15Jan
IT infrastructure work is certainly not the same as software development, but the Agile methodologies offer some good advice to us system and network administrators. In general, Agile has grown from a Manifesto about software development to a full-blown project management methodology. Powerful tools are available to help manage projects according to its tenants. Although Agile is based on lessons learned implementing complex software projects, its principles apply equally well to IT infrastructure projects and operations. Agile’s concept of “self-organizing teams” is particularly appealing to me, since Applied Trust is managed as a “company of peers”.
I’ve picked five of the Principles behind the Agile Manifesto that are particularly applicable to our field – read on to see how they look from an IT infrastructure perspective:
1) Our highest priority is to satisfy the customer through early and continuous delivery of valuable infrastructure.
2) Welcome changing requirements, even late in deployment. Agile processes harness change for the customer’s competitive advantage.
3) Business people and developers must work together daily throughout the project.
4) Simplicity–the art of maximizing the amount of work not done–is essential.
5) Continuous attention to technical excellence and good design enhances agility.
Read more »
12Jan
Author: ben
Categories: Infrastructure
I know, you love your network card. You installed Linux, the NIC was autodetected at first boot, and everything “Just Worked.” Your server has been happily providing services over the network ever since.
But what do you really know about your network card? Is it the culprit of slower performance for your CPU-intensive application? Could you benefit from any of its advanced capabilities? Today’s network interface cards offer a number of hidden gems to the savvy administrator. In this article we’ll learn some of the most important tricks to understanding your NIC in Linux. Read more »
01Jan
Author: trent
Categories: IT Management, Ramblings
Ok, I admit it – I’m generally not a fan of New Year’s Resolutions. I believe that folks should always be looking for ways to make positive changes, and shouldn’t need a specific day/event as a trigger. That said, it does make a nice marker date for an annual evaluation of the state of things.
Last year, I posted an end-of-year IT checklist, which I again encourage all IT folks to take a quick look at — this is a great time to evaluate and update a number of key IT areas. At the very least, don’t forget to update your copyright dates!
I’m hoping 2010 can be a year of positive change for IT. In that light, as a community let’s make a few resolutions:
Read more »
20Dec
Author: trent
Categories: Ramblings
I’ve watched with amusement these past few weeks as the marketing folks at Verizon finally figured out what I’ve personally known for the last year, and captured it in their “coverage maps” campaign. In summary, Verizon coverage is awesome while AT&T coverage completely sucks. Way-to-go Verizon marketing geniuses!
I know this, because in September 2008 Applied Trust moved all of its staff onto the iPhone platform as our corporate mobile communications device. I am the first to admit that my iPhone plays music really well… Apple-quality well. And I do like that. And I guess having an iPhone somehow makes me “more cool.” But as a functional cellphone for business communications, it’s a nightmare. Oh, and sometimes SMS messages arrive a day or two late, missing the typical SMS 60-second SLA by 2+ orders of magnitude.
Read more »
11Dec
Author: beth
Categories: Security
Daisy, an attacker identified by the CSI
The Computer Security Institute has just released the results of its 14th annual Computer Crime and Security Survey and, as always, there are some interesting findings. This year’s results are based on 443 responses given by information security and information technology professionals in U.S. corporations, government agencies, financial institutions, educational institutions, medical institutions, and other organizations, from the period of July 2008 to June 2009.
A few highlights:
- Average losses resulting from security incidents dropped from $289,000 per respondent last year to $234,244 per respondent this year.
- A third of respondent organizations reported being fraudulently represented as the sender of a phishing message.
- Respondents reported big jumps in the incidence of financial fraud, malware infection, denials of service, password sniffing, and Web site defacement, and significant dips in wireless exploits and instant messaging abuse.
- Financial fraud losses averaged $450,000 per organization that suffered fraud.
- A quarter of respondents believed that more than 60% of their financial losses resulted from non-malicious actions by insiders.
- The largest increases in security technologies used were in anti-spyware software and tools that encrypt data at rest.
- Tools that improve visibility, such as log management tools and security information and event management tools, were high on many organizations’ security wishlists.
- Only 7.7 percent of respondents categorized their organizations as being in the “health services” industry, but 57.1 percent of respondents said their organization had to comply with the Health Insurance Portability and Accountability Act (HIPAA). More respondents said that HIPAA applied to their organization than any other law or industry regulation.
- Respondents generally reported that regulatory compliance efforts have had a positive effect on their organization’s security programs.
For more specifics, check out the free Executive Summary of the Survey that’s available from CSI’s web site. CSI members get a copy of the comprehensive version, and it will be made available to non-members for a fee at some point.
![[Slashdot]](/wp-content/plugins/slashdot.ico)
![[Digg]](/wp-content/plugins/digg.ico)
![[Reddit]](/wp-content/plugins/reddit.ico)
![[del.icio.us]](/wp-content/plugins/delicious.gif)
![[Technorati]](/wp-content/plugins/technorati.ico)
![[StumbleUpon]](/wp-content/plugins/stumbleupon.ico)
11Nov
Author: trent
Categories: Ramblings, Security
10Nov
Author: beth
Categories: Ramblings
Over the course of 2009 we’ve embarked on a number of employee-initiated projects to help make Applied Trust a place where we really want to work long term. Dan’s recent blog post about our new and improved third-floor deck is one example. Another of these projects involved introducing healthier beverage options for our employees, clients, and other guests at our office. The primary focus of this initiative was to replace beverages sweetened with high-fructose corn syrup (HFCS) – predominantly sodas – with those that are not.
For anyone who’s not familiar with it, HFCS is any of a group of corn syrups that has undergone processing to convert its glucose into fructose and has then been mixed with pure corn syrup (100% glucose) to produce a desired sweetness. It became a popular substitute for sugar in the 70s and 80s, as high sugar import tariffs were imposed and government subsidies paid to growers kept the price of corn low. It is used in almost all processed foods, and it is the number one source of calories in the United States.
Read more »
04Nov
Author: dan
Categories: Green IT, Ramblings
This past spring Applied Trust took its third-floor deck space to a new level!
Although the deck has always been a desirable aspect of Applied Trust’s office environment, we felt the space wasn’t being used to its full potential. Some employees said that it was too sunny and got too hot to work out there with a laptop. Others said it was the lack of acceptable work space and the presence of pigeons that deterred them from working out there. We decided to make an effort to provide our engineers with a more inviting outdoor workspace that would be fun to use and would add value to our work space for years to come.
After looking into options we decided on some sun shades, some new workspaces, a way of providing music, and deck plants. The plants were a key element; not only do they add to the aesthetics of the deck, but they also add to the “green” image of the office, by helping to offset our carbon output. We chose the following plants to fill the planters:
Read more »
30Oct
Author: trent
Categories: Security
Happy Friday, and Happy Halloween! If you’re looking for some thought provoking reading, my good friend Gunnar Peterson presented what is truly a masterpiece about information security in a cloud environment at the mnemonic RISK Conference in Oslo, Norway this week. I wouldn’t do it justice to attempt to summarize it fully here, but he makes a number of excellent, anti-information security-establishment points about how we as a discipline really need to buck up and deal with the difficult problems in information security, rather than continue to do the same old thing that we’ve been doing, for, well, 5078 days.
This is excellent brain food – I encourage you take the time to read and digest it. Nice work, Gunnar! Check it out: Thinking Person’s Guide to the Cloud.
16Oct
Author: paul
Categories: IT Management
2010 will be here in no time, and with it will come some changes to support for Windows Server. In July 2010, public support for Windows 2000 will cease. At the same time, Server 2003 moves from mainstream support into the “Extended Support” phase. While security patches will still be released, all non-security hotfixes developed during this period will be restricted to customers enrolled in the extended hotfix support (EHS) program.
Read more »