ManciniPhotos

Last winter, when everything seemed to be coming apart in my life, I was asked to sell saddles for a friend of mine at the Winter Equestrian Festival or, WEF as it is commonly referred to, in Wellington, Florida and the equestrian world. While doing this I started taking pictures. Over time people asked to buy them. In late spring I started a company called ManciniPhotos and started to sell the pictures that I was taking.

It has been 10 months now since I started taking pictures, and about four months since I started selling them. It is now a reality! ManciniPhotos is the direction I am heading. As much as I love Technology, the reality is, that I have to take care of my family. So I am investing my time where I see the opportunity.

The equestrian world is a great industry. I have been in and around it for most of my life. I am now looking forward to being a part of it and WEF. I have been asked to take pictures for Equestrian Sport Productions, the organization that produces WEF. Here is a link to their web-site: http://www.equestriansport.com/

I am going to be at all their events as I have been over the last year. The biggest event is WEF which begins in January and runs through April. WEF is an amazing event and I encourage anyone who happens to be in the south Florida area to attend. The best Hunter and Jumper riders in the world are here for the event. The parties and peripheral events are outstanding.

After WEF is the Spring Circuit, which next year, runs through the end of May. Then the Summer Circuit will go into September. The Fall Circuit,where we are now, goes until mid November and then the Holiday Circuit. A full year of exciting equestrian events!!

I will start writing about the events hosted by ESP. I also encourage your comments and suggestions.

I will be shooting the show this weekend starting tomorrow, so most likely it will be next week before I write again.

Until next time, here are a couple of shots for you.

Jack

Palm Beach International Film Festival... wooohoo!!

As the Great Depression of 2009 rolls on, many of us are forced to re-invent ourselves in order to make ends meet. I have been trying to supplement my income taking pictures and trying to sell them on the internet.

Well, I think I have my first break in this new line of work for me. I am going to be photographing the events of the Palm Beach International Film Festival beginning on April 23rd, and running through April 27th.

It is very exciting for me, because up to now I have not had an assignment. I have been shooting what I want and trying to sell them. This will be my first real step into professional photography. I am also working on several other angles in this new profession and will keep you posted if they come through.

I am excited by this new opportunity and hope that it will give me some more options going forward. I hope you all are making it okay, and that the "FUD", (fear, uncertainty and doubt) has not caused you to crawl under a rock to hide. It is a perfect time to set you goal in a different direction and to see what new paths of opportunities will open up for us.

I am continuing my work with Secure Technology Partners, and will keep of any new development on that front as well.

Don't lose faith.... this will pass.

Mac or Windows, do you have an opinion?

I just read an interesting blog on CNET, "Is Apple More Form than Function?" by Brooke Crothers. The article discusses a very interesting position, based on pure technical.
specifications. So they lined the spec's lined out side by side to ask you, which would you go with a new Vista Laptop loaded to the max, or a new Apple Macbook with moderate spec's?

Also, the article tends to suggest the idea that Apple's popularity by PC purchasers is more for astetics than functionality. Yes, those that carry a Mac look cooler, because they are.... and most likely more educated on the true form and function of a "PC".

Technically it is the OS in the Mac that beats Windows boxes hands down, but it is the total package from, ease of use, to the cost of software, reliability........... and of course the perceived coolness.

When Microsoft released Vista, it shot itself in the foot. The newly re-designed interface is nothing more than a nightmare for previous XP and Windows users. So if you have to learn how to operate your computer from start..... AGAIN, why not look to alternative systems that might provide better service and reliability.

In addition to the tremendous faux pas, with Vista, Microsoft is about to get it's clock cleaned by new Linux OS's for NetBooks, which cannot run Vista due to it's massive hardware requirements and its design for full sized laptop monitors.

See if this does not set Microsoft back on its heels. You have to wonder about an OS that costs almost as much as the machine it runs on.

One last comment on the Apple Revolution, for $99/year you can take one, 1-hour class per week on any Apple product, hardware or software. I have done this to learn the Apple Aperture application, and I am very impressed at the quality of the session.

Watch, I think the next 18 months will be interesting.

I Must Be the Luckiest Person on Earth!

This morning I am the winner of not one but two lotteries and a sweepstakes. I won the Netherlands lottery of 1 million Euros, a Hyundai sweepstakes for 500,000 pounds in England, and I won 2,500,000 GPB's in the Canadian Lotto Promotion.

Not bad for a nights sleep. Is it just me.........no, that is getting all these lotto, sweepstakes, and miscellaneous phishing emails? I cannot believe how much more phishing emails I am receiving now over six months ago.

I wonder how successful these scams are. Are people really responding to them and give all their personal info? Well, I am going to turn a positive to a negative, and say that I must be lucky!

So Far So Good...No Virus Here!

It is almost 10:00 PM, I have just turned on the news and..... not one story about the Conficker Virus! What's up with that? I thought that almost 30 percent of the Window's PC that have internet access are affected and the time was today to do the damage.

Oh well, another diaster narrowly missed. Can I say that? I guess it is like when you were a little child and there was a threat of a snowstorm coming. For a couple of days before the ETA we would all get excited about the chance of a natural diaster. Of course the stores would run out of everything consumable and schools would be off the day before so we could get prepared and then the storm would never arrive.

I hope that that is what happens with Conficker. It is fun to think about the diaster. but not much fun if you are in it.

I guess we will have to wait a few more days to find out.

Conficker's ConSmicter, or whatever.......No it is not PCI

Here we go again another virus to be worried about! The "Conficker"! I was listening to the news today and the newscaster said that I would be okay if I just downloaded the latest Windows Patch. Which one would that be??

I don't know how to download Windows patches onto my Mac. Should I be worried? Oh No!

This sounds like an opportunity to sell more AV software and raid the grocery store to clear the shelves of all the bread and milk..... oh yeah, and beer! There must be a disaster coming...

Well, I guess I'd better start trying to figure out how to get the latest Microsoft Patch onto my Mac...

And of course Good Luck with Conflicker!

Well..... One Outa Three... No PCI, No IDS, No Networking!

Okay, I didn't make it to the Radiators Friday night. What can I say Al. I got caught up at the neighbors house. Sorry!!

Anyway, I did make it to the Jupiter Dog beach yesterday to take pictures of the kite boarders. I am starting to meet the key players and now they are starting to know that the pictures I am taking are for sale. We also went to the kite boarding store. Pretty amazing the following that is starting to build with this fairly new sport. I think it is about 12 years old.

Here is a shot at the beach, and of course you can always go to the Palm Beach Post web-site, and go to the "PHOTOS" on the menu bar and then choose "POST PIX" and search on "mancini" you can see the great beach shots here in Florida.

Today I am working on straightening out the photo library in Aperature, Apples' photo editing tool. It is similar to Adobe's Photoshop. It is pretty boring work. It is supposed to rain today so maybe I can stay focused.

Have a great day!

What's Next..... Ransome, What Did you say Ransomeware?

I just finished reading an article in InfomationWeek, "Scareware Morphs Into Ransomware", by Tim Wilson. It never ceases to amaze me what is going on in the dark shadows of computing. Now we have "ransomeware".

I guess I was sleeping last June or thinking about NAC, when the news broke on the new type of malware which encrypts your hard drive and provides you with a pop up letting you know that you can purchase a key that will unlock your data if you want to get it back.

It is quite a ploy. Thank God for TimeMachine! Hopefully, Macs are not possible targets? It seems that this nasty bug is a variant of Gpcode which, I do not have a clue about other than it has been around for a while and the author is getting smarter about how to prevent removal.

I must give kudos..... no way beyond kudos to Kapersky and FireEye who are offering free removal for the poor souls who's computers might become infected with this. According to the information that I have taken a look at, we are are not likely to see this here in the United States, only Eastern Europe and Russia; however, is this what's coming?

Sometimes, I have to wonder where you have to surf to or what you have to do to get some of these incredibly obtrusive bugs. I guess I am fortunate. I have had friends who's computers were locked up with virus's. I hate to talk about it but the closest I have come is a warning that an email had been infected.

That being said, I still try to use every precaution possible to prevent the newest worm from wrecking havoc in my life. But who can be so careful as to never fall for the latest scam. I just finished my taxes a couple of weeks ago and I received a Phishing email disguised as from IRS. I looked at it, and of course my jaw dropped to the floor. However, it said that I was due money, so of course, you immediately let your guard down. Now how many unsuspecting people might follow it through and provide their personal information?

Well, not meaning to be so down on a Friday afternoon, but it did make me scratch my head and think............what's next?

Gotta go. Off to see the Radiators tonight! and it is Pictures of Kite Boarders... AKA: DOG Beach, in the morning and then horses in the afternoon!

Have a good one!

A Day At the Beach, My Other Job......

It being slow on the cold calling front, I am "forced" to other activities that will augment my income. So today, with camera in hand, I had to head north to the dog beach in Jupiter just north of Palm Beach. There I have been supplementing my income with photographs of kite surfers.

The last few days have been very windy here, so the waves are high and surf is rough. Last Saturday while I was taking pictures, one kite surfer was almost blown to the road. I caught most of it on camera. Lucky for him, he stopped just before the sea grapes.

If you are interested in looking at the other work I have been doing you can check out the Palm Beach Post the local news paper here in West Palm Beach. Many of my pictures have been posted there as well as a few that are featured this week.

Tomorrow it is another day at the horse show and then that is over for the season.

Until next time.

Enjoy every minute!

In the Wake of Our PCI Discussion......... Once Again!

I was forwarded an article recently from a friend regarding a very interesting data breech for Visa, Mastercard, American Express, Solo, Switch, Delta and Maestro/Cirru. In an article in the Australian IT publication, iTNews, Aussie stumbles on 19,000 exposed credit card numbers, the author describes how an innocent search on Google turned up 22,000 credit cards with all the attached necessary pieces of information...... name, address, CVV's, exiration dates..... also listed were the last transactions on the card!

I guess we are making some really fine progress with our PCI regulations. It appears to be working well..... NOT! Maybe it is time we give PCI a closer look to see what is working and what is really not and make some changes before the whole industry comes completely crashing down.

I think the biggest problem that is perpetuated by PCI is the false sense of security. The technology that is implemented in financial/PCI regulated establishments is prioritized by what fits the necessary requirements for PCI, not by what is needed in the business that will help to secure the posture of the organization.

It might be time to rethink where we are going with this, because the system is still not working.

As Earl Pitts says, "Wake Up America"!

Still taking Photos!

Well, I wanted to give a quick update. The show in Florida is winding down. This is the last week of the Winter Equestrian Festival. It has been a fun event, but you can see that the economy has taken a toll on the show. Still it was amazing to see the amount of people who work in the industry that still have work. It is a good thing!

Beezie Madden, who is one of the world top riders from New York (picture above), was one of the shows highlights. Many of the top riders from world have been present week in and week out.

Last Saturday Night was the end of the big money events. It was $400 K up for grabs. The winner took home about $180 K. Not bad for a night's....... (not really) work!

It has been fun to watch and see all these world class riders compete this past year. There have been many, outstanding photo op's, You can see some of the shots that I took this season on the Palm Beach Post Web Site.

Well, a few more days to go.... the last week, I guess you have to make hay when the sun shines!

Off To My Other Job

In light of these tough financial times for me and the rest of the world, I have had to pick up a second job. I have been moon lighting as a photographer, photographing the Winter Equestrian Festival in Wellington, Florida. It is kinda ironic when you see the amount of money that is spent on horses and the equine industry when you are there, and to know that the rest of the world is in financial crisis.

The show started in the first week of January and ends at the end of March. The top riders in the world are here to test their skills at jumping the highest jumps the fastest. It is quite an exciting sport to watch. In addition to the best riders in the world, the rich and famous are here to try their skills as well. Bruce Springsteen's daughter, John Mellencamp's daughter, Madonna, as well as many others have been through here to compete with their steeds. Lou Dobb's daughter, Hillary and Mayor of New York City, Michael Bloomberg's daughter Georgina, are a couple of the top riders for the US equestrian team.

So with one more week to go, I am a bit distracted from IT, trying to make the ends meet. This will be one of the top weekends, with the finals of the $400,000 Fidelity Consulting Classic.

I am off to see the rich and famous, maybe I will get lucky and someone will want to hire me!

Have a great weekend everyone!!

Who is Running the Show?

I have read several articles lately regarding the state of our National cybersecurity posture. In eWeek Magazine this week, there is an article by Matt Hines, "Short Lived Cyber Czars" and in InformationWeek, "Quick Takes" this weeks, "Leadership Needed". Both articles discuss the lack of authority or funding that Cyber Czar in this position has.

It seems that there are several issues responsible for our lack of a leader for this position and a lack of a role the department should take in structuring and enforcing a National Cyber Security policy .

There is a real and ongoing cyberwar against the United States that is unacknowledged and there is not a leader to take on the charge. There is the role of the Cyber Czar, however this position lies deep within the Department of Homeland Security, and has little or no authority. In addition, no one wants the position because the position receives no funding.

Rod Beckstrom, recently resigned the position after only one year, because he said that the department is so far removed from the main stream that there is a lack of influence to get anything done. In addition to lack of authority, there are issues with the NSA and who should really be running the show. To top it all off, the Cyber Czar only received five weeks of funding for his five person team.

I think that we should really move our country's cypersecurity initiative to the front burner where it belongs.Without a Federal CIO in place, no one department has taken the reins to coordinate efforts to safeguard our national security from the ongoing cyberwar. In addition, should this be run by the civilian effort or by the military effort? There are several views there but, the issue still remains that there is no one doing it today. The NSA has become the "de facto" leader on our defense, but is that really where the authority should reside?

It's the Same Old Story

Here we go again... Back in the beginning of March I write about the role of the new FED CIO and some of the things that might be considered while holding this position. By the end of that week the position was filled, and Vivek Kundra held the position. That is, until it was released that his former office was being investigated for fraud and theft.

According to an article in InfomationWeek, "White House CIO On Leave Amid Scandal At D.C. Technology Office", the CSO of D.C. Technology office was signing off on bills to the city for quipment that was not delivered, and for consultants that never worked.

Although the federal officials do not feel that Kundra was involved, he is definetly in a different light then when he was hired. I am sure that there are enough distractions without having to be involved with a federal investigation.

So I guess we will wait and see how this all pans out. Will we have a new CIO or will we have go to plan "b"?

Problem with a Mac....Solved!

Today is Friday and I will try to keep it short. I know, I have a great deal to do today!!! I am sure you do as well.......

You may have read yesterdays Blog, I was having problems with my Mac's hard drive. It seemed as soon as I loaded Apple's Aperture Photo editing software and loaded my pictures into it my hard drive became full. The funny thing was, it was only claiming to use up 9 Gig's of space. I could not figure it out. I had copied an image of the folder to my external drive and it was showing almost 70 Gig's. I figured that the version I had on my laptop was cleaner though and therefore only was 9 gig in size.

Well, in order to keep up with all the massive amounts of storage I am consuming, almost 3 Terabytes now, I purchased a external portable drive, to house only my photo library, to get it off my laptop.

Once I got home yesterday afternoon, I transferred the 9 Gig Aperture library off my laptop to my new 380 Gig external drive. And low and behold, I freed up over 50 Gig on my laptop!!!!!

Okay, how is this explained? On the laptop, I have no space, but the folder shows only 9 Gig, when I look at the folder on the external drive it shows it is 52 Gig's used. I am not sure the reason for this discrepancy. The only reason I can surmise is that because my drive was so full, the amount of data could not accurately be determined.

Oh well, it's working great now!!

Have a Happy Friday and a great weekend!!

Problems with a Mac.. Believe it or Not..... YES

It all started about the end of last year. I purchased a new Apple software program called Aperture. The program is a high end photo editing software package that competes with Photoshop but costs about a third.

If you have read "Secure or Not Secure", over the last few weeks you know I have had problems with disk space on my Mac. I purchased a program that identifies duplicate files called dupeGuru, by Hardcoded Software, which seemed to work well. The problem is I still don't have any more disk space now that I have eliminated, about 30,000 pictures. Surely that would do it!!

Well it hasn't, so I am doing what every conscientious IT Manager would do, I am looking for garbage files I can get rid of. So far, I have moved my photo library off my hard drive, now my iTunes Library, and I am not sure what is next.

I have purchased almost two T's of external storage and still my data goes up! I think there is more going on here then I am aware of.

If someone knows what is eating my disk space...... Please let me know!

Off to Trash some more files................

IPS Debate....... No Question About it!

I just got the new issue of SC Magazine for March 2009. In it there is a debate between Alan Shimel of StillSecure and John Viega of Stonewall Software, "Debate >> Small and medium business should deploy and intrusion prevention system". The debate focuses on the value or ROI for IPS in the SMB market.

I could not disagree more with John's position. Basically he is saying, because people do not know how to manage the environment, it should not be considered for their environment. He does have valid points though, that IPS does and can produce thousands of alerts a day, which can be overwhelming. Also, he states that the MSSP market is a $1.3 billion market.

That being said, I would advocate, YES you should have IPS, but you should not try to manage it unless A) you know what you are doing, and B) you have the time to manage it. These are the two biggest factors facing the success of IPS in the SMB space.

Who has the time? With everyone wearing many hats these days, no one has time to be strategic anymore, either they are recationary or tactical, and with IPS that does not cut it. If you find yourself in this predicament, consider using a good MSSP to provide the service for you. StillSecures ProtectPoint Services are not only cost effective, they have the experts running the service for you. So the thousands of alerts that you are looking at can be properly handled by the Experts. Alerts that need to ne acted on can be while those that are false can be managed.

Check out the ProtectPoint solution by StillSecure, if it looks like it might work, dr0p me a line, I can get you to scoop really fast!!! We have a connection for you!

Till next time...............

Where do we go from here.....Up!

There is quite a bit of uncertainty in the world today and I think that fear has definitely got a stronghold on society. With my new venture Secure Technology Partners, I knew it would be challenging in this difficult economy, but I still feel very strongly that the savings that I can provide an organization, far out weights the expense for the new technology.

With that being my number one sales tactic, or shall I say motivator, to get people to speak with me, I am very surprised right now at the number of people who would rather sit still, than make any changes. Now is the time to be looking to new technologies that will provide not only a better level of service, but also a cost savings over the way that you are currently doing business.

I heard a story today of an old friend of mine up in the northeast. He sells a new type of furnace/heating system that auto repair shops would use. The concept is pretty simple, use the old motor oil from the oil changes to heat the building. It does sound a little bit environmentally unsound, however they have figured out how to make it be environmentally friendly. The saving with this system is very significant. In one auto dealer alone, the savings would be over $25,000 per month. It would seem that it would be an easy sell..... Not exactly.

Nobody, will move forward. We are like a herd of deer in the headlights waiting to get run over. This is not the same set of principles that this country was founded on, and certainly not the same set that made this country strong. I must say that it is time to get out of the funk and start living again. We, as individuals, cannot control what happens to the economy, but collectively, if we started to think positively that we can get out of this mess, we will.

We need spirit, and drive and passion, NOW! Let's look at what we are doing and if you answer NO to the question, "Am I doing the best that I can do", then it is time to make a change. Find something we do well in each project or assignment we are tasked to do and start there.

We are unstoppable with the right attitude. Let's get there and show the world how it's done!

Have a great Day!

Microsoft Windows on Shaky Ground?

I just finished reading an article in Wired Magazine: "Netbooks Offer a Chance to Challenge Windows' Long Reign', by Priya Ganapati. The article speaks about the new wave of computer devices called "Netbooks" and how that the race to provide an operating system that will work on them may cause a crack in the Microsoft Windows OS armor.

This new breed of notebook has been downsized from it's bigger brothers, and generally sport smaller displays, hard drives and memory. Because of this, Window's operating system (XP & Vista), does not work well, or does not work all together. Windows was designed to run on full featured devices and it cannot scale down to meet the netbook's reduced spec's.

Windows does not appear correctly because of the smaller displays. The Windows' icons designed for larger displays do not fit well and to manipulate the icons with the smaller keyboards becomes tricky. The limitation of RAM and disk size is also a factor when trying to run Windows.

As a result of this new "Netbook" market, software developers are racing to deliver what could be the predecessor to Windows as we know it. JoliCloud and MSI are the leaders in this race to see who can be the dominate the Netbook OS. Who ever wins could be setting the direction until the next evolutionary change takes place. If either one of these vendors were to become dominate were their new operating OS, is preloaded on netbooks, they could have a substantial windfall.

I also read in another article in Macworld Magazine that Apple has insinuated that the iPhone was the first in the future of Web devices for them. Possibly a larger I phone that could serve as an internet device with a larger keyboard?

Well of course Microsoft has not been quite on the subject. They are spreading their FUD (Fear Uncertainty and Doubt)! Microsoft is stating that Windows 7, the next release of Windows, would be optimized to work on the scaled down systems.

Whoever wins this race could be setting the direction of computing in the future. The rewards will be huge if they can pull it off.

Customer Service - A Positive Experience

I know that everyone has had their own experience with customer service, but I wanted to let you know about something that happened to me recently. I have always been into photography, but I never did much with the pictures that I took. Occasionally I would print one or email one to somebody, but that all changed back in December.

I decided it was time to start doing something with my pictures, so I bit the bullet and purchased Apple Aperture to work with the photos a little. After loading the application and then importing all my photo's I realized that many were duplicated. Not just many but THOUSANDS!! I have no idea how this happened but sure enough, I was out of disk space!! I purchased an external drive and copied my library to the new drive. That freed up the drive on my laptop. But then how do I get all the dups deleted on the external drive?

Well, I Goggled and found a program called dupeGuru - Picture Edition from Hardcoded Software. It was relatively inexpensive and there was no physical way, probably in my lifetime, that I would be able to go through 56,000 photo's looking for dups. So I purchased this app and now I was on my way... Right? Well not exactly, because of the volume of photos, I was pushing the limit on what could be scanned. I started the scan and three days later it through up its arms and Quit!

I contacted support via email, and within a matter of minutes, I received an email from Virgil Dupree. He provided me some instruction on possible causes to make the program stop. So I tried it again and four days later it quit again, once again contacting Virgil and asking for help. Again immediatly I receved a response to my inquiry with a couple of other things to try. I started the scan again and about two days into it, my machine was accidentally turned off...... Operator Error!! So trying what I thought would be my last time. I started the program and off it went. Three days later it died in the scan! Wow, what could I do to get these files removed? Email back to Virgil.

Virgil, immediatly responded back that he had written a new version that would speed up the scan. I tried and again it failed. To be honest, at this point I was ready to give up with the software, but because Virgil was so responsive, and helpful I continued to try again. Well this time, after only two days it quit. Again I email Virgil, and I could tell that he was out of suggestions.

He told me to try again and send the logs, which I did. About a day later he sent me another version to try. Two days later it quit. I think at this point Virgil was ready to give up, as I would have, if he did not have a suggestion. But low and behold after only 24 hours, my photo library is down to 23,ooo photo's without dups!! Yeah!!

Long winded way to say, there are still people out there, who are willing to and want to help. I have had some very bad experiences over the last few months: AT&T, Direct TV, Delta Airlines to name a few. They will do what ever they can to avoid taking your call. Have you tried to navigate some of the Voice Response Systems? I think most are designed to get you to hang up before you get someone on the phone. But I must say that Virgil's demeanor and desire to fix the problem gave me the confidence to keep trying.

Thanks Virgil, I appreciate all your help!! Keep up the Great work. And for all the rest of you, if you need an application to scan for duplicate files, check out dupeGuru!!

When is Apple Going to Get Serious

I don't understand why Apple has not gone after the business/enterprise market in light of all the changes in the industry over the last 12 months. I think that this a perfect time for Apple to spread its wings and get with the program.

I have seen Apple come from a startup to the producer of fine computing machines over the last 30 years. The OS took a side step a few years back and is based on Unix. The Laptops Apple is producing are getting smaller and more powerful. The iMac, whose concept, surely was copied from the Gateway Profile (don't know why it didn't work for them), has taken off. Applications are, for the most part, no longer an issue of compatibility. The iPhone has had overwhelming success in both the business and personal sectors. So why not go after the corporate market?

I have heard different reasons as to why, but I am not sure I understand. I have heard of the expense it would take to put a support group in place. I have heard that consistance of components can be a problem, and I can think of a few more, but is that really what is holding Apple back.

It seems that the corporate world is just begging to be tapped, in all industries. Not just the Ad and Media companies are allowing Mac's in the door these days. In just about every organization I have been to over the last year, I have seen Macs. So what's up?

Maybe it is time to take a hard look at this market. In times such as these that most economies are shrinking, Apple could lead the charge to reverse the flow. Think what it might do for the shareholders!

I for one, would love to take a stab at selling Apple products into the Corporate world. I must admit that I am still trying to use all the features on my MacBook, but it has not swayed me back into the world of the evil empire. And with Microsoft missing a beat with Vista, what better timing could there be.

Come on Apple Give it a try, I think that you will like what you will find out there.

Agemain’s Laws of Prudent Thinking - (ALOPTs)

I read this list in response to a post that someone had submitted regarding the role of the "to be hired" Fed CTO. While I don't agree with everything on the list, I do believe that as a Technology Consumer, you should take into consideration what Agemain said; however, I feel that when this was written, the IT industry as we know it today was not around. The evolution that has taken place over the last 30 years, has dramatically changed the industry in a very positive way.

The idea that you can start a technology company in a garage and become an idustry leader is a relatively new phenomina (although I am sure Henry Ford would disagree). Startups are popping up everyday with a new piece of technology to add to the mix. If you close your eyes for a minute you will miss the addition of thousands of new products. The evolution has also taught us that the components have got to work together.

Back when this was written, vendors provided solutions that had closed architechture. If you were going to make something that would enhance the production of an existing system, you had better have a relationship with the system vendor.

So while I do agree with much of what was written, I must say that the point that strikes home the most is #7. I think this is the most important point on the whole list, and one that IT consumers should heed. A good vendor is one that puts your goals an objectives first. Your success is a direct reflection of their success. A good vendor knows that if you are successful with your project they will be successful in their job.

Read and enjoy, I am sure you will have a comment!!

Agemain’s Laws of Prudent Thinking (ALOPTs) *1
1) The surest way to make the new system cost more than the old is to pioneer the wrong thing.
2) The surest way to blow a computer budget or lose in poker is to throw good money after bad.
3) He who leans too far into the future will fall flat on his face.
4) It is not against the law for a peddler to puff his product. Beware of salesmen giving technical advice.
5) Beware of consultants trained in only one brand name. They will recommend the product that they know how to install and support. When a person only knows how to use a hammer, their solution to any problem looks like a nail.
6) A big advertising budget has no bearing on product quality. It just makes it more expensive. An advertisement does not have to tell the truth, the whole truth, and nothing but the truth. Reference law 4 above.
7) A Corporation has no soul. It depends upon the common ethical values its employees bring with them to the workplace. Choose vendors you can trust and stay with them. Judge vendors by their deeds, not their words. Treat ethical vendors as an asset and they will serve you well. Exploit them and they will go away. Unethical vendors will exploit you and betray your trust when it suits their best interests.
8) When faced with major technological change, speak softly and carry a big staff.
9) A successful project requires three things: A vision, a sponsor, and a champion. The vision gives us a target. Once we know where we want to be, we can plan how to get there and know when we have arrived. The sponsor pays the bills. The champion cheers us on, keeps us on course, and advocates our cause. If you think that technical competence and money are all that is required, see rule number 1.
10) What is worth doing well is usually worth doing poorly at first. A 90 percent solution that we can manage now is better than a 100 percent solution that never gets started.
11) Pace yourself. Do not try to do everything at once. He who tries to swallow an elephant will choke on its tail.
12) Do not use more people on a single task than necessary and do not mandate impossible deadlines. Putting ten technicians in a phone booth does not fix a telephone in one-tenth the time it takes one technician to do the job.

1 Agemain was the keynote speaker of the third annual automation conference of the American Bankers Association. This was the time when the banking industry was making serious investments in mainframe computer technology for back office automation, especially check processing. At that time, Agemain was the CEO of the Chase Manhattan Bank. I was covering the show for 3M Company. His remarks are at least 40 years old. Although technology changes like a whirlwind, people don’t change much. His advice is as applicable today as it was back then.

P2P Software Releases Blueprints of Marine One

I just finished reading an article in InformationWeek, by Tim Wilson, regarding the leaking of Blueprints on Marine One, President Obama's helicopter, " P2P Leak Exposes Sensitive Data On Marine One". It amazes me to see the continued lack of visibility by System Administrators and Security Administrators into the endpoints on their networks.

It seems to me that if someone had been paying attention to what was on their machines, this problem could have been easily been eliminated. BigFix, a Security Configuration tool, among other things, could have instantly detected the P2P application on the endpoint as soon as it was launched. In addition to identifying the offending machine, BigFix, would then remove it, if it was instructed to do so. SIMPLE!!

Another tool that could have been used, is just about any decent NAC solution. In it's pre-connect interrogation, a "Total NAC" solution, would have identified the P2P software and prevented the offending machine from having access to the network.

I am not sure what the total price tag would have been for the offending company to implement either one of these solutions. However, I can bet you, that once the name of the offending company is released, they would most likely pay Ten Times the amount, to have prevented this breech. In addition, I can say with almost 100% certainty, the salesperson from BigFix was there to pitch the BigFix solution, and most likely, explained how this type of breech could be prevented.

I know that it is difficult to listent to all vendors claimes of their solution, however sometimes, it pays to do your homework.

The Role of the Fed CTO

In a recent article in InformationWeek, "Down to Business: What Obama's CTO Should (And Shouldn't) Focus On" Bob Preston discusses the role of the "to be appointed" Federal CTO. His first question is do we need one? My response is yes. I have worked with several branches of the DOD and civilian agencies in the past. Each one is operated based on it's own culture. The general practices of one agency are not necessarily the practices of another. Initially this may seem like a very logical and good system, because all agencies and departments are not the same. However, I think that there is a lot of redundancy in this system and that because of this, there is also a lot of waste.

As a country we should put running the government as efficiently as possible as one of the top priorities of the new administration and the American public. So why create a new position at the top? This certainly would cost more right? Well I say not exactly. If someone can unify all these systems and look forward enough to get all the systems to work together..... in the future, it would create efficiency. Infrastructures could be shared, and of course streamlined because now agencies would be using the systems together.

Certainly there would be areas where the benefits of sharing could not be applied, as in specific applications to run the business, but much of what is out there at the foundation of the agency networks could be used cooperatively. What is used by the Department of Treasury is not what is being used by the Department of Interior or The Internal Revenue Service. All use their own systems, infrastructure, and of course applications. Why could not forcing these different agencies to work more cooperatively create efficiency? I strongly believe it can!!

I have read several articles and interviews with industry visionaries regarding their view of the role of the Federal CTO and the one common thread is to eliminate the redundancy and "Stove Piped" infrastructures that exist. Let the information that needs to flow between the agencies be shared. Do not recreate information because one agency is using one application verses another. What a waste of time and space!!

There are many different opinions on how the Fed CTO position should be modeled. In the InformationWeek article by: Chris Murphy, "Federal CTO Agenda: The Industries Advice to Obama", the opinions of many of the largest players in the IT industry are expressed. Some I agree with and some I do not, but if we can do one thing that they, and I agree on, let it be to bring down the walls in IT that exists between the federal departments and agencies. If we address this one issue now and always going forward, we will make the biggest difference in preventing waste.

Secure Technology Partners Update

Well since my first blog post I have been extremely busy getting Secure Technology Partners up and going. It is quite an undertaking!

I finally have a presence on the web: www.securetechfl.com. This will change to securetechUS.com shortly but we have not made the switch yet. I have the agreements in place for StillSecure and hopefully have BigFix done by the end of next week.

I am pulling the pieces together for the web-site and now have a new VP of Marketing!! Welcome, Jessica Cox! Jess has many years of experience in the marketing and advertising industries. She will be helping to design the web-site and getting the word out about Secure Technology Partners. Jess is also involved with the Conscience Youth Media Crew, (CYMC) a San Francisco based non-profit that helps children develop marketable skills for the film industry. It is quite an amazing job they are doing, taking at risk children and teaching them skills that they can then use to get jobs! What a concept!

Alan Shimel, author of StillSecureafteralltheeseyears, gave me a nice "Shout Out" in his blog on Wednesday. Thank you Alan! I need all the help I can get so if you have any suggestions or advice, please pass it on.

I hope that we will have more report on next week.

Adios!!

NAC - What to do with it?

I saw a post on my FaceBook last night by Jennifer Jabbusch who writes Security Uncorked. Jennifer is one of the leading industry experts on Network Access Control (NAC). She was making a call out for people to participate in the survery for Information Week's Mike Fratto: "Is NAC Hot, Or Not". While going through the survery questions, it brough many thoughts to mind regarding the success or lack of success NAC has seen in IT adoption rates.

While at StillSecure, I was pretty emmersed in it. I got to understand NAC pretty well, but most importantly, the true benefits it brings to the business world. Most people view NAC as the "BIG STICK" that will protect their network from unwanted guests and provide the "BUTTON" to cast people off their network who do not comply with the current security policy.

While NAC can be all those things and more, that is not where the true benefit lies. First, and formost, your NAC solution should provide you with a tool to test your end points and evaluate how "Out of Compliance", your end points are. This is probably the most important aspect of a "True" NAC solution, to provide visibility into the end point. Most organizations, have implemented an "Acceptable Use Policy"; however, most have not defined an acceptable user application profile or do not enforce it because they have no means of doing so.

Visibility into the end point is the most important feature of NAC, and the second most valuable feature is the ability to act on the end point should it be in a critical state that might compromise your network.

If you think about it, what was the last cool application that took off like wild fire? Did you know who was using it? What is the most proliferate application not considered or part of the "approved list"? Can you answer those questions? What if a vulnerability came out for iTunes? Would you know who was using iTunes, and had the latest patch to address the vulnerability? For those that were not patched could you act on them to isolate them from your network?

This is an example of the visibility and control you should have over your end points. Not from that standpoint that you are now the traffic cop and will be able to knock whoever you wish off your network whenever you feel like flexing your muscle, but by giving you the status of your network, you can then provide the education to the users where you see shortcomings and work on getting your environment into compliance. You can better understand your security practce and fill in the gaps for your shortcomings. NAC will allow you to know how effective your antivirus updates are in reaching your endpoints, how many people have not patched with the last MS updates, and of course many other ways to profile your IT infrastructure.

This is where the value lies. Of course after you get everyone into posture, you can then take action if necessary, but only after you truly understand what is going on in your environment.

If you are interested in knowing more about your endpoints, StillSecure has a free version of Safe Access that will test up to 250 users called "Safe Access Lite". It goes in simply and will give you a very quick idea of what your end points really look like. BigFix is another solution that will do this for you, but you will have to contact them for a trial.

I could go on and on regarding NAC, however I think the starting point is to understand what value it has to your environment.

Stay tuned!

Subscription vs Perpetual

I just read a brief article in Network World "BigFix hits rivals with 50% price chop". The article tries to take a negative spin on a marketing tactic that BigFix has taken. The author, John Dunn, looks at it from the perspective of BigFix casting the first stone in a potential price war with its competitors in the Patch Management arena.

Well, first off, I must say, BigFix works! I know this first hand. It is by far the best patch management solution available. So the opportunity to move to the BigFix offering is worth looking at. However, I think what John missed in his article is the fine print. BigFix provides it's software on a subscription basis. It makes perfect sense, when you see how the solution is managed and updated. Basically, in a nut shell, without BigFix, the software has no value. The content and updates that your unique environment requires, are fed to you by BigFix. So they are constantly updating and sending out the updates to its customers.

Because of this model, BigFix finds that a "subscription" is the most cost effective method for licensing its software. This is where you pay a yearly or multi-yearly subscription price to use the software. When the subscription expires the license goes away or is renewed. In contrast, most software is "purchased" through a "perpetual" license. In this scenario the software is purchased one time and maintenance is then paid to the vendor for the support and upgrades/updates. For many solutions this makes sense. The license is owned by the customer and can be used theoretically forever (Microsoft Office uses this model). However, for the Patch area it makes no sense because the content has to be continually updated by the vendor.

So you have to look deeper into John's article to see what is really going on at BigFix. BigFix, has a great patch product, no doubt. It also provides many other security solutions on that same platform that do everything from security configuration management to data leak prevention. The installation of the additional functionality is a simple process. The 50% discount doesn't equate though to the perpetual model, because the price is always cheaper in the short run, say one to three years, because the cost is spread out over the life of the contract.

So why not get people, who are having problems with their current patch solutions, to look at them. If you can get a demo with BigFix on patch, you will quickly see the many other benefits that the platform will bring to your environment.

The 50% discount is to get your attention, but it really is not an apples to apples comparison. Do let that stop you from looking, as they say at BigFix, "It Just Works"!

Another Delta Story - Have you been Delta'd?

Well, once again I have been DELTA'd. A new verb that can be used when you are completely taken advantage of.

I have been planning, since the beginning of the year, to take a trip with a buddy of mine. We are both on pretty tight budgets, he being married has to have several purposes for the trip before the CEO of the Farquah family, Mrs. Farquah will approve the expense. Bill was going to fly from Birmingham, Alabama and connect in Atlanta and I was coming from West Palm. We were on our way to his brother's in Santa Cruz to play golf for the weekend. So it was a pretty big deal for both of us.

I had a 6:00 AM fight out of West Palm. As a good traveler should, I was there in plenty of time to check my clubs. I boarded the plan and away we departed........... But wait, for some reason, never shared with the passengers we had to stay put for 45 minutes on the runway. The weather was clear in West Palm, so certainly the weather must have been bad in Atlanta.

We finally took off, and knowing the Atlanta airport I knew it would be tight changing planes. As soon as I had landed, I called my friend who happened to be standing at my gate, I told him the situation and that he should go to our connection gate and let them know that we had just landed and that I would be running to the gate as soon as I got off. Oh and wait, the weather is perfect in Atlanta!

So I did just that. I ran, sprinted, from Terminal B to Terminal A, gate B13 to gate A9. When I got there the plane was still at the gate. Well yes of course it was there, we still had 5 minutes until the plane was supposed to leave, so why wouldn't it still be there.

There were no gate agents to be found. I walked past where they take your ticket, to the door that leads to the gang way. I knocked as loud as I could to get the attention of the people I could hear on the other side. I called Bill who was already on the plane. He said that the door was still open on the plane, I could hear him asking the flight attendant's to open the door to the gang way, that I was right outside.

After 5 minutes of banging and no one answering, I told my friend Bill I was going to see what I could do for an alternative flight. I went to the first gate agent I could find. I had heard previously that any gate agent can help you. The gate agent told me to go to the service desk. So much for that piece of advice. God forbid that you might find someone who would be willing to help you. After arriving at the service desk I was told to pick up a phone and call the customer service desk. Really good system, I guess they figure if you have to talk on the phone you can’t get physically violent with them!!

I called the service desk and was told that the only alternative flight was to connect in Dallas, Texas and then again in Salt Lake City, Utah and then go standby from Salt Lake to San Jose!! Well, you should be able to understand my overwhelming disappointment with this, “Plan B”. We had just made a simple flight from West Palm Beach, Florida to Atlanta, Georgia and I missed my connection. Now as an alternative, they were asking me to make two more connections and then fly standby. (I think you know my reaction!) The alternative to this was to fly back to West Palm Beach, where I would be charged for the round trip to Atlanta. And of course the earliest flight was at 1:30 PM. Even though there were two flights back to West Palm before that, she told me that this was the first one with a seat!

At that point I thought the safest pick would be to go back home. I did not want to be stuck in Dallas or Salt Lake City. The agent told me that the first plane that I could get on was at 1:30 PM that afternoon, mind you, it is know 8:30 AM in Atlanta. So what was I going to do for the morning? I decided that I would get some more exercise and walk to my new assigned gate of E8. As I walked over to the new terminal. I noticed that there were several earlier flights. Again I went to the service desk and called the customer service people. She said no problem that there were several seats available. Coincidentally, she was the same agent I had spoke to before. Why didn’t she ask me if I wanted to go home sooner? Why did she tell me that the 1:35 PM was the only flight that I could get a seat on? Anyway, she got me a ticket and to the gate I went.

When I got back to West Palm, I went to the baggage claim area. Of course my bags were not there. I then went to the baggage office for Delta. I told the agent the situation and he handed me a folder and told me to call the number on the front cover after 6:00 PM to find out where my bags were sent. He said that they could tell me when my bags could either be delivered or picked up. I explained that I would prefer to have them delivered.

I called as directed and was told that they did not know for sure; however, every indication was that my bags went onto San Jose. About 10:00 PM Thursday night I received a call from the Baggage Agent is San Jose, she left a message on my phone asking me what I wanted to do? Now you would think that someone would have notated something in the system, like I went back to West Palm Beach!

I called back Friday morning and was told that they thought the bags were in route back, but they could not tell me for sure what time, because of the connections that the bags would have to take. I called back again that evening and asked what time the bags were to be delivered and was told that they would not be delivered because I had not created a file! I did not know that I needed to create a file. I went to the baggage counter as instructed and told the agent the situation, so why didn’t he make a file? Why could not a file be created then? I sure don’t know, but it was definitely my fault according to them! Friday night I went to bed, still know knowing about the fate of my bags.

Saturday morning I woke up and called Delta first thing. I was told that my bags were now back in West Palm, but I had to pick them up! They were not going to be delivered regardless of what I said. Again, I was wrong for not creating a file I did not know about.

So at 7:30 AM Saturday morning off I went to the airport. My friend went with me and suggested that she go in the baggage office while I waited at the car. After sitting there a few minutes a Palm Beach County Deputy, told me to “make a loop!” I tried to explain that my girlfriend was coming out with the bags and he said he did not care: “MAKE A LOOP!”. I went to get back in the drivers seat when I realized that I had given my friend my drivers license. I told the deputy that I had given my license to her and I could not drive without it. Well, that was the wrong thing to say! He wrote me a $30.00 ticket for refusing to move!

What an adventure. I sure hope that this is an indication of what flying has become or the direction it is going. I have done quite a bit of flying over the last year. Several times I have been delayed quite a bit. Once I was stranded in Atlanta over night after missing a connection, but have never been treated this poorly by any airline. I am a Delta Medallion Flyer and it did not matter one bit. I think this experience will definitely cause me to rethink, my airline loyalty!!

The PC Lives……. YES it does!!

I just finished reading an article by Jason Brooks in this week's E-Week Magazine, “The PC Lives”. In the article Jason discusses the present state of the PC, both desktop and laptop. Jason has been on a quest to look at and evaluate Windows alternatives for a desktop operating system. So far he has not found a good alternative; however he has some observations regarding the PC and its future.

Over the past 16 months there has been a big push toward the cloud. Applications for the end user and consumer on the Web are popping up left and right. Google has it’s set of apps that have in many cases replaced the office suites that required you to take out that second mortgage to purchase. We thought it was predatory lending that put the economic situation in this shape, I have a theory, Mr Gates!.

Many people have purchased systems over the last few years to just have access to the web and email. So naturally hardware manufacturers have jumped on the band wagon to respond to this expanding market segment. Components on the systems have optimized to make the laptops and more appealing to travelers who are only using web applications.

But what is really going on here? Hard core business applications are not needed on personal systems anymore. Many people initially went out and purchased their first machine with the idea that they could now take work home. They wanted to have the same applications on those systems to make editing and format compatible. Now that many business applications are hosted, there is not a need for the high power machines as in the past. Unless you are a gamer, or doing a specific high power consuming process you don’t need the juice that was required of the past.

Web applications do not require you to have the horsepower. If you have a lot of bandwidth and RAM, and of course a mal-ware clean machine, chances are your are working just fine.

Does the PC live? Of course! But not in the same form it was 12 months ago and certainly not the way it was 36 months ago. Evolution is happening. Ten years ago while I was with Gateway Computer, we could see the future, a PC in every home. Now they are shooting for one in every pocket.

The natural evolution (can you say that about computers?) of computers is taking place. There might be a few applications out there that require high end specifications, and there could always be a new one to show up, but for the rest of the world,what’s happening is working quite well thank you!!

Happy Trails!

Jack

Off to California

Just wanted to say hey, I am off to see some crazy friends. Three days in Santa Cruz! I hope I can turn the throttle back.

Adios!

Jack

Identity and Access Management - Where Is It?

Several years ago while I was working as an Account Manager at CA, there was an incredible interest stirring in Identity and Access Management (IAM) systems to satisfy regulatory compliance, streamline the provisioning and de-provisioning of software, simplify the end-users password experience and, to allow the end user to automate the whole password reset process if the user was locked out of a private network.

It was amazing to me how complex all of these systems are as stand alone solutions, however the greatest value and return on investment comes when all the systems were working together in unison. Can you imagine the amount planning and system modifications that have to be made to reach that level of integration? Usually there would be an immediate need for one piece of the system over another, say password reset over password synchronization, but generally there was the goal of one day implementing the whole solution.

It is obvious to me the benefits of IAM systems, and I thought surely this would be the next frontier of opportunity in the security sector. However, what has surprised me, is how the technology has not advanced much to ease the complexities of implementation to where the benefits far outweigh the cost of implementation making adoption an easy decision.

It still amazes me when I hear about friends going back to work and companies, that they had previously left, and all their ID's and application access was still there! (just like they never left). Pretty scary!

The other big area with IAM systems that really has never been addressed in a good way, is password synchronization. How many systems do we have to remember passwords for on a daily basis. As end users, are we using the same password for each system we try to access, so if one were to be stolen, the thief might have access to all systems that user had access to? This is a great security vulnerability. And what about our home systems? Think of all the applications and web access portals we use every day, and do not have any secure way to safeguard those passwords and to randomly, periodically mix them up so that if you were ever to get your ID stolen you could quickly go to one place and turn them all off.

I still think there is a great deal of improvement needed with the technology before you will see a overwhelming adoption of Identity and Access Management Systems. I do not think one vendor has taken a clear lead and has put this technology on the map to make it a must have solution set. The market is wide open and if you consider what could be done on the consumer level the opportunities abound. Take it one step further, and look at what tight integration with Network Access Control (NAC) systems could do for you.

The possibilities are endless. There are companies like StillSecure that have the vision, and are trying to get there as quickly as possible. One day it will be here, and the supplier of the technology, will be able to write their own ticket!

Have a great one!!!

Jack

Prox Cards for Personal Use

I was looking through the security web sites that I read this morning and saw an interesting article in Information Week from February 8, 2009. In the article "Startup May Just Digitize you Wallet", George Hulm discusses using newly developed technology by Proxense a Bend Or. company.

I have thought about this type of technology for years, and from the gist of the article it seems that others have as well. I for one, am so tired of carrying a wallet full of store reward cards to get the best price on a product at one of my favorite retailers. I do not know who came up with this system but, I can think of a few things I would like to do to the inventor of this idea!

I think they are responsible for all the back problems I now suffer from carrying them around in my back pocket and causing me to sit leaning to my left side. And when I travel, I try to cull out the ones I don't use to lighten my load, and inevitable I need one I don't have. Not a very good system.

The questions that come to my mind though, are how will the information be secured? Can the data be intercepted? What about the data store, how will it be secured? Is the system maintained by you or a third party or the retailer? If we could control what gets added and removed by updating a form on a secure web-page I think I might really look forward to this type of technology.

In addition to the obvious benefits, George speaks about the countless other applications as well as using it to store vital health information. Now we are getting somewhere.

The idea of this technology and innovation gets me excited because it places that technology in the hands of everyone. There are countless technological advancements created everyday; however, most people never realize it because it is behind the scenes. That is what was so much fun about working in IT in the '80's. Every day you would see a new product that would change the way you do things: mice, printers, graphical interfaces, mass storage devices, the internet.........

I know that this is a very rough time for everyone. But maybe it is what our country needed to stimulate innovative thinking and motivate people to implement those great ideas that they have been holding in for so long.

Oh, and remember what Oscar Wilde said,"Only dull people are brilliant at breakfast".


Jack

Managed Services The New Frontier........ WHAT?

I woke up this morning thinking about the business model that I am going to shape Secure Technology Partners, Inc. into. The thing that kept sticking in my mind was what Steve Harris, former CEO of Protect Point, which was recently purchased by StillSecure, said to me last week. “It is time for a paradigm shift” on how businesses purchase and implement IT solutions. He said, and I strongly agree, "it is the natural evolution of application delivery".

Of course Steve's company has been offering Managed Security Services for sometime so he has, I am sure, heard many of the objections to this delivery model. However, I think it is now time to really pay attention to this and to consider this type of model for many of your IT Systems.

I think the immediate driver to this type of model is economics (what better timing could you ask for!). If you look at the sheer cost of maintaining a typical IDS/IPS environment, you could most likely justify this this type of application delivery. You have the people that are responsible for the system, the maintenance on the system both hardware and software. You have the soft costs associated with failures and system glitches, and of course the mother load of all costs, a system is compromised.

I have been in many enterprise environments, where there were resources available to do the work in-house, and I have seen, without much trouble, many holes that could be breached in those systems. Primarily, this is due to the fact that the people running those systems are not the experts and that they are often taken off those systems to address higher priority tasks . I don't mean that in an offensive way, however how can they be the expert with all the hats that one has to wear today?

Many administrators have been trained on the systems they are charged to manage. Some have even been pioneers in the adoption of the technology and have worked with it since its inception. However, the disconnect comes from the fact that no system is static. It is forever changing and each change effects other systems and so on down the line. Vendors are constantly changing their applications and upgrading and patching on a daily basis. It is not until a system breaks that you might realize there was a change made.

There is no way humanly possible that, regardless of training, or amount of time spent on the system that administrators can be the expert over and above the vendor providing the solution. The gap comes from your system to theirs. But what if, where ever possible, you were to outsource those critical systems and offload the operational cost to a provider that would be your expert?

Immediately, you should see better service levels, the cost for the system operation should go down, and you now have experts that are trained and have access to resources so that if there is a failure, it is not going to be on your end, taking your resources to figure out their problem.

But is this enough to make the switch? Just consider this. Bob Evans, senior VP and director of InformationWeek's Global CIO unit, wrote "An Open Letter To Oracle CEO Larry Ellison", in the February 2nd, 2009 edition. In it he states some very interesting information regarding Oracles firm stance on charging a FLAT 22% for maintenance to everyone. As consumers who need the technology, you are forced to pay maintenance fees for service that you might never use. In addition, Oracles' President Charles Phillips pointed out, in an InformationWeek interview, that the fee's "fund product development and allow Oracle to create next generation product". Is that what we are paying for? I thought that was figured into the initial cost of the purchase.

Hopefully, you can see my point. The added costs with maintaining an in-house system do not provide you with a higher level of service or any additional benefits, from one that can be truly delivered in a SaaS or Service Provider scenario.

Whether you are looking at backup and recovery, security systems or many other IT systems, many can be supplied as a service. Pay one fee and get the service you require without the overhead expenses, infrastructure cost or liability.

Sounds good to me! I want to deliver what clients want and more importantly need, and to make sure that they are profitable, or at least, not be the cause of their failure, so that I can continue my partnership with them into the future. You can buy the best software & hardware money can buy, however, if it is not implemented and managed correctly it’s not going to work and usually the cost to make it work are far more then you budgeted for. The last thing Steve Harris said to me, and I can relate, “Just because you use Tiger Woods driver, doesn’t mean you will play golf like him”!

Until next time:, Hit em straight!!

Regards,

Jack

Does IT Security Need A Governing Body - NOT!

In the February 2009 SC Magazine, Richard Starnes, the President of the Bluegrass Chapter of ISSA, tries to make the point that there should be a governing body for IT Security ("Security needs a governing body"), such as the American Medical Association or the American Bar Association. To this I say - BS! The last thing that the IT or any industry needs today is another FAT, self serving governing body.

One of the great things about America, and Americans is that, deep down there is still a ray of hope for success through hard work and perseverance. This system allows the ones that perform well to rise to the top and those that cannot deliver to go away. Yes, I guess anyone can say that they can provide the service or solution and then not deliver, but I think we all would agree that those people do not last very long. Bad service and false commitments happens in governed professions as well, I have a lot of first hand experience there!

The IT business has had monumental growth since the early 1980's because of the innovation and creativity of the many contributors in the industry. To say that you will now have to do things a certain way and to have the certifications, (what a profit center!) in order to complete the work is ridiculous. Much of the best work and most technology advancing innovations have come from kids! I have worked with many young adults, and put in the right environment without certifications, without specific education, and without access to a common body of knowledge they were professional. And, we all know who really works in those governing bodies - the people who could not cut it on the outside!

I suspect that Richard has ties to government/bureaucracy or has been burned by a vendor for not doing his due diligence or paying attention to the wrong reasons for purchasing. Does that mean that the system does not work? If you buy something and it does not meet your expectations you either get satisfaction from the vendor to make it right or you never do business with them again.

Richard tries to point out that because there are other bureaucratic organizations that require education, certifications, and specialized knowledge before you can work in the field that you should consider this same structure for IT security, because in many cases we are already doing it. But what does that really mean?

It would mean that, many young people would be prohibited from entering the industry because of the cost for "required" education. It would mean that vendors would have to charge more because they adhere to the governing bodies rules and regulations, which are mostly self serving. However, most importantly, is that the cost for service would go up astronomically to the end users (just as medical and legal services have), at a time when we cannot put up any more roadblocks to organizations implementing systems to protect their data, their investors data, and their customers personal information. And really does the AMA, and the American Bar Association protect the end user or are they governing bodies that make the access to goods and services prohibitive for certain people and make it difficult to seek recourse for bad work. Should there be Mal-Practice insurance available for the IT Security industry too?

Although, at the initial thought, it may appear like a good idea, more bureaucracy only adds cost, slows down innovation and prohibits new comers from entering the field. Richard closes by asking the question, "Are we a profession?" I am not sure what Richard does each day, but for the last 29 years I have been in this industry it has never entered my mind. I have always know I am a "Professional".

The Joys of Starting a Business

My technical skills have been humbled the last few days trying to get my web-site going and to send and retrieve email through my new corporate email system.

My friend and web designer, Carey Landon, in Birmingham, AL has been very gracious and I must say, patient, with me trying to get this going. It seems that the problem was on my end....isn't it always!

I jumped away from Windows a year ago to the Mac and, although I consider myself pretty competent with the Mac since it was first released in 1984 I could not figure it out. I felt I had the skills to fix this; however I could not find the switch that was preventing me from receiving or sending corporate email.

Low and behold, in typical "technical support" fashion it started to work, mind you, on its own! After three days of inputting the same info into the same fields over and over again I can now send and receive email.

I was never able to get "Mac Mail" to work at all, but I was able to download Thunderbird by Mozilla, and after several frustrating hours this morning ( I guess it is a secret Apple initiation) it began to work. I inputted the SAME info over and over again, in the SAME fields (same syntax) and and low and behold the messages began coming in. Just to be sure, I had to, with fingers crossed, forward one to my gmail account. I must have worn down the system or whichever computer god responsible for this prank felt pity on me, and it now works beautiful.

Technology has made great strides forward since I started in IT 1984, but still some things are still complex and very difficult to setup without access to any resources.

I must acknowledge and say Thanks to everyone who spends hours on the phone trying to help other less knowledgeable users get their projects completed.

Hopefully, that will be the last speed bump for today.

Happy Valentines to everyone!

Jack

Day 2

As the reality of my new venture sets in, I woke up this morning with a million things on my mind and the urgency to get them all done at the same time. The problem with that is, each of these critical tasks are creating more and more tasks. Yikes!

I am not overwhelmed yet, I am really looking forward to the future with less apprehension of this path I am taking. The fire in me is beginning to get hotter, and the reality of ....... I CAN DO IT! I know how to do it! I have done it for others! So why not? is setting in. I look forward to the Windmills I will battle and the joys of not having to forecast for anyone but ME!!!!

If anyone might have any suggestions or advice you can give me for my new steps forward: my new Blog: Secure or Not Secure, my new web-site: www.securetechfl.com or for Secure Technology Partners, please, please let me know.

In the mean time, I guess I will just try to tackle one task at a time....... yea right, I think maybe two, three or four tasks at a time might be more realistic.

Until I try this again...... May you always ride with the wind at your back!!!!

Jack

Volume 1 Edition 1

Well isn't that how it goes..... The evolution of communication. I finally bit the bullet and decided it was time to do my own thing and tell the world about it.

As some of you may know me, I have been in the IT biz for over twenty years, I have always been successful working for IT vendors on both the hardware and software side. Times have changed and it is now time for a paradigm shift for me to make ends meet.

That being said, I have just started a new company: Secure Technology Partners. I hope to be able to provide the best technology and services available for the sector I am in. For many years I have done this for the companies that I have worked for. Now it is time to do it for me.

I have worked with many, many talented people over my career and some are fortunate to be working in these trying times; however the ones that aren't working, I hope to corral and kick off the most bad ass technology gig yet.

I hope that I can get this off the ground and continue to be successful. Thank you Alan! , for your support, this is an option that I was reluctant to take; however, it's time to grow up! And Thank you Carey Landon for taking me to the World Wide Web......... your awesome!!!!!!!!

Until I write again Ciao,

Jack