Information and Risk Management

Get a quick insight on what my ESG colleagues and I took away as our first impressions from EMC World last week, in easy-to-consume video format.

While at EMC World 2013, I sat down to do a short video for TechTarget on what I was finding interesting at the show: 

• EMC’s Data Protection Suite, as a new way to acquire and consume the range of EMC backup software. 
• The differences between Backup and Archiving, and what EMC’s solutions are doing about it

And while I was there, I had the chance to plug ESG’s upcoming Market Landscape Report on disk-based target systems, which covers EMC Data Domain, among others.

This ESG Lab review documents hands-on testing of the ExaGrid backup appliance using Veeam Backup & Replication software, and demonstrates the ability to execute Veeam Instant VM Recovery alongside ExaGrid’s capacity- and cost-saving deduplication.

Piecemeal approach won’t work – Federal government mobile computing planning provides a good example of what will.

SMB organizations are just as reliant as their enterprise and midmarket counterparts on data to support day-to-day operations, though they typically lack the resources and/or IT expertise to ensure its availability and preservation. In spite of this, recent ESG research reveals that many SMBs understand the importance of their IT assets and are at least attempting to back up their data, whether proactively or reactively.  However, given the fact that even larger organizations haven’t “solved” data protection, there is an opportunity in the SMB space for both education and services to not only supplement current backup strategies, but–more importantly–to foster new ones.

Each year, security threats to web applications grow increasingly dangerous, causing many organizations to increase their investments in web application security testing. Beyond the obvious security benefits for organizations, it is also a positive trend that will lead to new market opportunities for application development and application testing product vendors.

NGFW bolsters McAfee “Security Connected” initiative and links network- and host-based security.

An ESG survey of 395 IT professionals at midmarket and enterprise organizations revealed the top security challenges in today’s data centers. This brief identifies the top challenges to running a secure data center, such as keeping up with the constant stream of new threat intelligence, and monitoring network activity in spite of unfortunate blind spots. It examines the underlying causes of these challenges, and concludes with advice for security vendors to help customers cope. 

Advanced organizations are most likely to favor network information security over server security.

This month, I took a look at the differences between ‘Regulatory Compliance’ and ‘Operational Readiness’ (HA/BC/DR) through a series of videos.  This week (4 of 4), we’re taking a closer look at the regulations that apply to government agencies and contractors (CO-OP).  Each week, we looked at some regulatory mandates and try to glean some pragmatic IT ideas for data protection from them.  I hope that you enjoyed the videos.

Predictive coding has become a common feature of technology assisted review. By automating the coding of documents, predictive coding promises to reduce the cost of e-discovery while reducing the time needed to accomplish it.

Hackers are rattling an assortment of web application windows and doors to find a way in.

Hackers growing more creative, attentive, and persistent.

This month, I am taking a look at the differences between ‘Regulatory Compliance’ and ‘Operational Readiness’ (HA/BC/DR) through a series of videos.  This week (3 of 4), we’re taking a closer look at the regulations that apply to healthcare organizations (HIPAA).  Each week, I’ll take a look at some regulatory mandates and try to glean some pragmatic IT ideas for data protection from them.  I hope that you enjoy the videos.

Mobile computing presents an opportunity to get things right if CISOs approach it with the right strategy.

This month, I am taking a look at the differences between ‘Regulatory Compliance’ and ‘Operational Readiness’ (HA/BC/DR) through a series of videos.  This week (2 of 4), we’re taking a closer look at the regulations that apply to publicly-held companies (SOX) and financial institutions (SEC).  Each week, I’ll take a look at some regulatory mandates and try to glean some pragmatic IT ideas for data protection from them.  I hope that you enjoy the videos.