The buzz on the street after Boston’s SecureWorld conference is all about collaboration.
One expert in particular renewed the call for IT departments to collaborate with physical security. It isn’t enough to secure your network from back door attacks if people can get in through the back door of the building and plug in.
Ray Bernard of Ray Bernard Consulting Services told his audience about one customer who gave sniffers to the security guards so that they could locate rogue access points while they were on their routine walks around the building.
As a value-added reseller (VAR) or consultant, you can make yourself indispensible if you take on the responsibility of facilitating conversation between different departments at your customer’s company, so grab the bull by the horns and forge in.
Ellen Metcalf, author and thinker, knew what she was talking about when she said: “You have to recognize when the right place and the right time fuse and take advantage of that opportunity. There are plenty of opportunities out there. You can’t sit back and wait.”
Start by assessing your customer’s site, then be a negotiator. Don’t be afraid of making an unpopular suggestion. Your customers will thank you for it, and hire you again and again.
- Julia Henderson
Computer error rocks Alaska’s fund Perhaps you know that sinking feeling when a single keystroke accidentally destroy hours of work. Now imagine wiping out a disc drive containing an account worth $38 billion. [AP]
Outlaw biker gangs have set up their own IT departments Organized crime groups, including outlaw biker gangs, have set up their own highly sophisticated IT departments for debit skimming and credit fraud operations. The IT expertise among organized criminal gangs is on par with legitimate business. [Calgary Sun via Digg]
IBM, Cisco partner on emergency services offering Companies’ new managed service is designed to serve government and corporate customers as a one-stop shop. [CNET]
Red Hat and Intel channels beat as one Red Hat is fast-tracking reseller accreditation to anyone with an Intel Premier or Associate badge. It’s free of charge too and it means that system builders don’t have to spend months to qualify for Red Hat approval. Before today, Red Hat would request a fee from any builder who wanted certifying. [TheReg]
The United States is still number one source of online attacks in the world, CNET reports.
Take that China!
The report goes on to say that 31% of all malicious online attacks originate within the United States, with an even higher percentage of credit card fraud originating with Old Glory and Uncle Sam as well. Those stats make me wonder what kind of damage is being to SMBs that the channel might be able to repair. It seems like it must be a matter of storage security being violated and private information is getting stolen by, what I like to call, malcontents. But where does the blame really lie? With the person who can hack into a private network and steal that information? Or does it lie with the company that isn’t keeping that information secure?
It isn’t the first time in the last 12 months that something like this has happened. So how should the problem get fixed? VARs, start your engines. By proposing a complete storage security program, VARs can provide a badly needed service. Check back on SearchStorageChannel.com tomorrow for our comprehensive Project Guide on Storage Security and start providing the services that most companies don’t realize they need.
Hacker techniques use Google to unearth sensitive data Those who know where to look could use Google to dig up all sorts of sensitive company information, including intellectual property and passwords, one security expert warns. [SearchSecurity.com]
Symantec concerned over Vista tunneling protocol Updated: Security company Symantec says new research supports fears that
Vista’s use of the IP tunneling protocol Teredo is potentially insecure. [eWEEK]
Researchers track down a plague of fake Web pages Microsoft researchers say they have traced the companies and techniques behind thousands of spam Web pages. [NYT]
Windows Vista is less secure than XP: Kaspersky Security company Kaspersky has said that Windows Vista’s User Account Control (UAC), the system of user privileges that can be used to restrict users’ administrative rights, will be so annoying that users will disable it. “There’s a question mark if Vista security has improved, or has really dropped down,” said Kaspersky’s chief executive. [ZDNet]
If you work with blades and are curious about virtualizing blades servers, this year’s Server Blade Summit is called Blades & Virtualization: The Perfect Marriage. It runs from May1-3, in Anaheim, Calif.
In a recent soon-to-be published interview, the summit chair and author of the book Blades Server and Virtualization, Barb Goldworm, touted the benefits of this marriage. According to Goldworm, the low-power, overheated blade server is a thing of the past. The blades technology which has evolved over the past five years has produced the space-saving, power-efficient server of the future, and it’s partnership with virtualization offers new storage options, high availability and user-friendly management tools.
I thought it might be worthwhile to consult the blogosphere and this is what I found: An unsigned blog titled, HP reduces customer administrative costs and wait time with blade network virtualization technologies, on WindowsNetworking.com, echoes Goldworm; it sings praises for Hewlett Packard’s, ProLiant xw460c Blade Workstation. According to this blogger, HP’s blade/virtualization marriage, “Dramatically simplifies network connectivity and server management tasks.”
“When I say sacrifice,” Manca writes, “I mean that hypervisors will never perform the same as native systems. They will have lower security… and they will add complexity from a management perspective. However, in many cases, these are trade offs worth making for some customers.”
Is the tradeoff worth it for you and your customers? Is server management simplified or complicated by this partnership? What is your blades/virtualization server experience? Let us know.
Cisco buys WebEx for $3.2 billion Cisco today announced plans to buy WebEx, maker of hosted, on-demand collaboration applications. [SearchNetworking.com]
RSA takes on Trojan horses Service will help financial institutions identify Trojan horses and take down the Web sites that distribute the threats. [CNET]
Microsoft investigates IE 7 vulnerability The vulnerability leaves users open to potential phishing attacks.
Voice over IP is one of the biggest drivers for new network channel business today, and it isn’t slowing down yet. VoIP services are expected to generate over $6 billion in revenue in North America this year, and are projected to grow to $13.3 billion by 2009, according to data from Infonetics Research .
But that doesn’t mean it’s easy money. Kenny Frerichs, president and CEO of application performance management tool vendor Network Physics, says that about of 70% of VoIP implementations are “problematic”. Misconfigured networks, contention for bandwidth from other applications, and security issues all can potentially make a VoIP project into a money pit—and put serious strains on your relationship with your client.
This week, we’ve pulled together a project guide for VoIP implementation, including tips on planning a VoIP network, migrating from traditional PBX phone systems to VoIP, and ensuring VoIP security.
Speaking of security, if you’ve been tracking the data security woes of companies like TJX, you’ll understand why data-in-transit security is getting a little more attention these days. Contributor Greg Schulz provides some tips on securing data in transit; we’ve also pulled together some related material on the new generation of storage security offerings that can help keep your clients from being the next TJX.
MTI Technology Corporation has announced an agreement to resell IBM’s xSeries servers — a move which expands its offerings and changes the dynamics of its business strategy.
The Irvine Calif., based value added reseller, which provides storage solutions to approximately 3,500 medium to large corporate customers, said the xSeries servers will work well with the suite of solutions MTI provides including Microsoft Exchange Server infrastructures as well as backup and recovery solutions where servers are needed to run the applications.
Aside from EMC, the 20-year-old company has Microsoft, Cisco and Symantec as its partners. It will resell the xSeries through Avnet Technology Solutions, and says it intends to make its partnership with IBM official.
“We will be formalizing our relationship as an IBM business partner, and that information will be forthcoming,” said John Maxwell, MTI’s vice president of marketing. “Unlike some vendors who provide a laundry list of products, we are focused on best of breed vendors in order to provide our customers with the best information infrastructure solution,” Maxwell added.
The news comes in the same week that the company said it has received a Nasdaq Staff Deficiency Letter dated March 8, 2007, indicating that for 10 consecutive trading days, MTI’s market value of listed securities had been below the $35,000,000 minimum required for continued listing on the NASDAQ Capital Market. The company is under threat of delisting if it is unable to raise its market value above the required amount for 10 consecutive business days by April 9, 2007.
Online game exploits threaten IT security IT professionals should be concerned about online gaming threats, because employees are playing them on company machines, says Gary McGraw, chief technology officer of Cigital Inc. [SearchSecurity.com]
Charges dismissed in Hewlett-Packard spying case A judge dropped charges against the former chairwoman of Hewlett-Packard, Patricia C. Dunn, who was accused of fraud in a boardroom spying scheme. [NYT]
Rare flaw sighted in OpenBSD kernel Thar she overflows. [TheReg]
Windows Server 2003 SP2 drops on patchless Tuesday New service pack from Microsoft includes mostly security updates.[SearchWinIT.com]
Red Hat’s recent renewed ardor for the channel should hardly come as a surprise. But its sincerity is, at best, forced. Here’s why:
- Red Hat needs help getting into smaller enterprises. While partnership with OEMs like IBM and HP helps get Red Hat in the door, it needs partnerships with VARs and systems integrators to help generate services revenue — especially for the applications that it acquired with JBOSS. IBM has its own open-source play in the apps space with WebSphere and DB2, so that relationship can’t be effectively extended to JBOSS’ Hibernate and other application components.
- Whatever opportunity there is to displace Windows in the SMB market on the desktop and server (thanks to the bloat of Vista and the continued wait for Longhorn Server), Red Hat won’t be able to exploit it without channel partners. Small and midmarket companies looking to extend the life of existing hardware aren’t in the sweet spot for Red Hat’s current route to market; only partners who have existing relationships with those companies can get them in the door with any consistency.
- Oracle’s entry into the Linux space with its own “distro”, and increased pressure from Novell’s SuSE (and Ubuntu on the desktop) through many of the same channels Red Hat currently exploits could take a chunk out of Red Hat’s growth curve.
So, Red Hat needs the channel now more than ever. But does the channel need Red Hat? Red Hat’s recently-announced Certified Service Provider program provides a valuable stamp of approval, but so far Red Hat has only invited six partners into it. And the remainder of Red Hat’s partner program doesn’t do much to distinguish the company competitively.
So, who needs who more?