And if you actually look at what people are saying, it gets worse.
**Warning: Disturbing images ahead for the security conscious.**
So what’s an IT department to do? Well, for one thing, prepare early and often!
- Negotiate license agreements so you can have occasional “spikes” in remote software, like VPNs or web clients.
- Send out e-mail reminders to staff that, on days where you’re likely to have a large jump in remote workers, resources will be strained and outline strategies that workers can use to minimize their impact.
- Have a recovery strategy in place, with a timeline of how long it will take to bring critical and non-critical systems back online after a local or regional power outage.
Get your daily, 140-character dose of desktop virtualization with these evangelists, practitioners, and experts alike, compiled below as well as in our Virtualization Pros Twitter list. Don’t see your favorite name on the list? Add it in the comments or send me an email at Melanie@ITKnowledgeExchange.com! Not a Twitter person? No problem! Check out our list of top desktop virtualization blogs or SearchVirtualDesktop.com for meatier doses of the information you need.
When it comes to virtualization, be sure to read the fine print: Licenses can be surprisingly restrictive, even from vendors who are otherwise on the vanguard of virtualization. Take featured desktop virtualization blogger Brian Madden’s explanation of Microsoft’s licensing rules:
VECD stands for “Virtual Enterprise Centralized Desktop.” It’s the license that Microsoft requires to use its desktop virtualization. VECD must be purchased in addition to the base Windows operating system license. So if you want to virtualize Windows, you have to buy this VECD license as a second license. If you don’t like it — too bad. Don’t use Windows then. (Ah, the joys of a monopoly.)
And it gets worse, because VECD is a subscription, not a perpetual, license and signing up for VECD generally requires Microsoft’s annual Software Assurance program. As if things weren’t confounding enough, the VECD used to stand for “Vista,” and is documented as such in much of Microsoft’s documentation.
We’re covering all facets of the desktop virtualization world at IT Knowledge Exchange, and what better way to keep up on the latest in virtualization technology than to read what practicing pros and analysts are blogging about? One of the best resources for desktop virtualization blogs is TechTarget’s very own BrianMadden.com. The site has been around a long time, offering in-depth and up-to-date analysis from original bloggers: Continued »
Now that the holidays have come and passed, all manner of tablets and other mobile gadget gifts will be flooding homes and, inevitably, offices around the world. But there’s another possible byproduct of the trend – aside from Angry Birds – everywhere: The mobile revolution might stall or kill outright nascent desktop virtualization efforts.
It would be a surprising twist. Server virtualization has revolutionized IT’s “hidden” operations, cutting costs and speeding up deployments, and desktop virtualization was predicted to bring similar advantages to the most visible interaction between IT and their users. Gartner had predicted the hosted virtual desktop market to equal 40% of the worldwide professional PC market by 2013, from less than 1% in 2009.
That’s a highly optimistic outlook, but one that some tech pundits are saying is off the mark. As Kevin Fogarty writes for ITWorld, mobile is quickly becoming more important than desktop when it comes to virtualization:
Who says that tech books have to be boring and technical and, heck, non-fiction? Definitely not the people behind Stealing the Network from Syngress.
Meant to inspire security and technology pros alike to wonder and muse on the what ifs of security vulnerabilities, Stealing the Network exercises the imagination in hopes of sparking real life solutions. With contributions from security consultants, technical directors, security engineers and specialists with impressive lists of accomplishments, Stealing the Network is a truly creative bunch of “stories that are fictional, with technology that is real.”
Whether you’re into ethical hacking or IT security, you’ll find the stories not only entertaining and thought-provoking, but also valuable in their recommendations and specificity regarding what programs and systems the fictional hackers are using. Though the stories are fictional, they are set in the real world and are described with great accuracy. Screenshots, graphs and titled sections make for easy reading and navigation. The authors of these ten stories come from the IT security world, and thus their characters and scenarios are familiar and relatable, like the narrator from Ryan Russell and Timothy Mullen’s “The Worm Turns”:
Rarely do people like me want to chitchat about what we do in general terms. We live in a world of minute detail, machine-language code, operating system calls, and compiler quirks. Most of the time, we would rather keep to ourselves and do independent study, unless we’re having trouble with something specific or want someone to double-check our work.
In his foreword to the book, Jeff Moss, founder of Black Hat and DEFCON, defends the purpose of the book: “You could argue it provides a roadmap for criminal hackers, but I say it does something else: It provides a glimpse into the creative minds of some of today’s best hackers, and even the best hackers will tell you that the game is a mental one.”
Want a chance to win this unique book? Share your own hacking scenario – fictional or otherwise – and what can be learned from it. Leave your story in the comments section or email me at Melanie@ITKnowledgeExchange.com.
Check out our list of top network security books for more ideas on some great reading. Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.
Think Cisco, HP and other blue chip mainstays were the winners in 2010’s IT industry? Think again. The Motley Fool’s Eric Bleeker took a look at the top 10 networking and electronic stocks in 2010, and the winners were smart, savvy and small. Small enough that if you don’t live and breathe networking and IT, you probably haven’t heard of them.
The year’s winner was Acme Packet, which does session border control for enterprise and telecom, saw a 400.3% return in 2010, a boost that accompanied the migration to all-IP networks. More familiar companies like Riverbed Technology and Radware also had boom years, as far as the stock prices were concerned.
What drove the high valuations? In 2010, the network mattered more than ever, and HP and Cisco’s feuding left ample opportunities for smaller players to get a chance to sell their message (or partner with a bigger player) as IT managers began sorting out the new landscape.
But 2011 could see this chaotic market calm down, as Bleeker writes:
In the past, major IT firms had largely left the networking space to its 800-pound gorilla, Cisco, to control. However, after Cisco’s decision to create a server system that competed directly with many of its partners, companies like Hewlett-Packard and Dell have increasingly cast an eye to their own networking solutions. Much the same as storage, we’re seeing some smaller companies creating very advanced technology to fill niches not covered by industry giants like Cisco and Juniper. Will the mega-cap tech companies stalking networking go on a buyout spree that’s similar to what was seen in storage last year? I wouldn’t rule out a laundry list of buyouts across networking in 2011.
Nobody wants to be the guy sending out a mass email to members saying, “If you’ve registered an account on any of our websites, then it’s best to assume that your username and password were included among the leaked data.”
But that’s exactly what Gawker Media had to do after its sites were hacked last weekend. Thomas Plunkett, CTO of Gawker Media, pointed out a source code vulnerability as the window hackers used to access user data including passwords, an editor wiki, and email accounts among other things. Once much of the user data was posted on sites such as Pirate Bay, Gawker had to warn its users to change their log ins for other sites using the same password.
One of the lessons learned from the brouhaha? Continued »
Data loss prevention software, or DLP, has long been a hot topic among security professionals for a while, but it’s always been a bit of a mercurial target: How do you lock down data while still making it accessible enough to be useful? The short answer: You can’t. Remove CD drives, install the right software, regularly audit your weaknesses and you can still be a victim.
But that doesn’t mean that WikiLeaks is the “canary in the coal mine” for DLP techniques. In fact, it’s going to receive more attention and more thought than ever (we picked it as one of our top 5 trends for 2011), but the hard truth is that security is about mitigating risk, not eliminating it. It’s not a message your CEO wants to hear, but acknowledging that systems are imperfect and breachable is the first step towards recovery, as they say.
Even the National Security Agency reportedly has acknowledged the fact, and if the world’s spookiest spooks can’t stop breaches, how can your company? From Reuters:
The U.S. government’s main code-making and code-cracking agency now works on the assumption that foes may have pierced even the most sensitive national security computer networks under its guard.
“The most sophisticated adversaries are going to go unnoticed on our networks,” she said.
“There’s no such thing as ‘secure’ any more,” Debora Plunkett of the National Security Agency said on Thursday amid U.S. anger and embarrassment over disclosure of sensitive diplomatic cables by the web site WikiLeaks.
So much for holiday cheer.
Last week, we went ahead and made our first round of 2011 IT tech trends, from tablets to big data. Now we present what we think will be the real big drivers for change in IT tech. Have something else to add? Let us know in the comments!