Prove it or lose it: Why proof of concepts are a must do for many IT projects

Proof of conceptFew of us would buy a car without first taking it for a test drive. But this is exactly what organizations do when they purchase new technology without completing a Proof of Concept (POC).

In the IT realm, a POC tests how potentially disruptive technology interacts or integrates with an existing environment. These experiments can give an organization the confidence to adopt new and emerging technologies, or fair warning for what challenges must be solved first.

While you don’t need a POC to buy some new laptops, you should test any significant implementation you’re planning. Here’s why. (more…)

How one health care provider learned that compliance does not equal security

Health care compliance and securityWhich causes business leaders to buy into an IT security assessment quicker: ransomware or a data breach?

Both.

Unfortunately, that’s just the situation a regional health care provider network faced a few years ago. Although the IT staff knew a review of the security of the network and file server was overdue, the C-suite remained focused on existing HIPAA compliance guidelines.

That’s when a ransomware attack hit, resulting in a data breach. A user simply clicked on a popup, ransomware was then installed on the machine, and health care records stored on the user’s hard drive were compromised.

After the breach was fixed and the damage assessed, management realized many questions needed answering: Why did this attack happen? What should be IT’s first step in protecting data? What data should be secured? How could the organization balance compliance and security to stop attacks in the future? (more…)

Earth Day review: Here’s how much pollution we prevented in 2015 through asset recovery

Earth Day review of asset recoveryIf you read our blog post highlighting the 5 hallmarks of successful asset recovery, you might remember why asset recovery – the proper disposal or recycling of hardware devices – is so important: It’s a versatile, economical solution that protects your organization and simplifies IT asset management.

One of the biggest advantages to asset recovery is the environmental benefits. Adopting an asset recovery program guarantees devices are responsibly disassembled and recycled, and the precious metals, toxic materials, and extra components aren’t dumped in a landfill. If you throw those same devices in a standard garbage can, they end up feeding the growing global environmental issue of e-waste.

E-waste contains various hazardous metals that can harm the human immune, nervous, and reproductive systems, as well as pollute the air, water, and soil. By handing off end-of-life devices to an asset recovery provider, you are not only protecting the environment but the rest of humanity as well. (more…)

How to pick the best colocation option for your company’s needs

serversOrganizations considering colocation should be wary of big promises not documented in a contract, and costs much lower than other providers. As in most situations, a colocation data center offering that sounds too good to be true probably is.

Colocation has become a competitive landscape, and data center providers are offering superb benefits for seemingly great prices: metered power, attractive space costs, and endless connectivity. But there are specific aspects of these three components that need to be studied and questioned.

Before signing the dotted line, take a closer look at power, space, and connectivity. You should also investigate the best way to make the physical migration to a colocation data center and how to optimize your colocation benefits, especially if you’re expanding to new markets. (more…)

7 reasons why colocation makes sense for your business

colocation data centerData centers are a lot like cafeterias for most organizations — a necessity, but not something they want to manage. Frankly, most organizations are not in the business of making sandwiches or building and managing data centers. Owning and operating an in-house data center is just not aligned with their core business.

Compared with operating an in-house data center, leveraging colocation services from a data center provider offers numerous benefits that have driven steady adoption of these services over the years. Here are seven reasons why you should consider colocation data center services for your organization. (more…)

How many laptops has your company lost this year?

How many laptops has your company lost this year?It’s 11 o’clock. Do you know where your laptops are?

A misplaced laptop is no surprise to IT – many a laptop has been left in a public place or lost in plain sight on shelves or in drawers. And unfortunately, employees moving into a new job with a different company have been known to take their laptop with them. On average, 10 percent of IT hardware assets are in a state of purgatory, leaving no trace but a record in the books.

But is this a cause for panic? What’s the true cost of a few missing laptops to a business, especially one with increasing revenue and growing profit?

The real – and hidden – cost of lost laptops

Fact: Laptops are relatively cheap. Another reality: The content on those laptops is an organization’s lifeblood. If an employee loses a laptop, organizations can be faced with the loss of financial documents and information, HR records, regulatory filings, and valuable intellectual property. In addition, lost content could put an organization at risk of falling out of compliance with HIPAA or the SEC. (more…)

Cyberattackers had a great 2014. Here’s how to stay ahead of them in the second half of 2015.

Symantec Internet Security Threat Report 2014 was a banner year for cyberattackers, but not security. The high-profile data breaches of last year prove that antivirus is not enough, and the numbers of spear-phishing and web-based attacks, malware targeted at virtual machines, and ransomware continues its climb to historic levels.

Symantec highlighted the various methods hackers are using to attempt to steal company data in the 20th edition of its Internet Security Threat Report (ISTR). After a thorough reading of this April report, it’s clear that businesses of all sizes are at risk: (more…)

How to optimize your SMARTnet agreements

Cisco SMARTnetIT managers, take a second and think about your organization’s management of your Cisco SMARTnet agreements. If a hardware unit fails and needs replacing, how soon must that occur? When are your contracts up for renewal? If an emergency arises and you pick up the phone to call Cisco, do you know what service level your contract entitles you to?

While you think, ponder this astonishing fact: Cisco reports that 82 percent of all organizations that call into Cisco’s Technical Assistance Center (TAC) have incorrect information about their SMARTnet contracts and coverage.

Many customers have relayed uncertainty and confusion regarding management of their SMARTnet contracts to SHI. The disconnect between their contracted benefits and their understanding of those entitlements stems from four main issues: multiple SMARTnet contracts supporting a single organization, varied end dates, unaligned service levels, and SMARTnet purchases made through several different vendors.

Here’s another stat all IT professionals should know: 30 percent of all Cisco products are going end of life in the next three years, according to a recent SMARTnet webinar. Now is the time for organizations to start planning ahead and budgeting for the future. (more…)

Assessing security: How one health care provider stepped up its security outlook

healthcare securityWhen the federal government offers incentives to support a change, many organizations sprint to meet the benchmarks that trigger the payoffs. That was the goal when, in 2009, the government offered grant money to spur the adoption of electronic medical records (EMRs). Since 2009, 80 percent of doctors and 60 percent of hospitals have converted to EMRs, and $28 billion has been paid out to health care providers for converting paper files to digital.

A large health care provider in the Midwest was among them. Serving more than 200,000 patients, the organization had thousands of medical records on file that needed to be digitized. The company ramped up the push for electronic records to meet the government incentives, including its requirement to use only electronic records for Medicare and Medicaid patients by the end of 2013.

But as the company, like many providers, rushed to meet these new EMR requirements, it found the cyber security requirements were changing far faster than other technologies.

The organization knew it needed to ramp up security — and quickly — to continue to meet its responsibility to its patients and their privacy, and to continue to meet health care privacy rules and HIPAA requirements, while maintaining the security of the entire system. But with IT resources tied up in the switch to EMRs, how could the organization best upgrade its security? (more…)

Why it’s time to rethink what drives your IT security program

intrusion prevention system (IPS)In the past, IT security was like insurance, viewed as an expense, not a revenue generator. That perception left IT with minimal dollars allocated to securing networks, data, and other assets. But with the increase in threats, ranging from malware to data and identity theft, security has become a priority for all organizations.

Over the past three decades, businesses have developed structured security programs as federal and industry regulations became more prevalent. The Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act (SOX), and Payment Card Industry Data Security Standard (PCI DSS) are some of the well-known guidelines that have advanced compliance-based security.

But regardless of the industry guidelines, both compliance controls and the threat landscape have evolved, introducing a new requirement to address: risk. Security can no longer simply check the box of compliance as it could in the past. Risk is the new basis for every effective IT security program. (more…)