- +
Process Trip 04 February, 2008 13:07:03
Why Maritz Travel revamped key business processes — and how business and IT came together to make it workWhen Rich Phillips became COO OF Maritz Travel about two and-a-half years ago, he sat down and took a hard look at the big industry picture - +
Ticked Off at Tick the Box Mentality 04 February, 2008 13:01:15
Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients? - +
What Price Innovation? 05 November, 2007 13:44:31
CIOs say they want more than the traditional “your mess for less” relationship with their outsourcing providers. And the providers want to market themselves as partners in innovation. So why isn’t it happening?CIOs say they want more than the traditional "your mess for less" relationship with their outsourcing providers. And the providers want to market themselves as partners in innovation. So why isn't it happening? - +
Order Takers to Innovators 02 October, 2007 15:20:08
How four CIOs energized their staffs to take risks with new technology and generate fresh value for their businessesWhen David Behen became IT director for Washtenaw County, Michigan, the department was little more than an order-taker. And not a very good one. It was kind of like the waiter who makes you wait, then brings the entree with the mains and brings you a bottle of Grange when you asked for a carafe of the house red - +
Your World. . . Hacked 02 October, 2007 10:51:23
As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to competeThe call to Bob Bailey, an IT executive with a major US government contractor, came on an otherwise ordinary day in October 2003. "Why are you attacking us?" demanded the caller, an IT leader with a Silicon Valley manufacturer. He wanted to know why Bailey's company had launched a denial-of-service attack against his network
- +
10 things we hate about laptops 16 November, 2007 12:40:09
Sure, laptops have revolutionized the way we compute. That doesn't mean they don't drive IT bonkers.Damaged. Lost. Stolen. Too big, too small. Insecure and unreliable. And just plain annoying. If you're in IT, there's just not much to like about laptops. - +
IPv6 Will matter to the enterprise in five years 10 November, 2007 08:30:12
Routing guru Jeff Doyle says there's no need to move to IPv6 now, offers design tips for OSPF nets, discusses Layer 2 vs. Layer 3 routing and shares more advice with attendees of his live Network World chat.Welcome to Network World Chats. Our guest today is Jeff Doyle, celebrity author, Cisco Subnet blogger and networking guru. He has come prepared to answer your questions on all things routing.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Newsletter Subscription
TriWest Healthcare Alliance counts on John Pontrelli to work effectively with his technology colleagues to provide health care to 2.8 million members of the US military and their families in 21 states. As VP and CSO, Pontrelli's responsibilities cover both physical security and information security, and he has found it imperative to form a tight working relationship with his CIO, Rick Green. Pontrelli, a corporate security expert at Microsoft and WL Gore before joining TriWest three years ago, spoke with Michael Goldberg, about the partnership he has formed with his CIO.
Michael Goldberg: In the past, you've described TriWest as being an information systems-dependent company. What does that mean?
John Pontrelli: TriWest is in 21 states, basically the left side of the United States, including Hawaii and Alaska. We have over 120 locations, and they are all connected via WAN to our corporate data centre in Phoenix. Most of our sites are on military installations, so we have to coordinate with the military when we come in to set up our routing/switching equipment, as well as bringing in the phone lines. We house two or three major applications that our people hit from all the 21 states to retrieve data and to input data. We have a lot of data traversing our 21-state region at any given time; we also push our VoIP over our wide area network. Our entire company is VoIP, and our security systems also ride over our network, so our network stays busy.
That's a good segue into the relationship you have with your CIO, Rick Green. Could you describe the nature of that relationship and, in a business like yours, what makes the relationship important?
Rick and I both started at TriWest approximately three years ago. He came in to redefine the IT - not only the infrastructure but the applications - and we had just been awarded a new bid from the [US] Department of Defence. He had a huge challenge in front of him.
I was hired a few months after he came on board. One of the conversations we had was around security and IT. My proposal was that information security should reside in my department, primarily to free him up to focus on connectivity, availability and support in the businesses but also because implementing all of the security requirements that the DoD had levied upon us was somewhat unmanageable. We agreed right there, from the very beginning, that that's how we were going to set it up and run it.
The other agreement we had was (and I think this is a big selling point) that I don't audit his environment, I assess it. When we are assessing the security posture of our routers, switches, databases, servers and desktops, whatever we find, we share [that information] with IT, so it's a collaborative effort. We then address any issue, whether it's a technical, procedural or a person issue. If something has bubbled up to the point where it needs Rick's attention, I meet with Rick. We meet once a month, regardless, to go over a list of things we want to talk about, but both of our doors are open to each other if we ever want to talk about technology or security. We pop in on each other all the time.
There's a lot of discussion nowadays about auditing systems and procedures. You're emphasizing assessment as a means of collaborative communication. What's the difference?
I'm a big fan of the word assessment; I don't like the word audit. It carries negative connotations; it separates; it creates an adversarial-type atmosphere even if there's a collaborative effort going on. We never use the word audit within security and, in reality, we're not auditing. We have vulnerability analysis tools that allow us to scan our entire environment, from the inside as well as the outside. We do this against a set of security policies that we have received from the government for a certain security posture that we need to maintain in order to hold onto our security accreditation. When we're doing these scans, IT is aware of it. They're always waiting for the results because they want to know - just as much as security wants to know if the environment, application or network is not meeting requirements - because they want to get it where it needs to be. We're assessing, we're collaborating, and together we maintain a very high security posture at TriWest that I think both Rick I are very proud of.
Is there a loop to close after the assessment to see that changes, fixes or improvements are carried forward? Is that handled by your group or the CIO's?
It depends upon whether it's a technical, procedural or people issue. Our scanning goes on continually (we have a set scanning schedule) so if the issue is still there when we go back and scan again we notify IT. Most times, IT tells us if they're going to be able to fix it and in what period of time. There's always reasons why things aren't where they need to be, but the good part is we all communicate very well and we're all on the same page. From my perspective, a security perspective, and probably from Rick's perspective as well, the last thing we want to do is be surprised. It's the unknown that really keeps me awake at night.
2008 CIO Summit
19th August, 2008 Four Seasons Hotel, Sydney Developed in partnership with CIO Magazine, IDC, INTEP and the CIO Executive Council.
The world of the CIO is extremely complex and diverse. Multiple priorities demand attention and decisions are needed instantly. Individual teams need to be driven towards common goals, and businesses strive to become more mobile, agile and responsive. For CIOs, the challenge never ends.
Every year the CIO Summit identifies what is top of mind for CIOs across Australia and New Zealand, and offers insight for CIO benchmarking and vendor strategic planning alike.
Recent IDC research shows that over 59% of CIO's believe that 'to achieve their business strategies, technology should be used more aggressively than today.'
Join us on August 19th to discover how this is possible with the latest technologies including Virtualisation, Web 2.0, IP Surveillance and Software as a Service (Saas).
Click here for more information.
Please email Denyse_Robertson@idg.com.au for further information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
Information security governance: Centralized vs. distributed 05 September, 2008 10:15:00
Should security policies, procedures and processes be managed within a central body, or distributed at an individual level? You need to find the middle ground.The management of information risk has become a significant topic for all organizations, small and large alike. But for the large, multi-divisional organization, it poses the additional challenge of determining how to deploy an information security governance program among what are often disparate business units. Should the policies, procedures, and processes that define the program be developed and managed within a central, corporate body? Or perhaps responsibility would be better placed at the individual unit level? Is there a workable middle-ground? - +
DNS error brings Sophos antivirus updates to a halt 05 September, 2008 13:40:00
Optus, Internode and Equinix affected among others.A sporadic Domain Name Server (DNS) error has blocked Sophos anti-virus updates around the world. - +
Ouch! Security pros' worst mistakes 04 September, 2008 08:05:00
We've all done regrettable things on the job, but does any valuable wisdom come of it? Four security pros candidly explain their biggest blunders and what they learned in the processIt was a mistake so bad the person who made it asked that his name and company not be mentioned here. Let's call him Frank. - +
Security ROI: Fact or Fiction? 03 September, 2008 08:32:00
Bruce Schneier says ROI is a big deal in business, but it's a misnomer in security. Make sure your financial calculations are based on good data and sound methodologies.Return on investment, or ROI, is a big deal in business. Any business venture needs to demonstrate a positive return on investment, and a good one at that, in order to be viable. - +
Information Security and the Importance of Context 01 September, 2008 10:00:00
Those entrusted with information security must raise their contextual awarenessWhen the US Transportation Security Administration (TSA) was first created, it created a sudden need for tens of thousands of screeners. Getting a job as an airport screener was a pretty easy process. It seemed as though if you had a pulse, you were in. Jump forward to 2008 and becoming a screener is a bit harder as the TSA has instituted background checks, has upped the educational requirement to include a high school diploma or GED, and added other significant requirements.
Viva la Verticals! Key to Vendor Growth is Through Vertical Market Opportunities, Says IDC 05 September, 2008 11:05:00
F-Secure delivers fastest protection in the online world 04 September, 2008 16:50:00
Rogue security apps dominate Fortinet's Aug 2008 IT threat report 04 September, 2008 16:00:00
IntraPower Signs Deal with Australia’s Largest Service Station and Convenience Store Network 04 September, 2008 10:07:00
TANDBERG Begins Desktop Videoconferencing Roll-Out at New England Credit Union 03 September, 2008 16:01:00
|
||
|
||
|
|
||
|
The IP Storage payoff: Turning your investment into efficient, affordable results
Recent advances in IP-based storage technologies leverage existing technology and staff to easily and cost-effectively build and maintain sophisticated storage networks. Discover the solutions to your data storage challenges with IP storage.
Subscribe to CIO
