IT Productivity Center

IT Infrastructure Cost Rising

Webmaster — Fri, 05 Mar 2010 14:58:59 -0700

Many of the largest IT budget problems can be traced back to five big money drains:

Storage expansion - IT departments are already stretching their budgets for storage, and the demand is only going to grow. The volume of data an average business collects and stores actually doubles every 18-24 months.
System complexity - a survey of Canadian IT workers show that many DBAs already devote up to 80 percent of their time to routine systems maintenance. Add to that the work that needs to get done on strategic projects, and you may be looking at major overtime charges.
Hardware sprawl - More systems usually mean more complexity and maintenance and more servers definitely mean more power and cooling costs. For most companies, data center hardware accounts for the bulk of the power and cooling bill. In some cases, power costs can even exceed the cost of IT equipment!
Reliability and scalability - most enterprise information is contained within IT systems, it is absolutely critical that those systems be available whenever your employees or your customers need them. Now you're talking about 24x7 availability, meaning that your systems have to scale along with your workloads. But scaling out by adding servers raises hardware and maintenance costs, and the wrong storage configuration can cause major delays in delivering key information.
Compliance - Organizations face large fines if they are found to be out of compliance, and bad press and security breaches can dissolve shareholde confidence, destroy customer trust and send stock prices plummeting almost overnight.

Janco has solutions for these IT Infrastructure issues

Feds inches towards more control over Internet

Webmaster — Thu, 04 Mar 2010 13:49:49 -0700

Homeland Security and the National Security Agency may be taking a closer look at Internet communications in the future.

The Department of Homeland Security's top cybersecurity official said that the department may eventually extend its Einstein technology, which is designed to detect and prevent electronic attacks, to networks operated by the private sector. The technology was created for federal networks.

Is this the camel's nose in the tent?

VA revamps IT Infrastructure - cuts projects

Webmaster — Thu, 25 Feb 2010 07:38:25 -0700

VA infrastructure is changed and projects are cut.

To improve management of ongoing projects, as of Feb. 15 every IT project in the department, and about 250 IT projects overall, are being managed through the Program Management Accountability System introduced in July. The system requires IT projects to deliver new functionality within six months and to meet project milestones. The VA also is using an online IT dashboard to identify and track troubled projects.

The Veterans Affairs Department has terminated its Enrollment System Redesign, Pharmacy Reengineering and 10 other failing information technology projects for a projected savings of $54 million this fiscal year, officials announced today.

The goal is to put IT projects on the accountability system as soon as possible, it took several months to identify and terminate contracts associated with the canceled projects.

The enrollment systems project was budgeted at $24 million, and the pharmacy project at $23 million, for fiscal 2010.

Other canceled VA IT projects included the Barcode Expansion, Delivery Service, Rights Management Server and VA-Defense Department Laboratory Data Sharing and Interoperability terminology support.

The 12 canceled IT projects were among 44 IT projects halted by VA officials in July 2009. Chief Information Officer Roger Baker today released the list of the 12 terminated projects and 32 restarted projects.

Cost cutting continuing in many IT organizations

rss@itproductivity.org — Sat, 20 Feb 2010 16:14:42 -0700

No matter what the media says about the recession bottoming out, times are still tough for may IT organization - hiring is down and budget cuts continue. Over 200 CIOs interviewed by Janco associates say, many IT projects are delayed or stopped, layoffs continue and next year's budget will be lower.

Most CIO's continue to look for ways to reduce costs. Many no longer are willing to pay a premium for vendors to fix any problems in key software and hardware within four hours instead of a 24-hours. Sometimes things stay broken until IT staffers can figure out the fixes themselves.

Steps that CIOs are taking include:

Reducing systems maintained on a 7/24 level - Instead of eliminating maintenance contracts, reduce the frequency of turnaround time -- from, say, four hours to 24 hours or even longer.
Reducing weekend and late-night service levels.
Reducing contracted fees paid to vendors -- many are more willing than in the past to wheel and deal, rather than lose a contract completely.
Communicating with users that they can expect decreased maintenance, particularly with regard to timing and service levels.

However it is critical to not impact core infrastructure systems or those that are customer centric.

Goverment to go after Oursourcers

Webmaster — Tue, 16 Feb 2010 16:35:44 -0700

Populist rhetoric from U.S. leaders and President Obama has some in India outsourcing enterprises concerned about what kind of role its companies will have in future technology endeavors with the United States. The big question is, Will anything happen to the tax code and H-1B visa laws in 2010 that will negatively affect workers or companies?

President Obama's first official State of the Union address is a few weeks old, but its message to American companies that operate subsidiaries in Asia has some questioning what direction the United States will go with technology workers, tax incentives and H-1B visas. With an economy slowly grinding its way out of recession and a populist air of protecting jobs for American workers, Obama is giving Asian and American business leaders and companies something to chew on.

In the address, Obama attempted to restate his agenda on jobs and jobs growth; some have construed these remarks as "protectionist."

"To encourage these and other businesses to stay within our borders, it is time to finally slash the tax breaks for companies that ship our jobs overseas and give those tax breaks to companies that create jobs right here in the United States of America," Obama said.

What was the reaction in Asia? Well, they are not worried about the tax part.

"The whole issue about taxing companies which were shipping jobs overseas and taking away tax breaks actually does not relate to the work that is done out of India or other locations," vice president of trade organization NASSCOM (National Association of Software and Services Companies), said in The Economic Times Jan. 28. "That is really about U.S. subsidiaries which have set up plants overseas."

Job Market Soft - Layoffs not as high as last year

Webmaster — Tue, 09 Feb 2010 14:18:40 -0700

There is good and bad news on the job front: The bad news is that layoffs are still happening; the good news is that they are a lot smaller than last January, and workers who were laid off in the last year are getting back to some form of work in larger numbers.

Job cuts across all industries have reached a five-month high at 71,482, according to a Chicago-based outplacement firm . Retail, telecommunications and pharmaceutical companies are leading the pack in layoffs. The telecommunications sector announced 14,010 in January. Roughly 13,000 layoffs were announced by Verizon last week as the largest mobile provider continues to transition its business away from legacy landlines and move toward mobile- and Internet-only based business for consumers and enterprises.

Retailers announced plans to shed 16,737 seasonal and full-time employees; Pharma plans to eliminate 8,170 jobs which is the biggest number that sector has seen since last March when it lost 17,796.

Google stops supporting older browsers

Webmaster — Mon, 01 Feb 2010 14:58:13 -0700

Google has announced that Google Docs will drop support for Microsoft's nearly nine-year-old Internet Explorer 6 (IE6) browser starting on March 1.

Ironically, if Google had taken its anti-IE6 advice to heart before hackers broke into its corporate network last year, it might not now be mulling whether to abandon the Chinese search market.

"We're going to begin phasing out our support, starting with Google Docs and Google Sites," said the senior product manager for Google Apps, in a Friday entry on the company's enterprise blog . "As a result, you may find that from March 1 key functionality within these products -- as well as new Docs and Sites features -- won't work properly in older browsers." Google Sites is the search engine's free Web hosting service.

Google's new list of supported browsers omits IE6, as well as other older programs, including Mozilla's Firefox 2.0, Apple's Safari 2.0 and Google's own Chrome 3.0. IE6 is by far the oldest browser of the bunch, with an August 2001 debut. In comparison, Firefox 2.0 dates to October 2006, Safari 2.0 to April 2005 and Chrome 3.0 to September 2009.

People running older browsers should upgrade to a newer version, said the Google represenative, who posted links to downloads of IE8, Firefox 3.6, Safari 4.0 and Chrome 4.0. The latter is available in final form only for Windows ; Chrome 4.0 for the Mac is still in beta .

Google's move is only the latest in a year-long string of major Web properties dropping support for IE6 or urging users to ditch it for something newer. The campaign began in February 2009, when Facebook prompted IE6 users to upgrade. It then accelerated last summer when Google's YouTube did the same, as Digg announced it would curtail IE6 support and as a California site builder led nearly 40 Web start-ups to urge their users to dump the browser . An "IE Must Die" petition on Twitter, meanwhile, has accumulated more than 14,000 signatures.

Productivity improvements are possible

Webmaster — Sun, 31 Jan 2010 15:50:18 -0700

Similar to the explosion in regulations such as Sarbanes-Oxley after Enron, many pundits expect new regulations in light of the financial industry meltdown. And industry experts expect that IT organizations in many government agencies will have to take on the heavy burden of the new regulations that are expected to emerge. Microsoft Windows Server 2008 R2 can help IT departments in public sector organizations meet today's demands for lower TCO, improved security, and delivery of IT services. Companies that want to cut costs, lower complexity, and increase agility need to embrace virtualization in their production environments, and Windows Server 2008 R2 supports high-availability virtual environments.

CIO - Productivity Bundle

Over 220 IT and Internet Job Descriptions, Disaster Recovery Template
IT Service Management Template - Sensitive Information Policy - Salary Survey - Security Template

The CIO productivity kit standard edition contains:

Over 220 job descriptions in MS WORD format
Current IT Salary Survey for US and Canada (by city)
Disaster Recovery Template which is Sarbanes Oxley compliant
Security Template which is Sarbanes Oxley and ISO 27000 compliant
IT Service Management Template (Change Management, Help Desk, and Service Requests)
Sensitive Information Policy (Protect Credit Card Card and Personal Information)

NASA to redo IT Infrastructure

Webmaster — Wed, 27 Jan 2010 07:42:27 -0700

NASA has issued a final request for proposal for a menu of information technology services such as e-mail, security management, instant messaging and mobile communications. Estimates have pegged the work as worth $2.5 billion.
The project, Agency Consolidated End User Services (ACES), is designed to consolidate services across NASA into one agencywide solution. The requirements are currently met through the Outsourcing Desktop Initiative for NASA, the ODIN contract.

The ACES contract is expected to be biggest of five contracts that NASA plans to issue as part of its Information Technology Infrastructure Integration Program (I3P) acquisition to consolidate the agency's IT and data services.

Market research firm Input puts the total value for the five contracts, based on NASAs draft RFPs, at $4.3 billion. Input said ACES value is $2.5 billion based on information in the draft RFPs.

According to the final RFP, the winning contractor will be responsible for a range of services including:

E-mail and collaborative calendaring services:
Active Directory services.
Security management including IT security, emergency management and preparedness, and data at rest services.
Software license management: The contractor shall provide a fully managed and supported shared license infrastructure.
Instant messaging services.
Mobile communications device services such as cell and smart phones.

Service-Oriented Architecture and IT Service Management Are Keys To Success in the Recovery

rss@itproductivity.org — Tue, 19 Jan 2010 16:21:53 -0700

SOA and ITSM drive success and productivity

One bad customer experience can cost you that customer for life. Hospitality, travel, retail, healthcare, and financial services are especially prone to losing customers who have a negative experience. It does not take much for a customer to decide that you and your company are not worth his time, effort, or money.

Customers like to feel loved, and they are turned off very quickly when they sense that you do not care about the pain they are feeling. Even if you cannot help them because the situation is beyond your control, acknowledge that you understand both the situation and their frustration.

No customer wants the person serving her to be distracted or preoccupied. Ever go to the local mall and try to get help from a teenager focused more on texting her friends than helping you find what youre looking for? On the other hand, being too focused can be a bad thing. Have you ever asked an innocent question out of curiosity and then found yourself stuck for an eternity while a customer support person hunts endlessly for an answer? This person is likely so focused on getting the answer that he does not realize that you really do not care that much about it and would rather not wait for an answer to an inessential question. Be sure your people understand the degree of focus required for the job.

Even if the employee has the right skill set and experience, his odds of being successful and remaining on the job are low if his core behaviors and tendencies do not line up with those needed for success in that particular role. This is especially true for customer-facing roles in which your frontline employees act as extensions of your brand and heavily influence the customer experience.

Attackon Google mail accounts in China

Webmaster — Tue, 12 Jan 2010 20:34:09 -0700

It was reported in Computerworld that a "highly sophisticated and targeted" attack against Google's network last month originated in China, and tried to access the Gmail accounts of Chinese human rights activists.

In a blog post Tuesday, David Drummond, Google's chief legal officer, said that attacks have forced the company to "review the feasibility of our business operations in China." Google, continued Drummond, is "no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all."

The end result of those discussions, said Drummond, may be that Google shuts down its search engine and close its offices in the People's Republic of China.

"This is a bold and a very difficult move on [Google's] part," said Leslie Harris, the president and CEO of the Center for Democracy & Technology (CDT), a Washington, D.C.-based civil liberties group. "But with the revelations that there have been major cyber attacks aimed at human rights activists, both in China and in the West, it's hard to see how Google could have remained silent."

According to Drummond, Google was one of at least 20 large companies that were targeted by massive attacks in December. In Google's case, the attacks resulted in the theft of some company intellectual property.

H-1B Reaches quota - More Audits to Take Place

rss@itproductivity.org — Tue, 29 Dec 2009 15:36:36 -0700

U.S. employers again hit the cap of 65,000 for the controversial visas that allow foreign workers in specialty fields such as computer science and programming to work in the United States for three to six years.

Despite an early slump in U.S. employer demand for H-1B visas, the U.S. Citizenship and Immigration Services announced Dec. 22 it had reached the 65,000 cap for the controversial guest worker visas favored by technology companies. H-1B visas allow companies to hire foreign workers with special skills to work in the United States for three to six years.

USCIS officials intend to up the ante of verifying and investigating the validity of H-1B visa usage by companies. Immigration officials will ramp up law enforcement to help thwart fraud and quell political pressure that wants to severely limit H-1B visa usage.

The United States Customs and Immigrations Services plans to up its enforcement of the law on H-1B visas and the U.S. companies that take advantage of them by conducting 25,000 on-site inspections in 2010. IBM, Microsoft, Oracle, Google and many technology giants and smaller IT shops employ temporary H-1B visa holders to fill U.S.-based jobs from foreign countries. After a Congressional report showed a range of fraud within the H-1B visa program, the pressure to enforce the law on the books has increased.

In 2009, the USCIS conducted 5,191 on-site inspections, according to a report in Computerworld, with many of the inspections being unannounced visits. The 25,000 inspection effort in 2010 could be a serious boost to quelling fraud, but it may not be enough for those in the U.S. government who advocate for stronger limits on H-1B visas.

Can Tape Backups Work In a Disaster Recovery Process

rss@itproductivity.org — Tue, 15 Dec 2009 17:29:31 -0700

Tape backup can provide for the long-term archival needs of the virtual servers; however tape cannot provide the level of recoverability required for critical business applications. Disaster Recovery Planning requires more.

Rebuilding one application from tape can be a difficult and lengthy process. Recovering four or more applications at the same time from tape to rebuild one physical server will result in an excessive period of downtime, likely more than the business can afford.

Organizations may not understand how vulnerable their data and business remain to disaster - even after they've made a huge up-front and ongoing investment in tape-based disaster recovery. An article in SearchSecurity reports that in a survey of 500 IT departments, as many as 20% of routine nightly backups fail to capture all data. Among participants of another survey cited in this article, 40% of IT managers were unable to recover data from a tape when they needed it. This is a significant concern for corporations that are regulated as they can face the risk of being out of compliance if they cannot produce required data when they need it.

Tape backup also places limits on your recovery point objective (RPO), the point in time to which you can recover your systems should disaster strike. Periodic tape backup guarantees hours of lost data in the event of a disaster. Suppose, for example, that a critical system fails anytime today; the best you can do is recover to yesterday's data, which will be at least twelve hours old. The later in the day disaster strikes, the older the data from which you'll recover. In addition, recovering from a disaster, any data not backed up is lost for good - unless you recreate it.

Job market prospects remain poor at best

rss@itproductivity.org — Tue, 08 Dec 2009 14:47:43 -0700

The yearly cap for H-1B visas is 65,000. In 2008, the H-1B quota was met in one day. According to the most recent numbers issued by U.S. Citizenship and Immigration Services, the late rush has pushed the number of H-1B visa petitions to 58,900.

In additions, according to some forecasts the first quarter of 2010 will see only minor IT hiring increases, but also a small additional IT job losses. In a survey of 1,400 CIOs, 7 percent said they expect an increase in hiring, while 4 percent expect to reduce staff for a net gain of 3 percent in favor of hiring.

That does not bode well for IT professionals and college graduates. The question is when will the market turn around.

U.K.Inacts Big Brother Laws

rss@itproductivity.org — Mon, 30 Nov 2009 16:12:10 -0700

Under the guise of the Digital Economy Bill, the UK proves without a doubt that truth is stranger than fiction and that 1984 mindsets rule in government.

If illegal file sharing is suspected (not necessarily proven) within a home, all Internet access to that residence could be terminated and fines of up to £50,000 could be imposed on the household.
ISPs could be compelled to spy on their own users or face stiff fines and other penalties.
The UK Business Secretary (similiar to the US Secretary of Commerce) would be granted the power to modify any aspect of the law without debate, including the definition of new violations and penalties at a whim, essentially turning his position into that of a dictator for all digital communications within the United Kingdom.

Needless to say, these are bad ideas at best, even coming from a country with an Official Secrets Act. The language in this bill would place corporations in complete control over the Internet in the United Kingdom, answering to nobody but themselves. It's practically a step-by-step guide on how to force your best and brightest to move to another country.

CIOs address security threats

rss@itproductivity.org — Wed, 25 Nov 2009 13:24:23 -0700

Business processes today rely on vastly different methods of data storage and data exchange than even a few years ago. The objective is to provide full 360-degree security that protects against the widest range of attacks.The changes in the computing landscape make it essential that companies adopt a new approach to security. According to published research 90% of all CIOs say that data security is "important" or "very important" and would get high priority in 2009.

CIOs need to worry about three possible threat can affect the business operations, data integrity and overall security of organizations.

Theft or loss of a mobile device - SmartPhone or laptop
Theft or loss of removable media containing confidential data - USB storage
Disgrunteled employee or contrator

The security manual template addresses each of these issues with specific policies and procedures that can be implemented quickly.

Protecting intellectual property - CIO role

rss@itproductivity.org — Sat, 21 Nov 2009 09:09:24 -0700

The problem is, many companies devote resources to IT security assuming that the thieves and threats are on the outside, attempting to gain access to the network via malware and hack attempts. They ensure anti-malware and intrusion detection/prevention systems are in place, and restrict network access. What happens when the internal worker becomes the threat? What is needed is a set of securtiy policies and procedures support by an audit program that validates that they are followed by everyone.

Data is the lifeblood of every company, and often, it's the only thing that differentiates one organization from another. Who has the most loyal customers, the best service, and the most innovative strategies all boils down to information residing on the company's IT systems.

For companies that deal with product designs and prototypes, it's easy to understand how closely their information must be guarded. Strategic plans, corporate roadmaps, and notes from a brainstorming session could also be valuable to competitors. Personal information - of employees and customers - can be used for identity theft and other types of fraud, if it falls into the wrong hands.

Firefox is primary security risk faced by users

rss@itproductivity.org — Tue, 10 Nov 2009 07:13:20 -0700

According to a security vulnerability report by Cenzic, Of all Web vulnerabilities, 90 percent pertained to code in commercial Web applications, while Web browsers comprised about 8 percent and Web servers about 2 percent. Of the browser vulnerabilities, Firefox had 44 percent of the total, but perhaps the biggest surprise was Safari, which formed 35 percent of the browser vulnerabilities. Internet Explorer was third, with 15 percent, and Opera was at 6 percent.

Of the published vulnerabilities in Commercial Off The Shelf (COTS) applications, SQL Injection, and XSS were once again the most common vulnerabilities, which is why, it is no coincidence that most of the attacks in first half exploited these two vulnerabilities. Based on thousands of assessments performed by Cenzic's managed service, nine out 10 applications continue to be vulnerable with Information Leaks, Cross Site Scripting, Authentication Flaws, and Session Management as the most common categories.

The top 10 vulnerabilities for the first half of 2009, included familiar names such as Sun, IBM, SAP, PHP, and Apache.

Unused Servers Waste Engery and Critical IT Resources

rss@itproductivity.org — Tue, 20 Oct 2009 07:23:24 -0700

Millions of servers around the world are doing little more than wasting energy, according to a new study.

At least 15 percent of servers are not doing anything useful, said a majority (72 percent) of server managers polled by Kelton Research. In addition, 83 percent said they don't have an adequate grasp of server utilization, and 72 percent rely on CPU utilization as their measure of server efficiency.

The cost of unused servers is estimated at $24.7 billion a year, including the value of hardware, maintenance, management, energy and cooling for unused servers.

Specifically, the study concludes that an estimated 4.75 million servers worldwide are being run 24/7, managed and upgraded without being actively used on a daily basis. Assuming about $4,400 per server per year in operational costs (an IDC estimate), those unused servers cost $20.9 billion to run, plus consume another $3.8 billion in energy costs.

Reasons to block instant messaging

rss@itproductivity.org — Sat, 17 Oct 2009 21:09:21 -0700

In the workplace, instant messaging (IM)often replaces

e-mail and phone calls for user-to-user or group conversations. This includes frequent exchanges of files, records and other data, plus regular back-and-forth texting between coworkers or collaborators busy getting their jobs done. Though much IM traffic involves pairs of users, it's neither difficult nor unusual for multiparty IM sessions to replace conference calls. Many IM security problems can expose organizations directly to serious security risks and potentially devastating legal liabilities or financial losses. Because most consumer-grade IM technology is not encrypted, that makes a good place to start exploring how and why this claim holds water. Many IM packages also lack strong proofs of user identity, perform neither file nor content screening on transmissions and directly expose users to malicious software and behavior.

Employment down for IT professionals according to IEEE-USA

rss@itproductivity.org — Sun, 11 Oct 2009 21:26:16 -0700

The number of unemployed IT professionals, including systems analysts, has reached 59,000 in the third quarter, up from 49,000 in the previous quarter.

In 2001, there were 745,000 software engineers. In 2002, that number had fallen to 715,000 but then started to increase until the third quarter of 2008, when it reached 1.078 million; software engineer employment now stands at 970,000.

In 2001, there were 734,000 computer scientists and systems analysts, compared to 745,000 in the most recent quarter -- the same number reported in 2005. The peak employment year in this category was 837,000 in 2008.

While the overall third-quarter unemployment rate for computer professionals rose from to 6% from 5.4% in the second quarter, the jobless rate declined for electrical engineers and software engineers, according to a new analysis of government labor data compiled by the IEEE-USA.

The organization of technical professionals said that the unemployment rate for electrical engineers fell in the third quarter from 8.6% to 7.3%, possibly with the help of increasing investments in smart grid technologies. Unemployment among software engineers in the third quarter also fell, to 4.7% from 5%.

The most recent employment data for software engineers is mixed, improving in some areas but declining overall.

CIO and companies look towards virtualization solutions

rss@itproductivity.org — Mon, 05 Oct 2009 14:05:46 -0700

Virtualization management is increasingly more important as CIOs and companies look for every way possible to extract as much value as they can from their IT investments. For many, the answer is next generation tools that deliver proactive monitoring and predictive capacity analysis to enhance the most popular virtualization solutions and improve the odds of a fast return on investment (ROI).

CIOs are looking for virtualization management solutions that will immediately demonstrate its value by predicting your resource utilization trends and alerting you in advance of potential issues. In this process CIOs hope to:

Discover the benefits and features of a self-contained virtualization analyzer that instantly deploys and begins solving your capacity planning and monitoring needs.
Learn how better capacity planning enables users to increase virtual machine (VM) densities on existing hardware while maximizing performance of the virtual data center
Find out how an effective virtualization analyzer can quickly identify capacity bottlenecks, find available capacity for new virtual machines (VMs), and increase VM densities with your existing hardware

What does Web 2.0 Promise

rss@itproductivity.org — Thu, 01 Oct 2009 12:26:05 -0700

Web 2.0 is the next step in the evolution of the computer industry caused by the move to the Internet as platform. While most focus on the implications of software development technologies used to create Web 2.0 applications, it is important to understand the attitude of empowerment of Web 2.0 software developers place a high priority on accomplishing the following objectives with Web 2.0 in order to attain the larger business goals:

Graphical user interface (GUI) functionality, such as "drag and drop" enable applications with functionality on par and superior with applications built for traditional GUI-based operating systems such as Microsoft Windows.
Richer content. Web 2.0 developers are fond of creating applications known as "Mashups." Mashups increase the usefulness of an application by combining content from multiple sources, but may include sources with questionable pedigrees.
Performance. Improve the speed of applications, often by leveraging the client computing resources and reducing the frequency with which a Web application performs GET and POST calls to the Web server. This is accomplished by transferring application and business logic from a tightly controlled host environment to a client system, which can be more readily manipulated.
Interactivity. Making the application more attractive, engaging, user friendly, and ultimately more productive for the user.

PCI-DSS is not working as designed

rss@itproductivity.org — Tue, 29 Sep 2009 04:53:01 -0700

PCI is not working as designed according to the survey of more than 500 U.S. and multinational IT security practitioners at companies with an average of $5.6 billion in annual revenue:

71% of respondents do not treat PCI as a strategic initiative, yet 79 percent have experienced a data breach involving the loss or theft of credit card information.
55% of respondents focus only on credit card data protection and do not attempt to secure sensitive information such as Social Security numbers, drivers license numbers, bank account details and other data about people and families.
60% of respondents do not think they have sufficient resources to comply with PCI and bring about a necessary level of cardholder security.

Scam shows creativity of Internet thieves

rss@itproductivity.org — Sat, 19 Sep 2009 09:47:12 -0700

A security vendor has identified an online service offering to help anyone to hack into any Facebook account for $100. However, those who sign up for the service could find themselves becoming the victims instead.

Users of the service are required to first register with the site and then provide an ID of the Facebook account they want hacked. Users who enter the ID and click on a "Hack it" button are then presented with the username of the owner of the Facebook account. They then have the option to "Start Facebook hacking."

Those who follow the instructions are eventually told that the hack was successful and a password for the account was retrieved. In order to get the password, the user is then required to send $100 via Western Union to an individual in the Ukraine.