As Dell rushes to plant flags in the IT services market, CIOs who have a relationship with SonicWall, Clerity, Wyse, Make Technology or AppAssure might be hesitating. After all, Dell undoubtedly will guarantee that those companies’ engineers have a 365-day lock-in period; but there is certainly a risk of brain drain if those engineers take flight as soon as they’re legally able to jump Dell’s corporate ship. The funny thing about people who work for smaller IT shops and startups is that they tend to treasure their indie street cred and might roll their eyes when handed a Dell polo shirt at a massive company picnic.

The good news for Dell is that the mergers are absolutely a good thing for Dell clients. They get access to a broader spectrum of technologies and the vendor is standing strong against the unceasing tide of Hewlett-Packard, IBM and Cisco techno-diversity. However, CIOs who are focused on preserving customer and vendor relations might find themselves considering a move to a different provider. For instance, when Dell scooped up SonicWall, so many of SonicWall’s customers and partners switched customer and vendor relations to other data protection providers that Dell pleaded with those groups to give Dell a chance.

What do you think? Does the rush of Dell acquisitions concern you as a current Dell customer or perhaps a customer of one of the companies Dell has acquired? Should current customers be concerned about their existing and future vendor relations? Sound out in the comments, and let’s discuss the pros and cons of the Dell acquisitions sweeps week.

The panel of technology vendors tried to assuage fears that security issues could hinder cloud opportunities. One panelist compared the situation to online banking: What once was unheard of is commonplace now.

Still, adoption has been slow — and not coincidentally, because health care is an industry where data privacy has to be part of the fiber of its being. And if the state of security in health care is any indication, the industry has more pressing problems than deciding whether it should go cloud.

That could be the problem, however. Despite the myths about the cloud, maybe it’s where some companies can find more security than they are currently able to enforce themselves. For more information on strategies for making cloud the next step in your enterprise and security strategies, check in on the SearchCompliance.com cloud security virtual seminar Wednesday, Dec. 7.

“Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.”

 How bad is this? The NVD has scored it 10 out of 10. This isn’t Jabba the Hutt bad or even Darth Vader bad — it’s The Emperor of all Java Vulnerability bad.

 Java is historically a bit of a screen door for corporations in the first place. It doesn’t use the same engine for updating as Windows or Adobe Flash do, and the Java software update tends to get overlooked by IT. Considering that it’s a huge, overreaching software that affects users of Windows, Linux and Mac OS X, it’s the perfect opportunity for malicious programmers to exploit and “weaponize.” Even if you deployed a Java software update in mid-October, you might still be at risk — JRE 7 and 6 Update 27 and earlier are still at risk, according to security expert Brian Krebs.

Krebs managed to sneak into one of the exclusive hacker cybercrime communities and obtained a hacker video demonstrating how the hackers can exploit the Java vulnerability. It’s worth checking out, if only to see exactly how the criminals can easily take control of your users’ machines.

And of course, it would be worth the time to take a peek at your Java software update and make sure that your users aren’t going to accidentally stumble on an infected page or ad while using Mozilla Firefox or Internet Explorer — especially if they are still using Windows XP. There’s no time like the present.

Dr. John Halamka, CIO at Beth Israel Deaconess Medical Center in Boston, issued a wake-up call in a recent blog post: “If attacks are escalating and our existing tools to prevent them do not work, what must we do?” he wrote. “Alas, we must limit inbound and outbound traffic to corporate networks.”

BIDMC will start restricting access on a limited basis to see if that reduces the amount of malware in its network. Halamka goes on to say that the next step could be whitelisting, which will enable users to visit only authorized websites and will block personal email accounts.

It’s surprising that Halamka, who is known as a technophile’s technophile — the “Geek Doctor” — has come to this conclusion; but since he has, there’s no doubt that much more conservative IT managers are thinking the same thing. In many workplaces, the outcry against restrictive use policies will make Occupy Wall Street look like a meeting around the water cooler.

I have to admit that, despite many IT managers’ efforts to enforce policies and to educate users on security and malware prevention, the average IT user still is woefully ignorant of the effects of his or her Internet usage. Is it time to take users to the woodshed and teach them a lesson once and for all? Maybe, but such a policy should be exercised carefully and with role-based restrictions, because the productivity drain could cost a company more than a security breach ever would. It also could create anger, frustration and yes, even depression, among users who have become used to open access.

As Halamka writes, “It’s truly tragic that the Internet has become such a swamp, especially at a time that we want to encourage the purchase of consumer devices such as tablets and smartphones.”

Yes, it is. And maybe this wake-up call will really begin to transform employees into responsible Internet users. All I can say is, it had better.