Doug Theis - Leave your comfort zone.

AFCOM – Dissecting the Data Center: What Can – and Can’t – Be Moved to the Cloud

Practical approaches on cloud migration from the AFCOM folks. Re-platforming is a great opportunity for the move, but there are others as well, including staff changes, entering new lines of business, and financial drivers.

According to the results of a recent survey of IT professionals, 43 percent of organizations estimate half or more of their IT infrastructure will be in the cloud in the next three to five years. The race to the cloud is picking up steam, but all too often companies begin implementing hybrid IT environments without first considering which workloads make the most sense for which environments.

The bottom line is your business’s decision to migrate workloads and/or applications to the cloud should not be arbitrary. So how do you decide what goes where?

The best time to consider migrating to the cloud is when it’s time to re-platform an application. You should not need to over-engineer any application or workload to fit the cloud. If it’s not broken, why move it? For the purposes of this piece, let’s assume your organization is in the process of re-platforming a number of applications and you are now deciding whether to take advantage of the cloud for these applications. There are a few primary considerations you should think through to determine if moving to the cloud or remaining on-premises is best.

Evaluating What Belongs on the Ground or in the Cloud

First, ask yourself: Is our application or workload self-contained or does it have multiple dependencies? Something like the company blog would be considered a self-contained workload that can easily be migrated to the cloud. At the other extreme, an in-house CRM, for example, requires connectivity to your ERP system and other co-dependent systems. Moving this workload to the cloud would introduce more risk in terms of latency and things that could go wrong.

More of the AFCOM article from Gerardo Dada

CIO Strategy / Data center compliance / DevOps / IT Governance / IT Strategy — Comments Off
05
Oct 16

Data Center Knowledge – Hospital Pays $400,000 HIPAA Breach Penalty for Obsolete ‘Business Associate’ Agreement

HIPAA has teeth. Are your BAAs accurate and up to date?

A Rhode Island hospital agreed this month to pay $550,000 in settlements after failing to properly update business associate agreements as required under the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA), federal authorities said.

The U.S. Department of Health and Human Services Office of Civil Rights (OCR) opened an investigation into Women & Infants Hospital of Rhode Island (WIH) after receiving a report of a data breach in November 2012.

WIH told federal authorities it had lost unencrypted backup tapes containing ultrasounds of 14,004 women, including patient names, dates of birth, dates of exams, physician names and, in some cases, Social Security numbers.

More of the Data Center Knowledge post from Aldrin Brown

CIO Strategy / Cloud Computing / Cloud infrastructure / Disaster Recovery / IT Governance / IT Security / IT Strategy — Comments Off
04
Oct 16

Continuity Central – The IT DR program: a crucial, but not well understood, aspect of disaster recovery

This is the shortest, most complete treatment I’ve ever seen of what it takes to be successful with IT Disaster Recovery. Worth the read.

While the hardware and software costs for disaster recovery are well understood many organizations do not fully realize that, in order to be assured of successfully executing the plan in the event of an outage or disaster, a comprehensive IT DR program must first be in place. An organization can have all the right IT DR hardware and software, but without a properly managed program, its efforts will fail.

Even the organizations that do have this understanding often underestimate the complexities involved in creating an IT DR program and the associated costs.

The DR program consists of the people, processes and tools necessary to implement the IT DR solution and manage its lifecycle. Because this implementation process requires considerable expertise and experience, organizations must carefully consider the costs of developing their in-house skill sets as well as those of purchasing, implementing, and maintaining their own hardware and software in house. They should then compare this expertise and the hardware and software costs to those they could access by going to a third-party managed recovery provider that specializes in providing IT disaster recovery services.

Only by understanding what goes into a full IT DR program and the complete total cost of ownership (TCO) of both an in-house versus a ‘selectively outsourced’ solution can organizations make the right choice.

The DR program consists of five processes: application mapping; developing disaster recovery procedures; test planning and execution; post-test analysis; and recovery lifecycle management. The discussion below will address what each step involves.

CIO Insight – Do IT Workers Lie About Certifications?

A surprising minority of CIOs and other IT leaders actually check to see if their staffers’ claims of tech certifications earned are actually true, according to a recent survey from TEKsystems. But they should—because many IT pros admit that they do not always report this information accurately on their resumes. The lack of verification could result in long-term consequences, as the majority of IT leaders take into account tech certifications in making decisions about the hiring, developing and promoting of their staffers. Among the certifications most in need: Those related to cyber-security, programming and development, project management and software engineering. Given that many organizations pay for these educational opportunities, CIOs need to do a better job of making sure that their employees aren’t fibbing when they indicate they’ve earned them. “(Organizations) need to be more diligent in actually verifying certifications in order to avoid getting trapped in a certification shell game,” said Jason Hayman, research manager at TEKsystems. –

More of the CIO Insight slideshow from Dennis McCafferty

CIO Strategy / Cloud Computing / Cloud infrastructure / Data Center / Digital Transformation / Disaster Recovery / IT Governance / IT Security / IT Strategy — Comments Off
28
Sep 16

CIO Insight – Why Enterprise Still Matters

In today’s economy, executives must account for market pressure while keeping focused on the evolution of innovation in technology. This new reality presents both challenges and opportunities for businesses and IT to align on IT strategy and finding balance between the desire to seek value and manage for risk. Due to the difficulty in finding this balance, business leaders are increasingly contracting with cloud-based service providers for the creation of applications, integrations and custom development, with or without the support of enterprise IT. These leads are essentially acting as CIOs by providing their own technology-led business solutions, which leads to fragmentation and delays in accomplishing business initiatives

More of the CIO Insight article from Mike Sommer

CIO Strategy / Digital Transformation / IT Governance / IT Strategy — Comments Off
27
Sep 16

Baseline – What Employees Say They Must Have From IT

Information workers are expressing frustration with what they view as a lack of tech tools and space to pursue collaboration, according to a June 2016 survey commissioned by Prysm and conducted by Forrester Consulting. The resulting report, “Digital, Disparate, and Disengaged: Bridging the Technology Gap Between In-Office and Remote Workers,” reveals that IT and facilities professionals feel that the situation is much better than information workers describe, leading to a glaring perception gap on the issue. Similarly, when it comes to having access to the “latest and greatest” technology, only a minority of information workers said they have what they need.

More of the Baseline slideshow from Dennis McCafferty

CIO Strategy / IT Strategy — Comments Off
27
Sep 16

Continuity Central – ‘Data hoarders’ putting organizations at risk: survey

Businesses’ data security, data management and corporate compliance are being jeopardised by an internal army of data hoarders, according to a recent survey. As a result, 77 percent of IT decision makers are now more concerned about the impact of data hoarding than a year ago.

The survey, commissioned by Veritas, was conducted among 10,022 global office professionals and IT decision makers to look into how individuals manage data.

Major issues highlighted by the survey include:

The digital hoarding struggle is real

The findings highlighted that IT decision makers are hoarding their digital files and saving 54 percent of all the data they create. In addition, 41 percent of all digital files created go unmodified for three or more years.

Continuity Central – The unintended consequences of risk reporting

In this article we posit three questions. The first question is: “Is it a social responsibility of companies that they undertake a comprehensive risk assessment?” The second question: “Does the notion of conscience and its application to the generation and use of risk information and information in general, create an obligation for the organization to disclose the results of the comprehensive risk assessment?” The third question: “How do the people in the organization communicate the information from the comprehensive risk assessment to stakeholders and yet preserve security and protect the organization?”

The three questions may, at first, appear simple and straightforward. However, as we dissect each, we find that there is significant complexity intertwined in these questions. While this article does not attempt to provide a rigid framework or hard and fast answers to the above questions, it is our intent to set in motion a dialogue regarding corporate social responsibility (CSR) and its relationship with governance risk and compliance (GRC) activities/obligations that form a social contract between the organization and its stakeholders.

More of the Continuity Central article from Geary W. Sikich and Joop Remmé

CIO Strategy / Cloud Computing / Digital Transformation / IT Governance / IT Strategy — Comments Off
26
Sep 16

IT Business Edge – C-Suite Identifies IT Leaders as Technology Drivers, Deloitte Survey Finds

According to the newly released results of a survey of mid-market executives in the United States, CIOs and other IT leaders are increasingly likely to be identified as the individuals who drive technology adoption in their companies.

The findings, highlighted in Deloitte’s 2016 Mid-Market Technology Report released earlier this month, showed that 49 percent of respondents said IT executives direct the adoption of new and emerging technologies, up from 36 percent in 2015. I spoke with Steve Keathley, national technology leader of Deloitte Growth Enterprise Services, about what’s driving this trend, and he attributed it to the promise of technologies such as cloud, analytics and IoT having been fulfilled. In other words, the C-suite is now full of believers.

More of the IT Business Edge article from Don Tennant

CIO Strategy / IT Strategy — Comments Off
21
Sep 16

Baseline – How IT Pros Use Technology

Did you ever wonder how IT employees actually use technology? If so, the following entertaining facts from a couple of Experts Exchange surveys may prove interesting. IT workers, for example, spend well beyond what’s considered a normal eight-hour work day on desktops or laptops. Most have bought a computer within the last year—a significantly higher buying pattern than two years ago. And, despite the massive appeal of ever-hip Apple products, PCs still rule in the office cubicles rather than Macs. Whichever products they prefer, the survey respondents are generally good about protecting them, as most said they run virus scans no less than once a week.