This sponsored blog post for IBM for MSPs explains the Internet of Things (IoT) has a greater potential to be disruptive to IT security than the cloud proved to be, which is why securing IoT has to be a priority for managed service providers (MSPs).
Read MoreThis sponsored blog post for IBM for MSPs explains that even though steps must obviously be taken to protect against hacks and other external attacks, more than half of all security breaches are actually caused by user mistakes or internal security flaws.
Read MoreThis sponsored blog post for IBM for MSPs explains that it is time to stop overlooking the importance of security when it comes to cloud services. Managed service providers and in-house IT teams need to ensure the future of IT is built on secure cloud services.
Read MoreThis sponsored blog post for IBM for MSPs explains how managed service providers are well-positioned to help customers overcome mistakes with mobile app security since they manage many of the cloud-based IT services leveraged by mobile apps.
Read MoreThis sponsored blog post for the IBM for Midsize Business program explains that in order to meet your service level agreements and protect your business and your data from unauthorized access, cloud service providers must also be cloud security providers.
Read MoreThis sponsored blog post for the Enterprise CIO Forum provides an overview of three approaches to managing and securing the mobile devices that not only enable the enterprise to be more productive, but also expose the enterprise to more risks.
Read MoreThis sponsored blog post for the Enterprise CIO Forum explains the inconvenient truth about cloud security is that we often choose, by default or with intention, convenience over security, especially with public-cloud-based services for mobile devices.
Read MoreThis sponsored blog post for the IBM for Midsize Business program explains that no matter where you go nowadays, there you are with a mobile device, which is why more business leaders are adopting a mobile first strategy.
Read MoreThis sponsored blog post for the IBM for Midsize Business program discusses the increasing need for a form of differential privacy that protects personal privacy while still enabling business insights.
Read MorePeople use mobile devices, as James Hailey Jr. blogged, “for almost everything they do in their day to day activities like listening to music, work, social applications, and calendar functions. They allow people to immediately get information and access different resources. In today’s world, there are more mobile devices than there have ever been in recent years and companies are just realizing the potential opportunities that exist.”
As Daniel Newman blogged, “cloud, mobile devices, Big Data, and social media have become a permanent fixture of today’s business. From solopreneurs to global enterprises, companies are more connected than ever before to their customers, employees, shareholders, and stakeholders. Enabled by connectivity and powered by the cloud, this is more than just Marketechture, this is the engine of our business future.”
“By embracing social tools in the cloud,” Rebecca Buisan blogged, “organizations can now attract new customers while at the same time better serve their existing clients, employees, and business partners.”
While cloud and mobile are enabling social business, it is not all blue skies and rainbows. The age of the mobile device is still young, so as you embrace, with youthful exuberance, the convenience of the mobile-app-portal-to-the-cloud computing model, convenience should not trump security.
As Marissa Tejada blogged, despite your employees’ hands being full of business-enabling mobile devices, too few organizations are making sure mobility and security go hand in hand. Especially when BYOD puts personal devices into business hands.
One example Allan Pratt blogged about is iOS7’s AirDrop feature, which uses a combination of Bluetooth and Wi-Fi ad-hoc networks. “The bottom line,” Pratt explained, “is that while AirDrop may sound like a good idea in theory, it needs more security embedded into it for data transfers to be considered. For SMBs, this means you should be wary of new technology until it has been proven safe and effective for the enterprise. You don’t want your data walking out the door without your knowledge.”
With big data providing the 1.21 gigawatts (often with a lot more than 1.21 gigabytes) of power, social, cloud, and mobile technology is the flux capacitor driving companies of all sizes forward to the future of business. Just as lightning never strikes twice, you don’t want to end up looking back in time, second-guessing why you didn’t secure the engine to your business future.
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. I’ve been compensated to contribute to this program, but the opinions expressed in this post are my own and don’t necessarily represent IBM’s positions, strategies, or opinions.
Devising a Mobile Device Strategy
The Symbiotic Relationship of Cloud and Mobile
Cloud Benefits for Midsize Businesses
Leveraging the Cloud for Application Development
Cloud Computing for Midsize Businesses
Cloud Computing is the New Nimbyism
Social Business is more than Social Marketing
Social Media Marketing: From Monologues to Dialogues
Social Media for Midsize Businesses
Information Asymmetry versus Empowered Customers
Data Storage for Midsize Businesses
A Big Data Platform for Midsize Businesses
Smart Big Data Adoption for Midsize Businesses
Big Data is not just for Big Businesses
Business Analytics for Midsize Businesses
Business Intelligence for Midsize Businesses
The Graystone Effects of Big Data
Will Big Data be Blinded by Data Science?
Talking Business about the Weather
Welcome to my roundup of the best blog posts published on the Obsessive-Compulsive Data Quality (OCDQ) blog during 2012.
My selections were based on a pseudo-scientific, quasi-statistical combination of page views, comments, and re-tweets, as well as choosing a few of my personal favorites, and which I have organized into four sections of ten best posts by topic or type.
In 2012, the Obsessive-Compulsive Data Quality (OCDQ) blog published 92 posts, which received 160,000 total page views, while averaging over 400 page views and 200 unique visitors a day.
Thank you for reading OCDQ Blog in 2012. Your readership was deeply appreciated.
So Long 2011, and Thanks for All the . . . – The OCDQ Radio 2011 Year in Review
2012 Quarterly Review of the Data Roundtable (Part 4)
2012 Quarterly Review of the Data Roundtable (Part 3)
2012 Quarterly Review of the Data Roundtable (Part 2)
2012 Quarterly Review of the Data Roundtable (Part 1)
2011 Quarterly Review of the Data Roundtable (Part 4)
2011 Quarterly Review of the Data Roundtable (Part 3)
2011 Quarterly Review of the Data Roundtable (Part 2)
This blog post is sponsored by the Enterprise CIO Forum and HP.
Since ‘tis the season for reflecting on the past year and predicting the year ahead, while pondering this post my mind wandered to the reflections and predictions provided by the ghosts of A Christmas Carol by Charles Dickens. So, I decided to let the spirit of Jacob Marley revisit my previous Enterprise CIO Forum posts to bring you the Ghosts of Enterprise Past, Present, and Future.
Legacy applications have a way of haunting the enterprise long after they should have been sunset. The reason that most of them do not go gentle into that good night, but instead rage against the dying of their light, is some users continue using some of the functionality they provide, as well as the data trapped in those applications, to support the enterprise’s daily business activities.
This freaky feature fracture (i.e., technology supporting business needs being splintered across new and legacy applications) leaves many IT departments overburdened with maintaining a lot of technology and data that’s not being used all that much.
The Ghost of Enterprise Past warns us that IT can’t enable the enterprise’s future if it’s stuck still supporting its past.
While IT was busy battling the Ghost of Enterprise Past, a familiar, but fainter, specter suddenly became empowered by the diffusion of the consumerization of IT. The rapid ascent of the cloud and mobility, spirited by service-oriented solutions that were more focused on the user experience, promised to quickly deliver only the functionality required right now to support the speed and agility requirements driving the enterprise’s business needs in the present moment.
Gifted by this New Prometheus, Shadow IT emerged from the shadows as the Ghost of Enterprise Present, with business-driven and decentralized IT solutions becoming more commonplace, as well as begrudgingly accepted by IT leaders.
All of which creates quite the IT Conundrum, forming yet another front in the war against Business-IT collaboration. Although, in the short-term, the consumerization of IT usually better services the technology needs of the enterprise, in the long-term, if it’s not integrated into a cohesive strategy, it creates a complex web of IT that entangles the enterprise much more than it enables it.
And with the enterprise becoming much more of a conceptual, rather than a physical, entity due to the cloud and mobile devices enabling us to take the enterprise with us wherever we go, the evolution of enterprise security is now facing far more daunting challenges than the external security threats we focused on in the past. This more open business environment is here to stay, and it requires a modern data security model, despite the fact that such a model could become the weakest link in enterprise security.
The Ghost of Enterprise Present asks many questions, but none more frightening than: Can the enterprise really be secured?
Of course, the T in IT wasn’t the only apparition previously invisible outside of the IT department to recently break through the veil in a big way. The I in IT had its own coming-out party this year also since, as many predicted, 2012 was the year of Big Data.
Although neither the I nor the T is magic, instead of sugar plums, Data Psychics and Magic Elephants appear to be dancing in everyone’s heads this holiday season. In other words, the predictive power of big data and the technological wizardry of Hadoop (as well as other NoSQL techniques) seem to be on the wish list of every enterprise for the foreseeable future.
However, despite its unquestionable potential, as its hype starts to settle down, the sobering realities of big data analytics will begin to sink in. Data’s value comes from data’s usefulness. If all we do is hoard data, then we’ll become so lost in the details that we’ll be unable to connect enough of the dots to discover meaningful patterns and convert big data into useful information that enables the enterprise to take action, make better decisions, or otherwise support its business activities.
Big data will force us to revisit information overload as we are occasionally confronted with the limitations of historical analysis, and blindsided by how our biases and preconceptions could silence the signal and amplify the noise, which will also force us to realize that data quality still matters in big data and that bigger data needs better data management.
As the Ghost of Enterprise Future, big data may haunt us with more questions than the many answers it will no doubt provide.
I realize that this post lacks the happy ending of A Christmas Carol. To paraphrase Dickens, I endeavored in this ghostly little post to raise the ghosts of a few ideas, not to put my readers out of humor with themselves, with each other, or with the season, but simply to give them thoughts to consider about how to keep the Enterprise well in the new year. Happy Holidays Everyone!
This blog post is sponsored by the Enterprise CIO Forum and HP.
This podcast episode is sponsored by the Enterprise CIO Forum and HP.
OCDQ Radio is a vendor-neutral podcast about data quality and its related disciplines, produced and hosted by Jim Harris.
During this episode, Bill Laberis and I discuss the necessary evolution of enterprise security in the era of cloud computing and mobile devices. Our discussion includes public, private, and hybrid clouds, leveraging existing security best practices, defining BYOD (Bring Your Own Device) policies, mobile device management, and striking a balance between convenience and security.
Bill Laberis is the Editorial Director of the Enterprise CIO Forum, in which capacity he oversees the content of both its US and international websites. He is also Editorial Director and Social Media Manager in the IDG Custom Solutions Group, working closely with clients to create highly individualized custom content programs that leverage the wide range of media capabilities, including print, online, multimedia, and custom events.
Bill Laberis was editor-in-chief of Computerworld from 1986-1996, has been a frequent speaker and keynoter, and has written for various business publications including The Wall Street Journal. He has been closely following the IT sector for 30 years.
This podcast episode is sponsored by the Enterprise CIO Forum and HP.
Can the Enterprise really be Secured?
Enterprise Security and Social Engineering
The Weakest Link in Enterprise Security
Enterprise Security is on Red Alert
Securing your Digital Fortress
The Good, the Bad, and the Secure
The Cloud is shifting our Center of Gravity
The Return of the Dumb Terminal
More Tethered by the Untethered Enterprise?
Sometimes all you Need is a Hammer
This blog post is sponsored by the Enterprise CIO Forum and HP.
Over the last two months, I have been blogging a lot about how enterprise security has become an even more important, and more complex, topic of discussion than it already was. The days of the perimeter fence model being sufficient are long gone, and social media is helping social engineering more effectively attack the weakest links in an otherwise sound security model.
With the consumerization of IT allowing Shadow IT to emerge from the shadows and the cloud and mobile devices enabling the untethering of the enterprise from the physical boundaries that historically defined where the enterprise stopped and the outside world began, I have been more frequently pondering the question: Can the enterprise really be secured?
The cloud presents the conundrum of relying on non-enterprise resources for some aspects of enterprise security. However, “one advantage of the cloud,” Judy Redman recently blogged, “is that it drives the organization to take a more comprehensive, and effective, approach to risk governance.” Redman’s post includes four recommended best practices for stronger cloud security.
With the growing popularity of the mobile-app-portal-to-the-cloud business model, more enterprises are embracing mobile app development for deploying services to better support both their customers and their employees. “Mobile apps,” John Jeremiah recently blogged, “are increasingly dependent on cloud services that the apps team didn’t build, the organization doesn’t own, and the ops team doesn’t even know about.” Jeremiah’s post includes four things to consider for stronger mobile security.
Although it is essential for every enterprise to have a well-articulated security strategy, “it is important to understand that strategy is not policy,” John Burke recently blogged. “Security strategy links corporate strategy overall to specific security policies; policies implement strategy.” Burke’s post includes five concrete steps to take to build a security strategy and implement security policies.
With the very notion of an enterprise increasingly becoming more of a conceptual entity than a physical entity, enterprise security is becoming a bit of a misnomer. However, the underlying concepts of enterprise security still need to be put into practice, and even more so now that, since the enterprise has no physical boundaries, the enterprise is everywhere, which means that everyone (employees, partners, suppliers, service providers, customers) will have to work together for “the enterprise” to really be secured.
This blog post is sponsored by the Enterprise CIO Forum and HP.
Enterprise Security and Social Engineering
The Weakest Link in Enterprise Security
Enterprise Security is on Red Alert
Securing your Digital Fortress
The Good, the Bad, and the Secure
The Cloud is shifting our Center of Gravity
Are Cloud Providers the Bounty Hunters of IT?
The Return of the Dumb Terminal
More Tethered by the Untethered Enterprise?
Sometimes all you Need is a Hammer
Shadow IT and the New Prometheus
This blog post is sponsored by the Enterprise CIO Forum and HP.
“100 percent security no longer exists in the digital world,” Christian Verstraete recently blogged. “Many companies have to recognize that they have not developed a proactive enough security strategy. They also have to recognize that they have not put the appropriate procedures in place to cope with a security breach when it happens. Instead, they are in reactive mode.”
In my previous post, I blogged about how although any proactive security strategy can only be as strong as its weakest link, the weakest link in your enterprise security could actually be the protocols enacted in the event of an apparent security breach.
“We are confronted with a world where employees bring their own devices and use them for both their private and their business lives,” Verstraete continued. “As our world is getting increasingly integrated, and as social media is used by enterprises to reach their customers and prospects, we need to train our people to ensure they are watchful for social engineering.”
The book Social Engineering: The Art of Human Hacking by Chris Hadnagy, the lead developer of Social-Engineer.org, defines social engineering as “the act of manipulating a person to take an action that may or may not be in their best interest.”
“While software companies are learning how to strengthen their programs,” Hadnagy explained, “hackers and malicious social engineers are turning to the weakest part of the infrastructure — the people. The motivation is all about return on investment. No self-respecting hacker is going to spend 100 hours to get the same results from a simple attack that takes one hour, or less.”
“Denial, ignorance, or the overwhelming nature of threats and vulnerabilities are all causes of a lack of focus,” Ken Larson recently blogged. “In this age of IT, the threats and vulnerabilities raised by mobility, social networking, cloud computing, and the sharing of IT resources between enterprises must be added to the traditional threats that we’ve focused on for years.”
As I have previously blogged, traditional approaches focus mainly on external security threats, which nowadays is like fortifying your physical barriers while ignoring the cloud floating over them and the mobile devices walking around them. The more open business environment enabled by cloud and mobile technologies is here to stay, and it requires a modern data security model.
“Proactively define your security strategy,” Verstraete concluded. “Decide what an acceptable risk level is. Choose and implement tools and procedures accordingly, and train, train, train your employees.” I definitely agree that employee training is essential to strengthening your enterprise security, and especially training your employees to understand the principles of social engineering.
This blog post is sponsored by the Enterprise CIO Forum and HP.
The Weakest Link in Enterprise Security
Enterprise Security is on Red Alert
Securing your Digital Fortress
The Good, the Bad, and the Secure
The Cloud is shifting our Center of Gravity
Are Cloud Providers the Bounty Hunters of IT?
The Return of the Dumb Terminal
Sometimes all you Need is a Hammer
Obsessive-Compulsive Data Quality (OCDQ) is a blog offering a vendor-neutral perspective on data quality and its related disciplines.
| Home | Blog | Podcast | Videos | Best of OCDQ | Published Articles | About | Contact |
|
© 2022, Jim Harris. |
Powered by Squarespace |
