate desktop? How about XP-in-a-can, delivered, somehow, to the device of your choice?

Comment on this blog entry

So let’s say you could get senior representatives from Cisco, Brocade, Juniper and Riverbed in a room, and could ask them anything you want to. What would you ask?

Comment on this blog entry

What is special about a virtual computer—a VM? It’s a computer in a file. That’s it. It’s just a computer stored in a file with similar foibles and management issues as a physical computer. So why do some people invest virtual computers some magical transformative powers? Do they not understand what a virtual computer is?

Comment on this blog entry

HP ProCurve announced a new module for their ProCurve 8212 and 5400 modular switches. The Threat Management Module offers firewall, VPN, and IPS functions simultaneously on the switch backplane which is unlike Cisco’s approach with the Catalyst 6500 requiring separate security modules firewall, VPN, and IPS. The cost, however, is lower performance per module. ProCurve needs to increase module performance to make it a replacement for appliances.

Comments(2)

IBM and Brocade jointly announced that Big Blue will be selling Brocade network switches branded as IBM Ethernet switches. The agreement extends the existing IBM/Brocade OEM deal for SAN equipment. A lot of people will see this as a reaction to Cisco's UCS launch, but according to IBM, nothing is further from the truth. I think it pits IBM against HP.

Comment on this blog entry

Sure, much of our audience is thinking "Seriously dude? You're bumming me out. I've been working for a few hours and I almost have my iPhone virtualized. I'm gonna have, like, three iPhones running on one phone." But if you're one of the select few who sees the real future of virtualization, have I got a survey for you.

Comments(1)

An intriguing idea, isn’t it? Outlandish, you say? Maybe, maybe not. The fight for the data center is on. Brocade acquired Foundry solidifying the storage giant in the data center. HP ProCurve's One program forms a solid partnership to round out data center components. Oracle's acquisition of Sun gives Oracle data center hardware and software as well as Java, Sun’s virtualization platform, and their identity management software. Cisco buying EMC makes sense.

Comment on this blog entry

Verizon Business' most recent 2009 Data Breach Investigations Report is a must-read report if you're involved in IT. The authors are quick to point out that the report is not a "state of security" report, but an analysis of breaches from Verizon Business' Risk Team and therefore based on in-the-field findings. The report winds up with recommendations. How many is your company following?

Comments(6)

I am one of those people who believes in universal access. I think it is desirable for those of us living in urban/suburban areas to subsidize telecommunications to rural areas. Subsidies help build out and maintain our telephone network resulting in a net benefit. So subsidizing broadband roll-outs with government funds a good as well. Too bad Time Warner and others are trying to strong arm the FCC into supporting a tacit monopoly with public funds.

Comments(2)

If it's spring, it must be InformationWeek's Annual Security Survey, where we gather and analyze changes in security practices. Please join the 40,000 security professionals, IT staff, and managers who have participated in this landmark survey in recent years.

Comment on this blog entry

The last two weeks have brought us two different attack vectors affecting servers and PC’s alike. First Invisible Things Lab’s Joanna Rutkowska and Rafal Wojtczuk presented the details of an attack on Intel's System Management Module which lets the malware do whatever it wants and effectively hides from everything else. Meanwhile, Anibal Sacco and Alfredo Ortega presented an attack that subverts the BIOS at CanSecWest. Can it get any worse?

Comment on this blog entry

Network connections have been getting faster over time and, correspondingly, applications have been keeping pace by getting fatter. Add in the changes in how applications are delivered as Web applications, hosted applications, and virtual desktops, application performance is becoming increasingly important. We want to get your thoughts on application delivery. Please take a few moments to fill out our InformationWeek Analytics Application Delivery Survey before end of day on Wednesday.

Comment on this blog entry

There's a spirited discussion going on among our technology editors over data loss prevention (DLP) technologies. Is DLP the new NAC? Sure, it's expensive, but could this keep data from walking out on thumb drives? Could we finally put a lid on the insider threat?

Comment on this blog entry

In "DNSSEC: Forgetting The User, Again," I opined about why users should be notified about signed vs. unsigned DNS responses. Dan Kaminsky, a security researcher with IOActive, and I got into a quick conversation about DNSSEC, SSL, and trust on the Internet. Kaminsky had some interesting thoughts on distributing trust.

Comment on this blog entry

Citrix just upped the ante on VMWare and Microsoft with its recent announcement that XenServer Enterprise, along with many of its high-availability features, will be given away for free. We caught up with Citrix CTO Simon Crosby to get his take on the new Citrix server virtualization strategy. Read on to hear what he had to say.

Comment on this blog entry

Cisco's Unified Computing announcements last week provided a lot of ammo for friends and foes. On the up side, it's hard to argue with the message that existing server, storage and networking architectures render a virtualized data center hard to manage.

Comment on this blog entry

This week I spent some time at the Boston Source Conference, attending Christopher Hoff's balanced discussion of cloud computing security and Jeremiah Grossman’s take on making money the black hat way, among other sessions. Great quality content, well worth the time, and I’ll never look at online banking the same way. This "a little knowledge equals a lot of fear" syndrome isn't new for me -- for years, I've edited security experts like Mike Fratto and Greg Shipley. But Source drove home just how wide the gap has gotten between those who know what goes bump in the dark reaches of the Internet, and everyone else.

Comment on this blog entry

As curator of the SOA Center blog site, Software AG's Miko Matsumura recently renamed his site the Whatever-You-Want-To-Call-It Center in reaction to Anne Thomas Manes declaration that SOA is dead. Hoping to emulate the success formula of the Artist Formerly Known As Prince (who is now known again as Prince), Miko wants to replace the devalued "SOA" moniker with a symbol, perhaps a "W" shape (for "Whatever") similar to the singer/songwriter’s unpronounceable symbol [usually spelled out as O(+>)]. In an interview this week with InformationWeek senior editor Roger Smith, Miko said he are also amenable to the acronym AFKAS, which is short for the "Architecture Formerly Known As SOA."

Comment on this blog entry

Web application security is of particular importance because so much of our digital life is spent interacting with Web applications. Lori MacVittie, technical marketing manager with F5 and former Network Computing senior technology editor, has spent years kicking the question of where application security belongs -- in the network or the application -- back and forth. But I want to draw a line in the sand: Don't depend on Web application firewalls to fix your software problems.

Comments(5)