Archive for the 'Security' Category

Page 2 of 3

You Can’t Handle the Truth

The next time your IT staff comes to you with a server or storage purchase order and says, “And the price is $1 million,” put on your Jack Nicholson mask, do your best “A Few Good Men” impersonation,” and growl, “Is that the truth? I don’t think so because, you can’t handle the truth.”

The truth is the cost of that hardware is not $1 million. Oh, sure, it’s the one time purchase price, but just like application software, that’s just the beginning of the cost.

Continue reading ‘You Can’t Handle the Truth’

HIPAA Security Rule Controls: Do You Have Them?

HIPAA security rules and HIPAA compliance requirementsRecent changes to the HIPAA Rules through the HIPAA Omnibus Final Rule, may affect the way healthcare professionals do business. The changes, which became effective March 26, 2013, now apply the Security Rule not only to covered entities but also to business associates of covered entities and subcontractors of business associates. This means that any organization involved with electronic protected health information (EPHI) must have and follow a well-written information security policy with established practices and guidelines that protect this EPHI from falling into the wrong hands. Failure to comply with the HIPAA Rules could result in fines up to $1.5 million for all violations of an identical provision in a calendar year.
Continue reading ‘HIPAA Security Rule Controls: Do You Have Them?’

Are Security Fears Keeping You Out of the Cloud?

Remain safe in the cloud with Layered Tech cloud security and cloud solutionsThe First Annual Big Cloud Event took place in Minneapolis, MN in June.  Layered Tech was a sponsor of this event, and I delivered a presentation on Big Cloud Adoption. This event was billed as the first annual; the second event is already scheduled for March of 2014 in Las Vegas, NV. Although many cloud-related topics were discussed at the event, many discussions focused on cloud adoption, or the lack thereof, for Fortune 1000 companies.
Continue reading ‘Are Security Fears Keeping You Out of the Cloud?’

Should You Care About Application Performance Management?

Every customer running revenue-critical business applications should consider adding application performance monitoring and management.  For this reason, we have taken our experience deploying application performance monitoring tools for our customers and released a standard managed solution.  Our new Application Performance Management (APM) service, powered by AppDynamics, offers a “managed with” model in which we integrate APM with our customers’ managed hosting and cloud service. We handle the deployment, configuration, monitoring and assist clients with utilizing the APM solution.

Continue reading ‘Should You Care About Application Performance Management?’

ETA Eye Openers

At the 2013 Electronic Transactions Association (ETA) Annual Meeting and Expo  in New Orleans recently, I had the opportunity to give a presentation on Hacktivism titled Managing Risk for Online Threats and Hacktivism Actions. Attending these shows allows me to experience a little bit of local culture (the food and the venue were awesome), network with colleagues and learn about what is trending in the cloud space. I’m not surprised that the trending theme this year revolved around mobile technology.
Continue reading ‘ETA Eye Openers’

Tips to Guard Against Hacks and Attacks

I attended the 2013 InnoTech San Antonio Technology Innovation Conference & Expo on April 17th.  InnoTech is the region’s largest business-to-business technology event.

This conference has grown to the point of needing to move to the Henry B. Gonzalez Convention Center.

Along with the tracks offered in Mobility, Women in Tech, Infrastructure, Big Data with Analytics and IT Leadership, I participated in the Cyber Security Symposium.  I moderated a panel of experts on Security – It’s All About Perspective.  The panel had representation from corporate leaders, consultants and higher education.  The panel members were Mark Krisak, Director of Information Security, HEB; Chip Meadows, Sr. Security Analyst, UTSA; Joe Oranday, Vice President, Enterprise Information Security, Frost; Steve Werby, President and Senior Information Security Consultant, Befriend.
Continue reading ‘Tips to Guard Against Hacks and Attacks’

Data Protection – Not Always a Slam Dunk

It’s March Madness time, one of my favorite times of year. Maybe it’s playing college basketball brackets with friends and co-workers that has me thinking of infrastructure strategy in basketball terms. But anyway, it occurs to me that while backup and recovery isn’t sexy, it is critical — and not always a slam dunk.

Continue reading ‘Data Protection – Not Always a Slam Dunk’

Comparing Managed Service Providers – Full Service versus Service Ready

Managed services and compliance as a service: Service SignOne component of selling Layered Tech’s managed services is dealing with the competitive comparison issue, as prospective clients attempt to determine which service provider is the best fit for their IT management needs. The need to compare Layered Tech to our competition is understandable, but the breadth of our available capabilities makes direct comparisons difficult.

Continue reading ‘Comparing Managed Service Providers – Full Service versus Service Ready’

Hospital Data Breaches

Earlier this month, Lisa Vaas published an article on the Naked Security web site on the Ponemon Institute’s Third Annual Benchmark Study on Patient Privacy & Data Security funded by ID Experts.  Ms. Vaas did a good job of summarizing the most significant finding in the report, that of increase of data breaches over the past three years are due mainly to a lack of secure devices and staff negligence (see graph from report below).

Data Breach Graph

Continue reading ‘Hospital Data Breaches’

Security as a Subset of Risk Management

What does Risk Management mean to you?  If you have read my blog you know that I focus on topics like Security or Compliance.  You may have noticed, as well, that my title is Chief Risk Officer and you may have wondered how this fits together.  Compliance cannot exist without the appropriate controls (security) in place.  Moreover, Risk Management can be said to be the art of balancing the value of the cost of a control versus the value of the benefit derived from the control.

Continue reading ‘Security as a Subset of Risk Management’