Helpful Tips
Get to the information you want quicker by selecting a category name or a popular tag.

Archive for the ‘Uncategorized’ Category

Much debate has occurred over the priority order of information confidentiality, availability, or integrity.  Which one is more important than the other? It depends. Typical consultative answer right? You cannot blindly say which is more important.  The business situation changes the priorities, albeit minor in altitude.  Not all information is created equal; thus, we cannot blatantly say that it should be treated with the utmost availability, integrity, or confidentiality. Read the rest of this entry »

Outsourcing, co-location, leasing, COO / CFO absorption of the CIO role, cloud computing and so on are the topics littered across the landscape of today’s IT world.  Reading an article recently (http://bit.ly/e80vBP) sparked a long running exposed nerve I have endured painfully throughout my career in this industry, IT.  While it is absolutely true that we should not bind ourselves within the boarders of our thought, nor our physical location.  The truth resounds in a deafening roar, “Do not forget the human element!”  People are still a part of this technological world.  Processes certainly support people and are automated by technology; however, this does not take the place of the communion that occurs between people. Read the rest of this entry »

Technology is not a Plan.  Technology enables a Plan.  A Plan coordinates the people and processes that are then enabled by the technology.  A replication package only “copies” (I realize it does more than copy, but for simplification purposes that’s what we will call it) bits from one location to another one.  How do you decide what to replicate?  How do you decide whether there is corruption?  How do you handle a hardware failure on one or both of the arrays which are involved in the replication during a disaster?  Who declares disaster?  Who makes the decision to purchase an array, if necessary?  How do you communicate between team members if cell phones and land lines are down?  Where do you go to connect if the normal location is inaccessible (blocked off by police, etc.)? Read the rest of this entry »

I have been consulting in the arena of Business Continuity and Disaster Recovery for nearly 20 years.  The vast majority of companies do not have a Business Continuity Plan (BCP) in place.  A great majority of companies do not have a Disaster Recovery Plan (DRP) in place. Few companies that do have one or both of these rarely link them properly.  Many organizations believe they have a BCP or a DRP because they have a piece of paper that states such or they have the false sense of security that someone must have already taken care of this.  And then there are those that believe because they have backup, they have disaster recovery.  Ironically, many IT shops believe this misnomer as well. Read the rest of this entry »

Read the rest of this entry »

If we take examples from history, we can at least see a potential path to what is going to happen moving forward.  Not that history is a perfect predictor of the future, it is simply a context to guide what might happen.  When governance issues were addressed in the issuance of NYSE Rule 446, EEOC, and others, we see that vagueness crept into the repercussions of failing to comply.  It may have been fear of adoption or public relations nightmares that allowed the impeachment of clarity in compliance.  Nonetheless, we have learned that there are ways to address compliance that take many forms. The clear message is that we can no longer look at every regulation individually to achieve compliance.  We must create a program that addresses compliance broadly and adjust as new issuances occur. Read the rest of this entry »

Investors’ confidence in corporate America has been shaken to the core, affecting the culture in which we live at the most basic level— for we are all investors in one way or another. Regulations governing information policy, process, and recovery are continuing to litter the radar screen of business strategy. It may be a leap of faith to see the correlation between regulations, whether civil or criminal; however, it is not as clear when comparing human resources issues and corporate governance issues. However, it will become clear that the correlation lies in the approaches organizations must take to comply with and survive an audit of human resources issues such as Equal Employment Opportunity and corporate governance issues such as Sarbanes- Oxley. Read the rest of this entry »

Simplistically, data and information are related but not the same.  Just for the sake of this discussion, lets define data as bits, bytes, and types of files; whereas, information is the value to the organization in terms of usage (i.e. customer records, financial records, intellectual property, personal identifiable information (pii), executive communication, etc.).  As the need for storage of data and information continues to escalate, organizations must look to classify information.  Many industry experts might even say it is a critical step to survival, if not simply transformation.  Multiple strategic components of an overall IT strategy depend upon Information Classification such as cyber security, data loss prevention, and so on.  Thus, Information does have a lifecycle. Read the rest of this entry »

Solving the incident / problem management quandary has many different perspectives. Education, automation, and knowledge management continue to bubble to the top as elements to resolve the number of incidents; however, the chain to resolution must be analyzed. This chain is not simply looking at what resolved that particular incident and problem. There must be a completion or recognition of the same ground covered so that the fundamental flaw of IT does not appear (http://blog.engagedconsulting.com/?p234).

Read the rest of this entry »

Storage Management is only viable with visibility.  Visibility takes many different forms: business volume, database volume, legal discovery volume, infrastructure volume (server, storage, network, etc.), marketing volume, business intelligence volume, and so forth. You cannot manage that which you do not monitor, and you cannot monitor that which you are unaware of. While DFS and hardware thin provisioning are good tactical solutions, they are only covering the root cause, ineffective or no Enterprise Capacity Planning ( http://blog.engagedconsulting.com/?p=54 ).

Read the rest of this entry »

Close
loading...