Mobile Device Security Reality

You've heard the same things I have: "You can't control mobile device proliferation." "Most large organizations are being forced to create BYOD programs." "You need to let new employees work with their own devices and use social networking sites if you want to recruit them."

Topics: Information and Risk Management endpoint Security and Privacy BYOD mobile device consumerization of IT

HP and the Cloud

I went to an HP Cloud analyst type event yesterday, under NDA of course, so let me tell you some stuff!

Topics: Cloud Computing IT Infrastructure Private Cloud Infrastructure HP Compute

Getting Hit By a Fire Hose

The more I examine the Social Enterprise, especially socially enabled enterprise applications, the more I feel the pain of the average user. Using socially enabled applications is a bit like walking through what you think is a sprinkler and suddenly realizing it's a fire hose. Many enterprise social solutions are so jam packed with every imaginable social communication and collaboration tool, which are attached to all the entities in a system, that it is easy to become overwhelmed. Users are asking themselves "Which feature should I use?" and "Where does it make sense to use it?" There are pockets of users that are trying out everything but there are more people that are disregarding social tools altogether. It's too much of a good thing.

Topics: Social Enterprise

Happy World Backup Day (early)

Topics: Backup Information and Risk Management disaster recovery BC/DR (business continuity/disaster recovery)

Drowning in Big Data?

This week, the Wall Street Journal published an article entitled 'Drowning in Email, Photos, Files? Hoarding Goes Digital'. How could I not be intrigued by the fact that this particular article wasn't in the business or technology section, but rather the personal journal section under 'Health & Wellness' right below an article on how horrible a tick season we will be facing!

Topics: Big Data Data Management & Analytics Data Management cloud storage Archiving

Who do you love? Nasuni.

Time for some success stories.

Topics: Data Management & Analytics Nasuni e-Discovery

Storage Performance Cruise Control for Virtual Server Environments

This latest ESG Lab report documents how NexGen Storage combines the performance advantages of low-latency RAM and PCIe SSD with cost-effective high-capacity disk drives to create a storage solution that's ideally suited for mixed workloads and consolidated virtual server environments. Multi-phase data reduction and storage performance QoS (Cruise Control for Storage) delivers the performance that's needed, when and where it's needed, at a cost that's comparable with a traditional disk array.

Topics: Storage IT Infrastructure Private Cloud Infrastructure Compute ESG Lab NexGen Storage

How Will SDN and OpenFlow Impact Your Network? Find Out at ONS

While OpenFlow and Software Defined Networking (SDN) are gaining traction in large telco and cloud service providers, many networking teams are still unsure of these technologies and how they will impact their environment. This is supported by recent ESG research that indicated a low familiarity with Open Flow technology-less than 1/3rd of respondents were familiar with it. Given its relatively short time in the market, that probably is not a surprise to many of you.

Topics: IT Infrastructure Networking software-defined networking SDN OpenFlow

Consumerization of IT Video

Topics: IT Infrastructure Networking consumerization of IT

Predictive Coding on Trial: Knives Out

Have you been following the Da Silva proceedings? It's turning into a real soap opera. Allegations of back-scratching all the way to the top, forced hands, the e-discovery digerati colluding to pervert justice. Juicy stuff.

Topics: Enterprise Software

Market Dynamics - Understanding The World We Live In

Whether you are a buyer of IT stuff or a vendor trying to build and sell IT stuff, you should pay attention to this lesson. Understanding "market" state and function will help you better understand what you can expect to deal with in your quest - regardless of what that quest is.

Topics: Storage IT Infrastructure Data Domain CommVault Isilon Compellent

Socializing Big Data Application Development

Between EMC's announcement of the Pivotal Labs acquisition and the incredible presentations so far at GigaOm's Structure Big Data conference in NYC, there is a strong continuing theme with Big Data this week (one that I am a strong advocate of): it is all about the apps and the people who use them.

Topics: EMC Big Data Data Management & Analytics Hadoop Big Data Analytics Greenplum

Anticipating the Open Networking Summit

We are a few weeks away from the Open Networking Summit (www.opennetsummit.org) which will be held in Santa Clara April 16 through 18.

Topics: IBM Cisco IT Infrastructure VMware Networking Juniper HP ONS openstack BigSwitch SDN Verizon Nicira NEC VXLAN OpenFlow NTT QFabric Arista Networks

Please Read Every Word of This

We are all assaulted by written information--not just emails and texts, but road signs and magazines and even that scrolling news bar that runs under seemingly half or more of all the TV stations. Add blogs (yes, blogs!) and paperwork and it's hard to know what to read and what to "assume" or ignore. So I was doubly interested in a news item that I saw recently ... it was quoted in The Week of 3/16/12 and sourced from TheAtlantic.com; it went as follows:

Topics: IT Infrastructure

Mercury is in Retrograde, Are You Prepared?

Time for a change of pace. Many years back, a CIO I knew claimed that when Mercury goes into retrograde, every electronic device in the company goes haywire. She said she had proof Mercury impacts electronic devices--she witnessed the pattern time after time. I just found out Mercury went into retrograde March 12 and will be in that state until April 4--and yes, I have seen strange tech issues for the past week, more than usual, from my home copier telling me it had the wrong print head installed to my iPad randomly shutting down. Anyone else? Here are some survival tips I found on Yahoo! http://shine.yahoo.com/life-made-easy/mercury-retrograde-survival-guide-155500286.html

Cybersecurity Bill Soap Opera

It's been about a month since I last blogged about cybersecurity legislation, so here's a brief review of where we stand.

Topics: Cybersecurity Information and Risk Management Security and Privacy APT advanced persistent threat president obama senator joseph lieberman

It's Time for an Enterprise Encryption Strategy

A few years ago, I began writing and talking about data encryption management problems on the horizon. I was right about the issues, but a bit aggressive on the timing. Based on what I'm seeing lately, however, the encryption management sky may finally be falling (or at least starting to fall).

Topics: Information and Risk Management Security and Privacy Vormetric Symantec CISO Intel NIST encryption

IT's Consumerization Compliance Conundrum

Special thanks to Terri McClure for coming up with this one.

Topics: Information and Risk Management Security and Privacy Amazon Box Dropbox

Predictive Coding Defensibility: the Devil in the Details

David Kessler of Fulbright and Jaworski weighed in on Judge Peck's recent predictive coding opinion this week, with the conclusion that a defensible process is key to the bench, not the particular technology used:

In short, the key takeaway here is not simply that Judge Peck approved the use of technology assisted review. While a precedent has now been set for the use of computer assisted review technology, the Opinion itself actually spends very little time discussing the specific technology selected by the parties. Judge Peck does, however, spend more than 25 pages discussing the process that the parties' attorneys applied to the use of the technology in this matter, going so far as to attach another 25 pages worth of protocol agreed to by the parties for the technology's use in this case. It appears that to this court, it is the process that is key, not the particular technology standing alone. Without a defensible, supportable, and explainable process, technology assisted review is no better and probably less defensible than other review approaches. As Judge Peck concludes: "As with keywords or any other technological solution to ediscovery, counsel must design an appropriate process, including use of available technology, with appropriate quality control testing, to review and produce relevant ESI while adhering to Rule 1 and Rule 26(b )(2)(C) proportionality." Opinion at 25-26.

I've bolded the "pull quote" for me. Remember that the initial approach on this case suggested by one of the parties was thrown out by Judge Peck as indefensible (judicial-coup-for-computer-assisted-review/index.html">as I discussed in my last post), since it would have missed too many potentially responsive items by only including the first 40,000. Judge Peck's opinion is being heralded as a "game-changer"--will the next inevitable step toward acceptance be adversaries' attempts at "gaming" discovery with their predictive coding process?

Which brings me to the importance of sampling. It's interesting: one predictive coding power-user I spoke to recently said he actually thought the random statistical sampling technology being built into many review tools was more significant and useful in his review projects than the predictive coding capabilities themselves. Another agreed that sampling was critical, but criticized the methods used by his particular tool, saying his quants had calculated mathematically that it required an overly broad sample. I've heard yet another argument that statistical sampling is insufficient--that samples should be weighted and constructed as "representative" of the rest of the document corpus, depending on the data contents.

I suspect these debates are just gearing up. It's not a matter of whether predictive coding is theoretically defensible anymore, but how you're using it and how effective and defensible it will be. Will predictive coding now go from the boogeyman of "automating attorneys" to becoming just a more quantitative stick to beat litigants over the head with? Maybe so--if they don't understand the tools and process involved.

Topics: Enterprise Software e-Discovery

Tape Sense

Yes, I know that in certain circles I'll get some ribbing for devoting blog-column-inches to tape storage. But last week I spent a day and a half at the "Tape Summit," and I have to report that the Kool-Aid was actually rather good. By the way, I also know that many of you reading this probably have tape and so I'm here to tell you that you need not worry....you're not alone!

Topics: IBM Storage IT Infrastructure HP Oracle Quantum Spectra

Nasuni: Wicked Good Storage Services

Vinny and I recently tested an IT storage solution at Nasuni, a high tech startup near Boston where you'll often hear the locals describing stuff as "wicked good" or "wicked cool." After a couple days of ESG Lab hands-on testing (and some great sushi), we're pleased to report that the "wicked smaht" team at Nasuni is delivering wicked good storage services.

Topics: Storage IT Infrastructure ESG Lab Nasuni storage services

GroupLogic Dives Into the Online File Storage Pool

The market for online file storage and collaboration solutions continues to heat up. When Kristine Kao and I published our market landscape report in December, we narrowed the field of players down to eight vendors - certainly there were a lot in the mix, but when we put the "business use" and "collaboration" filters on the project, we ultimately had to exclude those that focused primarily on backup and archive or lacked any business licensing models.

Topics: Storage IT Infrastructure OFS online file sharing and collaboration

The Many Synergies of Dell's Acquisition of SonicWall

You have to give Dell a lot of credit. As the company recognized changes in the industry, it was willing to move beyond efficient PC/server manufacturing and distribution into new technologies and labor-intensive services. In my domain, this led to the acquisition of SecureWorks and Force10. Today, Dell took another step into end-to-end solutions by grabbing security veteran SonicWall.

Topics: Azure Microsoft Palo Alto Networks Fortinet VMware Information and Risk Management HP Dell Security and Privacy Juniper Networks Hyper-V vShield SecureWorks SonicWall

The Three Faces of Being Social

Talking to vendors, IT professionals, and end-users - especially people in marketing - I am struck by how confused people are about the three faces of "social." The confusion between social media, social networking, and social enterprise is understandable since they use the same technology base. All are built around a similar set of communication and collaboration tools with the common goal of bringing people closer together. So, on the surface, they look very much the same. But, as the old saying goes, "It's not what you do. It's how you do it" that makes all the difference. Each has a different set of objectives and characteristics. In other words, each uses the same technology to accomplish wildly different goals

Topics: Social Enterprise

It's Back to Business at RSA

I spent last week in rainy and chilly San Francisco. That must only mean one thing; it's RSA time again. I've been to quite a few RSA conferences over the years, too many to count, it seems. The early years were truly serious security events with a no-nonsense vibe. Not that security is still not serious, but the last few years seemed like the hype was starting to overtake some important security developments. As I attended the first day of this year's RSA, I was bracing myself for another "Cloud" marketing onslaught, or possibly a "Big Data" blitz. I was pleasantly surprised. The message was more muted this year with an emphasis on getting back to the business of comprehensive security solutions.

Topics: IBM HP Security and Privacy RSA

Final Thoughts on the RSA Conference 2012

Okay, it's been a week since the RSA Security Conference 2012 so my window of opportunity for editorial comment is nearly closed. A few last thoughts:

Topics: Microsoft Big Data Cisco Data Management & Analytics Information and Risk Management Sourcefire McAfee Security and Privacy Kaspersky android Juniper Networks rsa conference trend micro Symantec RSA Blue Coat saic security analytics Gartner

Nexsan's New Higher-archy

It's always refreshing to have something a little different to write about-earlier this week Nexsan furnished me with an opportunity to do so by launching its latest line of unified storage - the NST5000. While Nexsan has always impressed with its functional breadth and pleasantly-surprising bang for the buck, it's the noticeable and thoughtful 'nudging of the envelope' that sets it apart. As ever the company's latest product has an almost embarrassingly long list of goodness: truly impressive density, ease of use, up to a PB of capacity (my, how the definition of mid-range has moved eh!?) and masses of Xeon cores to power it. So far, so good. It's almost de rigueur these days of course to offer tiering and caching, and Nexsan does that too. And, while one can have some excellent philosophical and technical debates about the extent of unified storage that various other vendors really deliver behind their claims, Nexsan can support genuine simultaneous NAS and iSCSI behind its single management system. Check.

Topics: Storage IT Infrastructure

Is Your Network Ready For Romley?

The much anticipated Intel Romley launch occurred this week and major server vendors like Dell, HP, and IBM announced their next generation systems to take advantage of the increased horsepower and reduced power consumption delivered by the two socket Sandy Bridge-EP based product line. By all accounts this is an impressive platform, with up to 16 cores and 32 threads, that should trigger a server refresh cycle in the data center.

Topics: IBM Cisco IT Infrastructure Networking Juniper HP Dell Compute Intel Brocade

Lessons from CITE: Empower the Consumerized Workforce Before it Empowers Itself!

If I have to take one overarching theme away from CITE this week, I think the title sums it up: IT needs to empower mobile workers and others that are using consumer technology because otherwise they will just empower themselves. Mobile devices are here, in the enterprise-embrace or die. And that really is what is so important about the online file sharing and collaboration space. I presented on the storage implications of consumerization yesterday, where we discussed the online file sharing and collaboration market. I asked the audience a couple of questions:

  • How many mobile devices do you have that you are using for business? Most of the audience had at least 4 (only two were with me at 6 or more...we are forming a support group).
  • How many of you are using solutions like Dropbox, Box, Egnyte or Sugarsync? Pretty much everyone.
  • How many of you are using these without them being IT sanctioned? More than half the audience, and these are IT folks!

That's the thing. Mobile device users are empowering themselves with solutions that allow them to access their one copy of data from any endpoint device and anywhere - they are not waiting for IT to solve the multiple device data access issue. These solutions are already in the enterprise. But the big challenge there, the big danger there, is that when users sign up for these accounts, any data that they store in Box, YouSendIt, or whatever solution they pick goes with them when they leave. Data stays with the account owner, and in a BYOD environment you can't do anything about it! One user I spoke to this week made the point that they wipe everything off of every device when a user leaves, it is part of the contract, but really, how many companies have that type of policy in place? How much will employees stand for it when they use the device for both personal and business use?

If a company sanctions and deploys an online file sharing solution for its employees, the tables are turned, they are in control. If they use something like Syncplicity, YouSendIt, TeamDrive, or many of the other 20 or so vendors now in this space, when someone leaves, they can just wipe the folders. In some solutions they can fully track data flows into and out of the folders (very big brotherish - but there are a variety of solutions on the market to meet the variety of corporate requirements). It is not perfect and there will likely still be security holes, just like there are today. But the thing is, if the company deploys the solution, the data stays with the company. This is really why IT needs to get in front of this issue - if the data stays with the owner of the account, the owner of the account needs to be the business!

You can read Terri's other blog entries at IT Depends.

Topics: Storage End-User Computing IT Infrastructure OFS online file sharing and collaboration consumerization of IT

RSA Conference 2012 Observations Part II

I missed the keynotes at RSA as I was buried with wall-to-wall meetings from the time I arrived on Monday through Thursday evening. Nevertheless, I had a chance to speak with a lot of security industry insiders and IT security professionals during my time at RSA. Building on my previous blog, here are a few additional take-aways:

Topics: IBM Check Point Palo Alto Networks Fortinet Cisco Information and Risk Management Sourcefire McAfee Security and Privacy Juniper Networks trend micro Symantec F5 Firewall Anti-malware crossbeam systems security skills SonicWall

The Magic Of Amazon

Yesterday, Amazon announced some big price cuts for its AWS and EC2 services, amongst others.

I love when IT vendors poo poo anything Amazon does, but man are they wrong.

Topics: Storage IT Infrastructure Private Cloud Infrastructure Networking Compute Amazon AWS Public Cloud Service

YouSendIt Ups its Online File Sharing and Collaboration Game

It is truly amazing how quickly the online file sharing and collaboration market has been inundated with vendors either expanding into the space or new start-ups cropping up with new offerings. It's a really hot market right now, because it is a really big problem for enterprise IT.

Topics: Storage IT Infrastructure OFS online file sharing and collaboration

Files Are Killing IT - And Creating A New Market Opportunity

Data growth is what destroys everything in IT operationally. If data stopped growing, you could actually fix all of your issues once and for all. You would be stable. What a concept!

Topics: IBM Storage Netapp EMC IT Infrastructure HP Box Dropbox

IBM Pulse 2012 -- Day One Keynote

This morning's keynote at IBM Pulse was a refreshing resetting of my perspectives on a few fronts.

Topics: IBM IT Infrastructure Private Cloud Infrastructure Networking Jason Buffington

RSA Observations Part I

I've been to about a dozen RSA Conferences in my career. Some were really geeky, some were nothing but hype, but last week's event stood out as truly valuable. Yes, marketing rhetoric was in the air as always but under the spin was some truly good dialogue.

Topics: Information Security Cybersecurity Check Point Cisco Information and Risk Management Juniper HP McAfee Security and Privacy risk management trend micro Symantec TrustSec Websense

Judicial Coup for Computer-Assisted Review

Magistrate Judge Andrew Peck, of the U.S. District Court for the Southern District of New York made e-discovery headlines late February with the first judicial endorsement of predictive coding. I'll leave it to the legal eagles to debate the courtroom implications, but it's a significant stamp of approval from the bench.You can read more from LTN, Forbes, Chris Dale, and Recommind, whose Axcelerate software is involved in the case.

Topics: Information and Risk Management Recommind e-Discovery

Silent on Social

The more I speak to software vendors, IT, and end-users about socially enabled applications, the more apparent the absence of some ISVs from the social conversation has become. It's not just that some companies don't have social applications as of yet. Many show no signs, make no announcements, or give no inkling of social features in their products.

Topics: IBM Microsoft sap Social Enterprise Salesforce