Comment (1) Visits (10569)
Normally, when EMC fails, it is worth a giggle. Companies are run by humans, and nobody is perfect. However, their latest one, failing to defend their RSA SecurID two-factor website, is no laughing matter. Breaches like this undermine the trust needed for business and commerce to be done with Information Technology, so it affects the entire IT industry.
(FTC Disclosure: I do not work or have any financial investments in either EMC nor ENC Security Systems. Neither EMC nor ENC Security Systems paid me to mention them on this blog. Their mention in this blog is not an endorsement of either company or their products. Information about EMC was based solely on publicly available information made available by EMC and others. My friends at ENC Security Systems provided me an evaluation license for their latest software release so that I could confirm the use cases posed in this post.)
Of course, EMC did the right thing by making this breach public in an [Open Letter to RSA Customers]. While this may affect their revenues, as clients question whether they should do business with EMC, or affect their stock price, as investors question whether they should invest in EMC, they were very clear and public that the breach occurred. As far as I know, none of the executives of the RSA security division have stepped down. The disclosure of the breach was the right thing to do, and required by law from the [US Securities Exchange Commission]. This law was created to prevent companies from trying to hide breaches that expose external client information.
The breach does not affect RSA public/private key pairs used by IBM and most every other large company. Rather, this breach was targeted to RSA SecurID two-factor authentication. I explained two-factor authentication in my blog post [Day 5 Grid, SOA and Cloud Computing - System x KVM solutions], but basically it is an added level of security, requiring something you know (your password) with something you have (such as a magnetic card or key fob). Both are required to gain access to the system.
Breaches happen. Recently, [Hackers found vulnerabilities in the McAfee.com website]. Last month, fellow blogger Chuck Hollis from EMC had a blog post on [Understanding Advanced Persistent Threats (APT)] in the week leading up to their RSA Conference. It was precisely an APT that hit RSA, so the irony of this breach was not lost on the blogosphere. Perhaps Chuck's blog post gave hackers the idea to do this, like saying "I hope terrorists don't bomb this building that hold all of our chemical weapons..." or "I hope bank robbers don't rob this repository where we keep all the cash..."
(The sinister counter-theory, that EMC staged this breach as a marketing stunt to undermine trust in hybrid or public cloud offerings, such as those offered by IBM, Amazon or Salesforce.com, offers an interesting twist. While computer breaches in general are fodder for [Luddites] to argue we should not use computers at all, this particular breach could be used by EMC salesmen to encourage their customers to choose private cloud over hybrid cloud or public cloud deployments. Given all the extra work that RSA SecurID customers have to now do to harden their environments, that would be in bad taste.)
Over on Mashable, Simon Crosby argues [Why the Cloud Is Actually the Safest Place for Your Data]. I am sure we have not heard the last of the implications of this RSA breach. For now, I have two recommendations for you.
Advanced Persistent Threats, viruses and other malware are no laughing matter. If you are concerned about security, contact IBM to help you assess your current environment and help you plan a robust protection strategy.
Did you miss IBM Pulse 2011 in Las Vegas?
Next week, April 6, IBM will host the [Smarter Computing Virtual Event] to cover IBM's Smarter Computing initiative, with key themes of Smarter Computing - Big Data, Optimized Systems, and Cloud. Smarter Computing is a new and innovative approach to computing based on the evolving role of IT in your business and an intrinsic understanding of the economics of IT.
(I found it amusing that EMC has chosen two of IBM's themes, "Big Data" and "Cloud", for their upcoming EMC World 2011 conference. I was tempted to include their graphic, but people might have accused me of using Photoshop or GIMP to make EMC look bad. Instead, you can look at the graphic on this blog post titled [When Cloud Meets Big Data: Information Logistics Revisited] by fellow blogger Chuck Hollis from EMC. IBM has been a leader in IT for decades, so we are used to having other companies follow in our footsteps. As an [IBM wannabee], EMC is no different.)
For many on tight travel budgets, this event REQUIRES NO TRAVEL! This is a virtual event, You can participate from your desk. You will hear from key IBM executives, all of which I have heard speak myself, so I can vouch that this should be a good event.
This event is targeted to CIOs, IT Directors and Managers, Business Analysts, Systems and Storage Administrators, and DBAs. However, we don't check what your actual title is, so feel free to attend even if you have different job responsibilities.
I am giving you one week's notice for this event. If this is the first time you have heard of this event, then I hope that is enough time to plan for this event in your busy schedule. If you had heard of it already, perhaps this serves as a useful reminder to [Register Now!] Is a week ahead the right amount of time? For virtual events, do we need more or less advance notice? What about for events that involve travel? Feel free to enter your thoughts on this in the comments section below.
Last night, I presented an E-Talk to the Engineering Student Council (ESC) of the University of Arizona (UofA).
The ESC is the student governing body of The University of Arizona’s College of Engineering. The organization works with scholastic honorary societies, professional organizations, and project clubs to aid and encourage the professional and social development of students. This year, ESC launched a new program, Engineering Talks (E-Talks), consisting of workshops and lectures, which will focus on teaching students what it takes to work within a company, before they enter the workforce. To make this program successful, career advice from professionals working at established companies is essential.
The audience was a mix of undergraduate and graduate engineering students from a variety of disciplines, such as Petroleum, Hydrology, Mining, Biomedical, Electrical and Computer Engineering. Only a few were graduating this May. There were roughly an equal number of boys and girls, which was encouraging. When I was an engineering student at the UofA, women engineers were very rare.
I divided my talk into three sections.
After the Q&A, several students stayed around afterwards to ask questions. This seems to happen every time I give a presentation to a mixed audience. I handed out plenty of business cards, and offered to make the charts available to all the students via the IBM Expert Network on Slideshare.net website.
Last's weeks webcast [How to Diagnose and Cure What Ails Your Storage Infrastructure] drew 208 attendees!
Before we started, we asked the first survey question: "How is storage planning conducted in your shop?" Of the various responses, nearly four out of ten responded "Part of an overall IT infrastructure strategy".
Jon Toigo went first, and spent 20 minutes or so laying out the problem as he sees it. Jon travels all over visiting customers struggling with their storage infrastructures, so he gets to hear a lot of this first hand.
I then spent 20 minutes or so presenting IBM's vision, strategy and offerings to help solve these problems. I could speak for hours on this topic, but we kept it short for this one-hour webcast. To learn more, request a visit to the Tucson Executive Briefing Center.
At the end of my talk, we put out the second survey, asking the audience "What is your number one priority with respect to storage operations today?" Over one fourth of the attendees were focused on reducing storage infrastructure cost of ownership by any means possible.
I am glad we saved the last 15 minutes for Q&A, as there were a lot of questions.
The replay is now available. If you attended the event and want to hear it again, or want to share it with your colleagues, or you missed it and want to hear it, then [Register for the Replay].
Comments (4) Visits (19790)
Hana Hu from Digitimes has a great summary on [how the Japan earthquake will affect the four major Hard Disk Drive (HDD) manufacturers] that supply IBM and other storage vendors.
A reader from New Zealand expressed concern some corporate bloggers were [using the earthquake for marketing]. He lost someone close to him in Christchurch, and is unable to reach a friend living in Japan, so I am sorry for his loss. I plan to be in Australia and New Zealand to teach a Top Gun class May 15-27, so hopefully I will be able to meet him in person when I am down there.
Several readers sent me Felix Salmon's [Don't Donate Money to Japan] counter-argument. Here is an excerpt:
"Earmarking funds is a really good way of hobbling relief organizations and ensuring that they have to leave large piles of money unspent in one place while facing urgent needs in other places. ... Meanwhile, the smaller and less visible emergencies where NGOs can do the most good are left unfunded.
Another reader mentioned that the last surviving American WW-II vet died the same week. WTF? IBM and Japan have been allies for quite a while now, and there is no reason to bring up past wars except to compare the scope and magnitude of the cleanup effort. (Update: Frank Buckles was the last surviving WW-I vet, but also served in WW-II).
Many readers felt that charity begins at home, and there are plenty of worthy causes right here in the USA to donate to instead. Inspired by last year's movie [Waiting for Superman], my girlfriend started a project called [Centers for My Super Stars] for her first grade class on DonorsChoose.org. For those not familiar with this website, DonorsChoose.org uses the cloud to connect school teachers in need of supplies with rich people to donate funds towards these projects. If you want to contribute to her project, [donate here].
Lastly, readers pointed me to Frank Deford, who said this on [his weekly spot on National Public Radio]:
"And speaking of class, there just happens to be a baseball team in Sendai, Japan. The Golden Eagles. Their stadium was severely damaged from the earthquake. Wouldn't you think some of them lug nuts who run American baseball would bring the Golden Eagles and their opponents over to the United States when the Japanese season starts -- play some games over here and raise money to help the Japanese? Wouldn't you think they could just once stop that national pastime stuff and help the international pastime?"
As you can see, different readers have different opinions on this. We are all on this world together, and both our economy and our ecology are more interconnected than you might think. Let's build a smarter planet.
IBM announced that it will offer [three free months of IBM Smart Business Cloud] computing and storage services to government agencies, charitable non-profit organizations, and other organizations involved with reconstruction resulting from the earthquakes and tsunami in Japan and the northern Pacific region.
With traditional communications down, and many data centers incapacitated, Cloud Computing can be a great way to resume operations. According to the announcement, organizations can submit their requests now until April 30, and the program will run until July 31, 2011. Options include:
Comments (2) Visits (12105)
When I turned on the television last weekend, I saw large waves of water knock down rows of small houses. I thought I had caught the end of a bad Godzilla movie, but sadly it was not movie special effects. Mother Nature can be quite destructive. Over the past four days, Japan has been hit hard by a series of earthquakes and resulting tsunami.
(Note: Disasters can happen anywhere and at any time. Last month, New Zealand had an earthquake as well. It is best to always be prepared. If you haven't done so lately, check out the latest recommendations from the US Government [Ready.Gov] website.)
Several have asked me how this tragedy in Japan might affect IBM and its clients. Here is what I have gathered from various sources. All IBM Japan employees have survived, are safe and reporting no major injuries. IBM has four major facilities, near central part of the country around Tokyo, far from Sendai, the epicenter. All IBM buildings are still standing and operational. A few sections of Tokyo are affected by scheduled brown-outs in an effort to save electricity. Employees are asked to telecommute (a.k.a. work from home) to minimize traffic congestion.
I have been to Japan many times throughout my career. Back in the summer of 1995, IBM sent me to Osaka to help out clients in the aftermath of the Great Hanshin eartquake near Kobe. I remember it well, sending an email back to my team saying "It is 1995, and here in Japan it is 95 degrees and 95 percent humidiy." It was seven months after the earthquake, but people were still living in cardboard boxes and make-shift tents.
Many people asked if I will be going back to Japan to help out. I speak Japanese, can make sense of the Japanese Katakana characters on computer monitors, and am an expert in Disaster Recovery. However, the IBM Japan team is doing an awesome job helping our clients restore their data and recovery their business operations. Of course, if IBM needs me in Japan, I will gladly go, but so far, it doesn't seem that I am needed there.
Instead, I will support Japan remotely from my little office here in Tucson, Arizona. If you want to help, contribute to the Red Cross [Japan Earthquake and Pacific Tsunami] fund.
Are you attending the upcoming [South by Southwest SXSW Interactive] conference in Austin, Texas?
IBM and the Austin Chamber of Commerce is inviting registered SXSW Interactive attendees to the networking reception being hosted by the IBM Innovation Center and the IBM Venture Capital Group. Power Systems and Watson will have a significant feature at this SXSW event to be held on March 14, 2011.
While I won't be there personally at the SXSW conference, I strongly recommend you to attend this event.
Innovators and Entrepreneurs Networking Reception
This reception will provide a rare opportunity to network and collaborate with your professional community of industry leaders, entrepreneurs, developers, academics, venture capitalists, members of the Austin Chamber of Commerce.
Webcast: How to Diagnose and Cure What Ails Your Storage Infrastructure
Wednesday, March 23, 2011 at 11:00 AM PDT / 11:00 AM Arizona MST / 2:00 PM EDT
Storage is the most poorly utilized infrastructure element -- and the most costly part of hardware budgets -- in most IT shops today. And it’s getting worse. Storage management typically involves nightmarish mash-up of tools for capacity management, performance management and data protection management unique to each array deployed in heterogeneous fabrics. Server and desktop virtualization seem to have made management issues worse, and coming on the heels of changing workloads and data proliferation is the requirement to add data management to the set of responsibilities shouldered by fewer and fewer storage professionals. Forecast for Storage in 2012: more pain as long delayed storage infrastructure refresh becomes mandatory.
In this webcast, fellow blogger Jon Toigo, CEO of Toigo Partners International, of [DrunkenData] fame, and I will take turns assessing the challenges and suggesting real-world solutions to the many issues that confound storage efficiency in contemporary IT. Integrating real world case studies and technology insights, our storage experts will deliver a must see webcast that sets down a strategy for fixing storage...before it fixes you.
Don't miss this event, unless you like the stress of knowing that your next disaster may be a data disaster.
Register for this webcast to come hear me and Jon Toigo talk!