The Payment Card Industry Data Security Standard — PCI DSS — has been around for a few years and has seemingly done a good job of keeping credit card data safe.
No, it’s not a binding regulation, and there’s not a lot of official enforcement. But PCI DSS compliance has worked well for those who adhere to it — so much so that some PCI experts are calling for PCI to be used in other areas of risk management. After all, data privacy is data privacy, right?
That was the contention of some who congregated at the PCI Security Standards Council (PCI SSC) European Community Meeting in London recently, according to SearchSecurity.co.uk.
SearchCompliance.com contributor Kevin Beaver, of Principle Logic LCC, a noted expert in PCI DSS compliance, thinks this is a good idea.
“Many organizations would benefit from implementing PCI-type controls across other areas of the enterprise,” Beaver wrote in an email. “One of the things I see people struggling with is where to start with managing enterprise information risks. In particular, people get caught up in NIST for this, HIPAA for that and ISO/IEC for everything else. This approach can create unnecessary complexity which, as we’re all learning, is the enemy of security. In the end, all of these regulations, standards and frameworks address the same fundamental issues. It’s merely a matter of deciding on what’s best for your systems in the context of your business. The important thing is to not let apathy set in — just do something.”
I agree. There are plenty of areas where a bottom-up approach to data privacy is needed, and if PCI DSS compliance works and is widely accepted, you should do it. But remember, you are not necessarily secure just by being compliant with some standard framework. However, if you practice good security, with up-to-date hardware, software and policies, you likely will be in compliance with some standard. Find one that works for you.
What happened in the IT world last week? Here’s the scoop on what you might have missed, including how IBM set an example for strategic leadership, Hewlett-Packard Co.’s recent decision and cloud computing.
IBM made history by selecting its first female CEO, Ginni Rometty. But Jena McGregor believes the way she was selected is what makes IBM a strategic leader in the IT industry.
Meg Whitman recently took over as CEO at HP, and with that, HP has decided to stay in the PC business after considering “strategic alternatives.” She released a statement explaining that “keeping the Personal Systems Group within HP is right for customers and partners, right for shareholders, and right for employees.”
Tony Fadell, the former leader of the development of the iPod and iPhone, has a new project. Are you imagining the possibilities right now? He’s remade the thermostat. Seriously.
Where does the future of cloud computing lie? According to Jeff Belk, the cloud is going to need some help, and its future is in our hands.
Steve Jobs was one of the most strategic leaders and innovators in tech history, but how are the sales of his new biography? As you could have guessed, it’s already topped the charts and doesn’t seem to be going anywhere.
They’re here. No, I’m not talking about ghosts. I’m talking about the new generation. Generation Y, a group also known as millennials, is entering the workforce and baffling employers and co-workers. It’s important to examine the topic of Generation Y and technology, considering that a study by the Pew Research Center found that 24% of millennials believe using technology is the factor that makes their generation unique, compared with the 12% of Generation X (the age group preceding Generation Y) who believe this.
According to a Bomgar Corp. survey, more than 80% of IT managers view Generation Y as different or very different from previous generations with regard to its technology expectations. What are these expectations? Bomgar found that 59% of Generation Y individuals feel that an acceptable wait time for IT support is 10 minutes or less. If you’re worried about Generation Y’s unrealistic IT expectations, however, rest easy with this finding: Of that age group, 74% gave their IT department a six or seven on a scale of one to seven, even with the gap between expectation and reality.
The Bomgar survey also found that 61% of Generation Y individuals first use resources other than company support for dealing with technology problems. Fifty-eight percent prefer chat or text messaging for their IT support communications, rather than the telephone.
Another link between Generation Y and technology is mobility. Generational dynamics expert Jessie Newburn says that if you ask Generation Y what productivity tool they could never do without, the answer you’ll get is smartphones. The answer from Generation X is computers. “They [Generation Y] see their prime ability to be productive and effective and communicative is in the realm of smartphones and things that move with them,” she says. This need for mobility will no doubt affect how technology tools are managed within the workplace.
Here’s an interesting tidbit from the Pew Research study: 83% of Generation Y individuals sleep with their cell phone on or right next to their bed. This statistic surprised me for a second — until I realized I’m part of that 83%.
Full disclosure: I’ve been an iPhone user since 2008 and I just bought my second iPad. So, I’m not bashing Apple products, and I’m not bashing iPhone users or users of Apple products in general.
However, as Bill Murray once said in Stripes, something is seriously wrong here. The new iPhone 4S and its Siri voice recognition software are getting very favorable reviews, and everyone I have talked to about Siri has nothing but good things to say about it. So, why do I dare to blaspheme?
It’s not the technology, it’s the message. As I’ve noted before, Apple has an irresistible power over its users. So, when in the new 4S TV commercials Apple shows several morons learning how to accomplish daily tasks by using Siri, I get a little worried. The message is, you can solve everything by asking Siri. My question is, why would you want to?
If I didn’t know better, I would say Apple is taking a subtle swipe at the intelligence of its customers and iPhone users. It’s a practice Microsoft created about a decade ago: We can give over our lives to software, which theoretically frees our minds to do more complex tasks. It could be a step toward the next phase of human evolution, or it could be the next step in the dumbing down of Internet users. But it’s not. It’s just a tool; and like any tool, it has its uses and its limits.
One final thought for companies that are thinking about a bring-your-own-device policy: If too many iPhone users start talking into their phones to accomplish their daily tasks, it’s going to send some people over the edge — like me.
Every week, we scour the Web and give you a rundown of the week’s best and brightest blog posts. This week we’re serving up some analysis about DevOps in networking, the brain’s preference in user interfaces, and the latest and greatest trends in cloud computing. Sit back and pick your pleasure.
Oracle has completed its sixth acquisition of 2011, purchasing cloud-based customer service provider RightNow Technologies for its motley crew of cloud services. We’ll see whether Amazon.com starts shaking in its boots, but it seems doubtful that this acquisition will affect trends in cloud computing.
If networks start to look like the cloud, does networking need its own DevOps movement? Stacey Higginbottom thinks so.
Something to consider for your next user-integration project: Computer voices are mostly female because our brains are wired to like them better. Unless, of course, it’s Morgan Freeman’s voice; then, all bets are off.
We’re all sick of those reports about the sky falling, but in this case, the sky is indeed falling. A German satellite has made an “uncontrolled re-entry,” crashing somewhere in Southeast Asia.
It’s been 10 years since Apple introduced the world to the iPod. The event was a new high-water mark for the company as it moved from being a boutique brand to a major player in the tech arena. IPods used to max out at 10 GB. They grow up so fast!
IT leaders should focus on simplicity, calculated risks and trends like cloud computing and desktop virtualization, advised analysts at last week’s Gartner Symposium/ITxpo.
Worried that the PC is dead? Rumors of its death seem to be greatly exaggerated. Even in a floundering economy, Intel’s quarterly results are better than those from Apple, which missed its Q4 earnings estimates.
Another major birthday: Ubuntu turned 7 this week. Mark Shuttleworth points out that the use of Ubuntu is one of the biggest trends in cloud computing.
Creative destruction. I’ve heard that term a lot this year, although it’s hardly a new concept. From what’s happening with the Occupy Wall Street madness to the pressure to innovate in the IT space. I always have a fanciful moment where I envision a CIO swinging a sledgehammer in the server room or maybe one of those Wile E. Coyote TNT push levers that blow everything sky high. If only it were that simple.
This week, SearchCIO-Midmarket.com writers Linda Tucci and Christina Torode are reporting from the annual Gartner Symposium/ITxpo in Orlando, Fla. Gartner’s top analysts are pushing creative destruction and urging IT leaders to “re-imagine IT.” CIOs need to take a step back and embrace a little imperfection, urges Gartner analysts. That’s easier said than done. Let’s face it: CIOs tend to be incredibly detail-oriented and precise. That’s part of what makes you so good at what you do. But creative destruction really embodies the notion that sometimes things get a little messy. And that’s OK.
“Most IT organizations have 70% or more of their time, money and mind share locked into reliability, keeping things going,” said Tina Nunno, vice president and distinguished analyst. “Yet demands for game-changing IT capabilities are growing every year. IT leaders must transform their businesses, products, services and value proposition to the external customer, and challenge traditional ways of thinking.”
Our editorial director, Scot Petersen, blogged about IT innovation and creative disruption this past March. In the post, he quoted Bryan Smith, CIO of Volvo Construction Equipment North America:
“I think of the process that either individuals or businesses go through of purposefully making the decision to do something in a different way, even though it might be disrupting a comfortable way of doing things,” Smith said. “Creative disruption is necessary, because it becomes so easy to say, well, we’ve always done it this way.”
Again, it comes back to serving the business and being a profitable business center. Gartner is pushing “people-centric design” to assist and enhance user experiences.
It’s difficult to really quantify those kinds of enhancements, though, so the other side of the innovation is also in figuring out a way to really show your CEO what a great job you’re doing. Remember how IT is perceived as being the TSA of the company? Perception is key.
So tell me, how are you putting your own spin on creative destruction? Have you been inspired by this Gartner Symposium/ITxpo call to action? Who has led by example in tearing down old systems while making the users stand up and cheer? The comments are hanging on your every word.
WASHINGTON, D.C. — Here at the ARMA International 56th Annual Conference and Expo, records information managers cringe a little when their Generally Accepted Recordkeeping Principles (GARP) get mentioned with the words “The World According to…” in the same sentence.
The reference to John Irving’s masterpiece novel is a bit tired, true, but more and more, GARP’s tenets are really becoming a worldwide practice.
GARP is practiced in about 15% of companies, according to Gartner vice president and distinguished analyst Debra Logan, who spoke here on GARP this week. That’s small compared with GARP’s cousin, GAAP — the Generally Accepted Accounting Principles — upon which GARP is based, according to Diane Carlisle, deputy executive director and senior director of content development at ARMA International. But GARP use is growing.
This week ARMA took GARP a step further by announcing the GARP Assessment, a set of tools that will enable companies to measure themselves against GARP. It should go a long way to spread GARP around the world, just in time for the onslaught of data that companies are now dealing with.
Here’s what you may have missed last week while you were standing in line to get your new iPhone 4S or waiting for your email during the cataclysmic BlackBerry outage:
• As anyone with a BlackBerry is already well aware, Research In Motion suffered a major BlackBerry outage, lasting most of last week. However, they’re very, very, very sorry, according to a video apology from co-CEO Mike Lazaridis.
• Still mystified by social media and how you can use it to protect the reputation of your company? Check out these four ways that CIOs can get involved — they’re all pretty painless.
• Add this to your DVR: The Mythbusters are going to explore the mythos of Steve Jobs this Sunday.
• Do you get so sick of hearing about cloud this and cloud that, and it all starts sounding the same? There certainly is one thing that practically all cloud computing has in common: They use almost identical cloud icons. No, really.
• After a one-two punch to Netflix’s consumer reputation followed by a slow death plunge of its stock price, Lance Ulanoff wonders if it’s time for Netflix CEO Reed Hastings to take the fall.
• If you’re wondering why you can’t get Siri to work on your new iPhone 4S, it might be because you disabled it, accidentally. Whoops! Stephen Fosketts has the scoop on getting Siri back on the job.
• To make up for last week’s major BlackBerry outage, subscribers will be able to download $100 worth of premium BlackBerry apps for free. Can Bejeweled, Texas Hold’Em Poker and Sims 3 really soothe hurt feelings over a BlackBerry outage resulting in almost a week of lost productivity?
As any CIO knows, you must be prepared for just about anything. Hurricanes in Vermont? Sure. Earthquakes in Virginia? You bet. But many CIOs forget about one very obvious hole in their disaster mitigation strategies: an uprising of the undead. In the spirit of Halloween, let’s think about how your data center disaster recovery plan will stand up to the unlikely event of a zombie apocalypse.
Now that the CDC has updated its Zombie Apocalypse guidelines, CIOs are beholden to take the burgeoning waves of undead very seriously. (OK, maybe not that seriously.) Can you imagine trying to explain to your shareholders why your data center disaster recovery plan was foiled by the scourge from the grave? Or how your IT admin attacked and ate your user base? That’s a black mark on just about anyone’s resumé.
As all viewers of AMC’s The Walking Dead know, when zombies come into town, you almost certainly will lose electricity. Of course, because you’re a smart CIO, you’ve already installed an uninterruptible power supply that’s able to handle the load of keeping everything up and working. Your generator has been recently tested and is strong enough to power the data center. And if you’re really clever, you’ve had the forethought to make sure that the generator can start up automatically, since no one is going to want to brave the random zombies milling around in the office’s back parking lot (or wherever the generator is stored) just to get the servers moving. If anything, the undead event will be a great test of just how power hungry your data center really is. In fact, hindsight is always 20/20, and this just might be the push to move toward solar-power generation and green data center cooling techniques, like the oil-submerged servers we covered last month.
Assuming that your employees are hiding in their basements and attics, waiting out the ghoulish invasion, it would be nice if they could brave the hours by checking their email with their mobile devices or even get some work done by accessing their virtual remote desktops or with a thin client on their iPad. This, of course, will be possible because you’ve already taken the precaution of diligent remote data backups in case the invaders have already made it into the corporate offices (Probably through that door by the cafeteria. It never closes right.) Of course, everyone who has ever watched a zombie movie knows that you can only count on the elements within your own control, so if you bank on cloud service providers, you also have a cloud backup and recovery plan for when their headquarters are overrun by creatures searching for braaaaaaains.
All fun aside, there’s still time in 2011 to test your disaster recovery plans and make sure that you’re shipshape and can withstand anything. Whether it’s a disaster of movie monsters or something as natural as a flood or an earthquake, George A. Romero taught us an important lesson: it’s that only the lucky and the prepared truly come out of a disaster unscathed.
There have been many timelines, retrospectives and other examinations of Apple founder Steve Jobs’ career, aka the Steve Jobs Way, and it would be a waste if we don’t learn lessons from him about how to run businesses going forward.
Jobs’ legacies include the company itself, its products and its loyal user base. Along the way, Jobs and Apple also developed a strong hater community. One of my friends, a devout PC user and administrator, had a simple reason why he didn’t like Apple: “They tell you how you’re supposed to work with your computer,” he said.
That’s true. The closed paradigm of the Mac shut out three quarters of Apple’s potential users, developers and other partners. No one will get through business school if they espouse the idea of not giving customers what they want.
Yet, the Steve Jobs Way embodied that philosophy and built it into one of the most successful and influential companies in history. He avoided market research, saying, “A lot of times, people don’t know what they want until you show it to them.” Jobs took risks and trusted his gut more than anything else, then saw his vision through to completion.
This worked because the user community built around Apple wanted what Steve Jobs wanted them to have, and trusted him to deliver (yes, there have been misses, but many more hits, especially in the past decade). Still, what are we to learn from this?
It would be dangerous to try to emulate Jobs to the letter, because the one thing that really separated Jobs from the rest was unique to him: his intuition. Yet, true innovators will have to try in their own way, or else, without taking risks, disruptive innovation will never happen.