CIO Symmetry


January 16, 2009  3:15 PM

Is a Windows 7 migration inevitable for XP users?

EditorAnne Anne McCrory Profile: EditorAnne

So Windows 7 is out in beta. My colleague Mark Schlack took it for a test drive and wasn’t impressed (see Windows 7migration: First thoughts). Yet at some point, if you’re still a Windows XP user, you’re probably going to have to plan a Windows 7 migration, unless you decide to start now and go for Vista (Win7 won’t be out before the end of the year, at the soonest). Windows XP support starts to wane in April, and by 2014 it ends entirely. Gartner recommends you make your switch by 2012.

Now some XP users told our reporter Christina Torode that they’re sitting tight (see Windows XP users weigh dwindling support vs. Windows 7 migration). Some expect Microsoft will extend those Windows XP support deadlines due to customer pressure. I’ve certainly met many more midmarket CIOs who remain with XP than those who have gone through a Vista migration. Very few see anything worth migrating for.

Yet if Microsoft sunsets XP as planned, they’ll all have some re-engineering to do. Windows 7 is built on the same kernel as Vista, so if your apps won’t work on Vista, you’ve only bought yourself some time, not a pass on re-engineering. Unless, of course, you are going to explore some Microsoft alternatives.

So XP users, unite: Are you going to clamor for extended support? Plan for a Windows 7 migration now? Start to work in Vista machines as you upgrade your hardware, as one analyst recommends in our article on migration tips? Go Linux? Let’s discuss.

January 8, 2009  10:35 PM

Should midmarket companies have one virtualization environment?

mschlack Mark Schlack Profile: mschlack

A lot of budget-strapped CIOs are going to be telling their systems and storage directors to take another look at consolidation this year. These days, consolidation means virtualization. Only recently, that mainly meant VMware ESX. That is still the weapon of choice for many reasons, but suddenly Microsoft actually has a competitive product.

After a pretty feeble offering with Virtual Server 2005, Microsoft went the hypervisor route and now offers that as a built-in feature (excuse me, a “role”) on Server 2008 Enterprise Edition. Make that your base install and you can then put any version of Windows and some versions of Linux in VMs on the same box. I’ve been playing with it on a quad-core AMD box with 8 gigs of memory and hey, it actually works! Two years ago, Hyper-V vs. ESX was a silly conversation about marketing. Now you can actually start to compare them and make decisions about how to use them.

In my case, I put three guests (a domain controller, a file server and one just idling while I figure out System Center Essentials) on Hyper-V without the box breaking a sweat. More to the point, I didn’t break a sweat, either. Even a non-MCSE guy like me could do it. No muss, no fuss. If you have admins who can install and configure Windows Server, they can work this.

There are a lot of holes in the Hyper-V story. As of 2009, it’s not going to get you close to a fully dynamic data center. You can’t move VMs around willy-nilly. There aren’t the same kind of admin tools for DR or test/dev labs or many other of the niceties that VMware and many third parties now have.

Pricewise, it might not be that big a bargain, either. Enterprise Edition can run you as much as $3,999, which isn’t very different than buying VMware VI3 and one copy of Server 2008 Standard. The devil will be in the details of your volume purchase agreements as far as that goes – depending on the support agreements, VMware could actually cost less. Eric Seibert on Server Virtualization Blog recently remarked that the many differences between the products makes comparing them, especially from a cost point of view, an apples-to-carrots comparison.

As for performance, I haven’t seen any face-offs yet between Hyper-V and Server 2008. But if you’re trying to quickly collapse a lot of low-effort servers, maybe you don’t care about the ultimate in benchmark scores.

So it comes back to what it often does when choosing between Windows and something else: familiarity, integration and ease of use. In midmarket companies, you can’t always afford overspecialized IT staff. Maybe you don’t have budget or headcount for VMware specialists. Maybe you’d rather use your existing ESX licenses for more hard-core uses like email and ERP. Maybe you want to use similar tools to manage your physical and virtual servers.

The point is, CIOs will want to take a close look at the tradeoff between having one virtual environment (whether that’s Microsoft or VMware) or tiering their virtual environments. And finally, they have a reason to do that.


December 19, 2008  3:58 PM

Vendor gifts: Holiday cheer or ethical dilemma?

Kristen Caretta Kristen Caretta Profile: Kristen Caretta

Twas the night before deadline and all through the office,
we worked with our heads down, appeasing our bosses.
But what to my weary eyes should appear?
The USPS delivery, bringing vendor-purchased cheer!
Brown, unmarked boxes of who knows what,
Cookies? Chocolates? Kitsch that is haute?

‘Tis the season! The lights, the cheer and, for some, the vendor gifts.

In the name of the holidays, vendors will often promote goodwill (future sales?) by giving gifts to employees they have worked with. Although thoughtful, some gifts can raise ethical and moral issues. For example, an extravagant gift could make the recipient feel a sense of obligation. You certainly don’t want gifts hampering employee objectivity when making purchasing decisions or recommending products or services to clients and users. You have an obligation to consider your company’s – not your own — best interests (as well as those of consumers or people looking to you for advice).

Most companies have strict human resource policies about what is considered a gift, what dollar amount needs to be reported to the company, what needs to be sent back (What, no spa weekend?!), etc. For some industries (such as health care) the giving and receiving of gifts can raise certain implications concerning the appropriateness of medical treatments given to patients and at what point the gift starts looking like a bribe.

So, how do you differentiate between a possible bribe and a simple thank you? Use common sense, read up on your company’s policy and if you find yourself in a gray area, it’s always best to check with your HR department.

With that said, you may not even really want what your vendor is sending you. Here are some examples of vendor gifts my colleagues have received and kept over the years (whether they wanted to or not):

  • A large, corned beef-style chunk of buffalo.
  • Electric ice cubes (sounded dangerous to me, although she swears by ‘em).
  • A bottle of chocolate wine (yes, it was alcoholic).
  • Mr. Potato Head.
  • A box of mixed nuts doubling as a business card holder.
  • A red velvet blanket teamed with Godiva hot chocolate (?).
  • A bottle of whiskey. Period.
  • A gift card for either a facial or a body wax at a local spa (No further comment necessary).
  • Steaks. Packed in ice.

Feel free to send along any strange, interesting, bizarre and random vendor gifts you’ve received (or sent).

Share the gift of laughter



December 16, 2008  4:09 PM

IT budgets should include agility and innovation in light of recession

Kristen Caretta Kristen Caretta Profile: Kristen Caretta

We’re almost at the end of 2008.

Finally.

It’s been a year of cutbacks, layoffs, crashes and downturns. We’ve started using the word recession and are planning 2009 budgets accordingly. So, what happens next year? Forrester Research recommends investing in agility and innovation to accelerate out of the downturn, in a recent CIO-geared webinar presented by Forrester principal analyst, Bobby Cameron.

While interacting with IT executives on budgets and planning, Forrester found that 21% expected their budgets to either grow or stay the same in 2009. But most are anticipating a stagnant or cut budget and have moved into one of three planning scenarios: cutting, anticipating cutting or keeping their options open.

Although Forrester found that most companies are focusing on traditional cost-cutting tactics (such as using low-cost resources, eliminating large-sized efforts and focusing on short-term returns), it has seen some firms choose an alternate path — investing what they can into agility and innovation.

Why? Agile companies (those that can rapidly shift suppliers, trading partners or markets) are more likely to navigate through failing firms and slow economies. Companies investing in innovation will look for new business models and product/service offerings (alongside operational improvements) instead of just hunkering down.

When investing in agility, Forrester says, companies should focus on flexibility. For IT, that means applying SOA and creating flexible external interfaces to data and systems so that companies can more easily shift or change contractors, suppliers or partners. Innovation investments, such as utilizing Web 2.0 technologies to establish and spread ideas, can positively affect core business strategies by engaging internal and external sources in meaningful dialogue – without over-extending budgets.

There is no all-encompassing recipe for success, and Forrester recommends addressing the downturn based on current situations and industry:

  • Those already cutting budgets should execute on those plans to cut, while preparing to make deeper cuts if things don’t turn around. They should also consider investments in agility and innovation, but only if there is enough breathing room.
  • Companies anticipating cuts should invest in agility and innovation, keeping the commitments small and the returns short-term.
  • And those companies keeping their options open should pursue agility and innovation aggressively to maintain company health and leadership.

Keep your heads up – most pundits are expecting a leveling of the economy by the end of 2009. Are you ready for another 12 months?


December 9, 2008  9:11 PM

Recent FBI vishing scam warning an old issue

Kristen Caretta Kristen Caretta Profile: Kristen Caretta

Last Friday, the FBI issued a warning about a security vulnerability that could be used by cybercriminals to make vishing telephone scams.

Vishing (combining phishing and voice) uses Voice over IP (VoIP) features to gain access to company information. In this case, the flaw was found in a free and widely used open source toolkit – Asterisk.

According to a posting on the Internet Crime Complaint Center, hackers who gain access and exploit the Asterisk flaw can potentially auto-dial thousands of people in an hour.

Security risk news spreads like wildfire and the FBI vishing warning was no exception — bloggers everywhere began weighing in. It was quickly learned, however, that the security scuttlebutt was actually an old issue.

According to a Digium blog post, the bug was originally found in March (AST-2008-03, a SIP guest permissions problem) and was patched for 1.2 and 1.4 versions of the software (1.6 releases were not vulnerable). The bug did not allow the arbitrary setting of caller ID and would work in only a limited set of circumstances.

It sounds quite similar to the telephone scams already known, no VoIP hacking necessary! The Federal Communications Commission already warns us about everything from the Mexico Collect Call Scam to the 90# Telephone scam.

Just another reminder to keep your information safe by making your passwords safer … and do your homework before going off on new exploits.


December 5, 2008  2:46 PM

Bank of America rolls out new secure online banking tool

Kristen Caretta Kristen Caretta Profile: Kristen Caretta

Bank of America has introduced a new security feature for customers – the SafePass Card. Adding more protection to transactions, the SafePass Card is Bank of America’s next layer of secure online banking.

Smartphones are being used as digital wallets, mobile online banking is occurring more frequently and Wi-Fi access points are turning into cybercrime hotbeds. The Georgia Tech Information Security Center’s Emerging Cyber Threats Report for 2009 cited malware, botnets, cyberwarfare and threats to VoIP and mobile devices as the top security threats to be aware of – all of which aim to steal your data.

It’s no wonder one of our largest banks is looking to provide more online peace of mind. With keystroke loggers infesting email, IM and (the recently popularized) infected links on social networking sites, cybercriminals can steal your two-step login information and gain access to your account. For customers wanting added protection, the SafePass Card generates a six-digit, one-time pass code, necessary to complete online transactions. Customers can either receive the pass code via text message or by purchasing a wallet-sized card ($19.95) that generates the code (think chip and pin meets Magic 8 Ball)

And who wouldn’t want more secure online banking? Malicious programs are on the rise and many companies are not prepared for them. Naspera Networks recently issued the results of a corporate network security survey. Two hundred small and medium-sized enterprises answered a series of questions probing them on network security and potential threats. According to the results, most companies surveyed were not as secure as they could be (or wanted to be). What were the networks’ weakest links? Respondents cited as the primary offenders computers not kept up to date, Wi-Fi security and encryption practices, unknown threats from mobile workers and laptops, an increased need to provide guest access and an overall lack of policy governing endpoint security.

The SafePass is a step in the right direction. Just don’t lose the card … or your mobile phone.


December 1, 2008  7:27 PM

Protect that Facebook profile: The risks of social networking sites

Kristen Caretta Kristen Caretta Profile: Kristen Caretta

Facebook is keeping people linked together both personally and professionally. Knowing that, it’s important to keep an eye on the security of your accounts on social networking sites — and the integrity of your online persona.

Facebook won an $873 million judgment against Adam Guerbuez of Montreal, after suing him for spamming Facebook users with sexually explicit messages. Guerbuez hacked into member profiles using phishing tricks to get users to give up their login details. Once in, Guerbuez used the compromised profiles to send out mass messages (4 million) to friends of friends.

My first thought when I heard about this: What if my account had been compromised and, as a result, my boss (and Facebook friend) received messages from my account touting male enhancement pills? That would certainly not be cool, Guerbuez. No poke for you.

One may ask why I would be Facebook friends with my boss — Facebook, the sacred, secret window into my personal life, littered with an assortment of pictures, wall posts and (dare I say it) “bumper stickers?” I keep it clean on my Facebook profile and usually follow the “don’t friend me, I’ll friend you” credo. I have noticed more and more people opting to have two Facebook accounts (although Facebook expressly forbids multiple profiles) – a personal one and a professional one. I have considered this myself but then thought, don’t I have a LinkedIn account for that? Furthermore, if someone searches for someone and finds two Facebook profiles (one with a Sears-style profile picture and one including a tequila shot-athon — both pictures clearly of that person) it may look a bit sketchy. Or smart?

Today, it’s especially important to keep it clean on Facebook – 22% of hiring managers check social networking sites before hiring someone. This number has doubled since 2006 and will continue to increase as an additional 9% of hiring managers plan on screening applicants online in the future. On top of that, 34% of the managers who screen have dropped candidates from their lists based on what was found in their profiles.


November 26, 2008  4:05 PM

Black Friday and the prospect of e-commerce site crashes

EditorAnne Anne McCrory Profile: EditorAnne

 

Ah, ’tis the season of good cheer – and omens for e-commerce site crashes alike! A retail industry site I’ve grown fond of, Evan Schuman’s StorefrontBacktalk, is predicting chaos in the land of online shopping as a result of rushed IT projects, more customer handoffs for functions like payment and shipping (PayPal, FedEx and the like) and integration with other third parties (Facebook, MySpace) where transactions can run into trouble.

While this is no laughing matter for an industry and an economy hovering on the brink, the site’s editors seem to be rubbing their hands at the prospect of some hot news stories, come the day known as Black Friday.These editors have launched a Twitter feed in which they’ll blast news of any site crashes or slowdowns, which will serve either to vindicate their predictions or, more optimistically, show that the retail engine is all tuned up for the marathon month ahead. So we’ll see – I’ve signed up for the feed and will update this blog as news unfolds (or, doesn’t). In the meantime, here’s something to be thankful for: that your transaction processing, load balancing and Web services aren’t quite so visible to the public eye.

 


November 26, 2008  3:09 PM

Cyber Monday shopping slowing down the company network?!

Kristen Caretta Kristen Caretta Profile: Kristen Caretta

Will Cyber Monday holiday shoppers hog all the bandwidth?

A recent Maritz Poll showed that expected Cyber Monday shopping is up from 20% last year to 26% this year.

According to the National Retail Federation’s eHoliday Survey, 84% of online retailers will have special Cyber Monday sales, up from last year’s 72%. Shopping dollars will undoubtedly be wisely spent this season, and retailers everywhere are competing for the sale.

With the online deals presumably drawing in more shoppers, will company networks feel the stress? Nearly 56% of workers plan on shopping online while in the office this year. According to a BIGresearch survey, 70% of people between the ages of 18-34 with Internet access will shop from work, with men being the ones most likely to shop (60% of men vs. 51% of women).

But will people really wait until Monday to start their online shopping forays? More households have high-speed Internet connections, eliminating the need to use office network connections on Monday. The online deals, however, may be the reason people hold off — so a spike in Web traffic over company networks is likely to occur.

 


November 21, 2008  4:15 PM

Recession or not, we can still give thanks for technology

Kristen Caretta Kristen Caretta Profile: Kristen Caretta

Years ago, writing a “grateful” journal was all the rage. Helps to keep things in perspective (at least, that’s what Oprah told us). So, given that it’s been such a tough year for business, I thought I’d step back and see what I could find to be thankful for. Here’s my list.

5. I’m thankful for the idea of a Microsoft-free world (not that it would ever happen.) But, finally I see business ready for some changes in the technological hierarchy, experimenting with open source applications and operating systems. Mozilla Firefox and Google Chrome are fiercely competing with Internet Explorer – and are holding their own. It may be a long road, because legacy programs die hard, but the possibility is on the horizon.

4. I’m thankful for GOOGLE and its ability to just keep getting it right. The search engine giant with incredible apps (for both business and pleasure) introduced the G1 Google phone this year. Google is taking on Apple and Microsoft with browsers and search engines – and is now competing in the mobile device ring, welcoming open source applications. I must also thank the company for providing us with small-talk topics (“So, have you tried out the new Google Goggles?”) and connecting us with our peers on GTalk.

3. I’m thankful that we had a real example of how Web 2.0 and social networking could change the world. We saw the impact social networking and the Web generation had when it came to the election. Text messaging, Facebooking, blogging and Twittering were used by the masses to connect and promote – creating quite a stir and forever changing the way candidates campaign. From online health records to wikis, we are using the Web to manage our lives and keep us informed.

2. I’m thankful we’re all more aware of security risks. This year we’ve experienced everything from the San Francisco network lockout to concerns about VoIP and unified communications. The Emerging Cyber Threats Report for 2009 warns us of an even rockier future – estimating that 15% of online computers will be botnet-affected this year. There are no rose-colored glasses for looking at security – we know the risks.

1. I’m thankful that despite the economy, technology continues to flourish and companies continue to innovate. Even though budgets are getting cut and IT innovation is becoming more difficult, people are making it work. Costs can be cut by moving to green IT, virtualization and SaaS applications. Not too shabby

If my glass-half-full approach didn’t satisfy your appetite, check out this year’s list of tech turkeys compiled by Rachel Lebeaux, associate editor of SearchCIO.com.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: