You are here: Home / 2011 / Archives for February 2011

Face the music and sing a happy tune when your IT environment is safer

February 17, 2011 by Leave a Comment

What people don’t realize when it comes to security threats to their websites; it’s not web servers being attacked.  (though it’s not to say that they aren’t vulnerable.)  But what is being attacked is the actual code of the website.  There are some pretty old tricks like SQL Injection and Cross Site Scripting that allow attackers to do all sorts of creative things.  One of the most common attacks is to dump the contents of a database table that shouldn’t be seen.

For example you should be able to enter credit card numbers, social insurance numbers, health card numbers, driver’s licenses, and password into certain websites but a visitor to that website shouldn’t be able to ask the web application to show all of the values that have been entered by all users.  Another way is when an attacker injects code onto a popular news website that loads another malicious website so that when the news page loads malware loads as well. The end user essentially doesn’t have to interact at all to get malware installed on their system, (this is known as a drive-by download.)

The first thing to do is have your website assessed.  Assessing the situation is a critical step to know where you are vulnerable so that you can take appropriate actions.  Automated tools can be a great way to crawl through all those pages looking for problems.  Once you have an idea where the vulnerabilities are, you need to plug them up.

[Read more...]

Filed Under: Client Computing Tagged With: , , , , ,

IT’s grand unified theory of storage

February 9, 2011 by Leave a Comment

Ask IT professionals what their number one priority is in the next 12 months and in coming years and they’re likely to tell you increased usage of virtualization. No big surprise really since, for some time now, virtualization has been one of the most effective tools for driving efficiencies and effectiveness (and of course, saving money) across IT.

Driving those efficiencies, it turns out, will come in large part through convergence and consolidation virtualization brings about, and unified storage (or multiprotocol or federated storage) may be the key to making it all a reality. Why? Because while separate specialist storage platforms have gone a long way to increasing IT effectiveness, they’ve also taken their toll on resource efficiency – something unified storage can finally put a serious dent in.

Most IT pros know this already, of course. Which is why a recent survey revealed that 70% of organizations are [Read more...]

Filed Under: Servers, Storage and Networking Tagged With: , , ,

Ding, dong, the tape is dead: new storage systems handle both backup and archive

February 9, 2011 by Leave a Comment

It was clear when DVDs hit the market back in the 1990s that they offered a richer movie viewing experience than VHS tapes. But for a time, tapes and VCRs were cheaper so we had to wait for the cost of DVD players to come down – and for the word to spread – before the new technology overtook the old.

It’s been a bit more complicated for IT departments to decide whether or when to switch from tapes to disk for their data backup and archiving strategy. Partly because, historically, tapes were higher density and cheaper than disk and because tapes were considered safer against loss, corruption or disaster. But using tapes often also meant dealing with poor recovery times, copying dozens of copies of the same document. Disks for their part got more dense, faster and less expensive. Not to mention that new disks could usually be added through cheap storage arrays or servers, while more tape usually meant a bureaucracy tape infrastructure – more towers, more robots and more tape drives. Still, in the mid-2000s, with all the advances working in disks’ favor, some believed that tape was undergoing a renaissance, pulling away again due to capacity limitations for disk. The result? A cold war truce of sorts between the two technologies – long-term archiving to tape, shorter-term backups to disk. [Read more...]

Filed Under: Servers, Storage and Networking Tagged With: , , , ,

Good news, bad news and more good news: How virtualization is streamlining branch offices.

February 7, 2011 by 1 Comment

They say, be careful what you wish for. A plant needs sunshine and water to grow but give it too much and the plant burns or withers. The same sort of predicament might be said of data center consolidation.

Over the last few decades, pulling the plug on inefficiently used servers in a variety of data centers and branch offices throughout an organization’s network and replacing them with a large number of x86 servers in a smaller number of data centers drove impressive economies of scale. That was the good news. The bad news was that these massive data centers turned out to be more complex to manage, consumed a lot of energy and depended on sophisticated planning to deal with unexpected loads.

That, of course, resulted in more good news in the form of server virtualization to address these challenges. Virtual servers could be provisioned more quickly than physical ones, they needed less space and power and they could be cloned, moved or clustered without service interruption.

 But server virtualization, you guessed it, has led to some challenges of its own, [Read more...]

Filed Under: Servers, Storage and Networking Tagged With: , , , ,

What you don’t know about your website could hurt you

February 1, 2011 by 1 Comment

Verizon’s most recent Business Threat Breach report features some sobering facts.  Like 70% of data stolen was stolen from outsiders.  94% of data breached was attributed to malware.  Over half of this malware was injection type malware such as SQL Injection and Cross Site Scripting.  Websites are being hit by attackers and they are targeting vulnerabilities in the code of the website itself.  What’s worse…90% of websites are vulnerable to these types of attacks!

Attackers are either stealing information directly from the sites of unsuspecting victims, or using those sites as malware distribution points.  For example a popular news site or social networking site that gets several million home page visits per day could have vulnerabilities with the website code.  That vulnerability could allow an attacker to inject whatever they want into the database for that website, so while the page will still load properly, a piece of malware will be loaded to target all of the visitors of the site.  Or maybe that vulnerability allows attackers to [Read more...]

Filed Under: Client Computing Tagged With: , , ,