ITEC 610 course is coming to an end. This has been one really interesting course. Prof. Pang has prepared very challenging and intellectually stimulating course. I liked the most the chapters related to information security and Decision Support Systems. I think these two areas will develop with a great speed. Information security and Decision Support Systems are areas without which modern businesses cannot operate today. Mid size to large businesses have some many data points and metrics that needs to be examined on a daily basis, that it is becoming impossible to do this manually. This is where Decision Support Systems come in very handy, they can pull all the data and do the number crunching necessary to provide necessary information to make sound decisions in a matter of minutes.
In a similar way, information and IT security is another field that any business (even households these days) cannot operate without. IT security is crucial for running the business without interruptions and to gain the customer confidence. If customers don't have much confidence in a company, that company will not last very long. These (and more) are the topics that ITEC 610 course and Prof. Pang have prepared us for. Thank you all for spending together very insightful and intellectually stimulating semester.
Thursday, August 13, 2009
Week 10 reflective post
Since this week we can discuss any topic related to IT, I'd like to write about security by obscurity.
Security by obscurity is actually quite common in IT. Many of the companies with IT infrastructure (almost all in this day and age) rely on security by obscurity. The rationale in most of the cases is that to implement proper IT security is expensive and since nobody knows how the company is connected to internet, then there is nothing to worry about since nobody knows what IP to attack. Bad news for all of you who think like this!
My dynamic IP address is attacked every day between 150 to 500 times and this is an IP address that is assigned to my router from the pool of IP addresses that my ISP owns. So no one really knows which IP I'll get and when it will change, but still, every IP I get is constantly attacked all the time, 24x7. I know about it because I decided to do something about it, so I run Snort (intrusion detection software) on my router which gives me all these statistics. My Snort instance is configured with SnortSam plugin which automatically blocks offending IP addresses for 24 hrs, so the same attackers are not attacking me all the time (at least not all day). Most of the attacks are attacks for windows based computers, so all of you running windows, at least install or activate firewall software on your computers and install latest security patches.
The conclusion is that security by obscurity may work for a while, but sooner or later someone will hack their way into your computer unless you decide to protect yourself against it.
Security by obscurity is actually quite common in IT. Many of the companies with IT infrastructure (almost all in this day and age) rely on security by obscurity. The rationale in most of the cases is that to implement proper IT security is expensive and since nobody knows how the company is connected to internet, then there is nothing to worry about since nobody knows what IP to attack. Bad news for all of you who think like this!
My dynamic IP address is attacked every day between 150 to 500 times and this is an IP address that is assigned to my router from the pool of IP addresses that my ISP owns. So no one really knows which IP I'll get and when it will change, but still, every IP I get is constantly attacked all the time, 24x7. I know about it because I decided to do something about it, so I run Snort (intrusion detection software) on my router which gives me all these statistics. My Snort instance is configured with SnortSam plugin which automatically blocks offending IP addresses for 24 hrs, so the same attackers are not attacking me all the time (at least not all day). Most of the attacks are attacks for windows based computers, so all of you running windows, at least install or activate firewall software on your computers and install latest security patches.
The conclusion is that security by obscurity may work for a while, but sooner or later someone will hack their way into your computer unless you decide to protect yourself against it.
Thursday, August 6, 2009
Week 9 reflective post
Security threats on the internet are one of the things that everyone needs to be aware of. Malware and spyware are probably the biggest threats that regular users as well as businesses need to be aware of. Unfortunately the way Microsoft Windows works and its default configuration is aiding spyware and malware distributors in infecting as many Windows computers connected to internet as possible. Another problem is that Internet Explorer is integrated into Windows kernel, so any security vulnerabilities in Internet Explorer are potentially exposing also Windows kernel which is very bad thing.
Since 99% of malware and spyware is targeting Microsoft operating systems and its inherent security vulnerabilities, together with other defense mechanisms against spyware and malware, effective defense against malware and spyware is to not use MS Windows operating systems, but OpenSolaris, Linux or Apple’s OS X. They can all do things that Windows computers can and if necessary they can also run Windows applications in their OS (through Wine project on Linux) or in virtual machines (in Linux, OpenSolaris and OS X). The problem with malware and spyware is so big that over 70% of emails send through internet today are all spam originating from computers infected with malware and spyware. This is separate from all credit card and identity fraud that is committed using the information found on infected computers.
Since 99% of malware and spyware is targeting Microsoft operating systems and its inherent security vulnerabilities, together with other defense mechanisms against spyware and malware, effective defense against malware and spyware is to not use MS Windows operating systems, but OpenSolaris, Linux or Apple’s OS X. They can all do things that Windows computers can and if necessary they can also run Windows applications in their OS (through Wine project on Linux) or in virtual machines (in Linux, OpenSolaris and OS X). The problem with malware and spyware is so big that over 70% of emails send through internet today are all spam originating from computers infected with malware and spyware. This is separate from all credit card and identity fraud that is committed using the information found on infected computers.
Saturday, August 1, 2009
Cloud computing myth
It started with virtualization and now it is cloud computing. Cloud computing is officially “in”, must have service. But the question is how cloud computing is helping your efforts and is it making your life easier? A little bit of both I would say. Cloud computing can actually reduce costs for a businesses that embrace cloud computing. Good example of cloud computing are Google Apps and Amazon S3 services. With Google apps, you can run your business on a relatively inexpensive computer, which is able to run Internet browser. So no longer do you need to pay Microsoft license fees for Exchange, Windows, MS Office and similar products, you can do it all using Google Apps. There are few problems here, what do you do when Google Apps are experiencing an outage which can sometimes last for hours or days? What do you do when you loose internet access at your place of work, or you don’t have internet access where you are currently? What is with privacy issues when you trust someone with your confidential business and financial data? Can you call someone in Google Apps and ask them, hey can you please restore this file from a last month’s backup? I don’t think so. In my opinion all of these are issues which are severely limiting cloud computing initiative and in my opinion are making cloud computing not usable. My preferred method of running a business would be to run Linux on all desktops and use open source tools for email and office documents. Off course I would have backups on site and off site. In my opinion this is much better solution than cloud computing since I am in control of my data all the time
Wednesday, July 29, 2009
Week 8 reflective post
To plan or not to plan? I think that any effort that involves more than 1 hr and more than 1 individual should be planned to lesser or higher degree. All IT projects fall into that category, so all IT projects should be planned. Most challenging planning and execution projects are the ones that take long time to complete and involve geographically and culturally diverse teams. This is where project plan and project manager play crucial roles. I think that it would be utopian to think that plans would complete by themselves and just by telling people what the goal is that the goal will be reached.
Reaching the goal is far more difficult than that. It is easy for the resources (people) to get sidetracked and become “swallowed” by burning operational issues and problems which at that time appear to be more pressing than some project which is supposed to be completed 10 months down the road. Commitment to planning has to start on the executive level and executives and managers need to receive regular status reports to make sure that the project is on the track and to remove any obstacles in case there are problems.
Reaching the goal is far more difficult than that. It is easy for the resources (people) to get sidetracked and become “swallowed” by burning operational issues and problems which at that time appear to be more pressing than some project which is supposed to be completed 10 months down the road. Commitment to planning has to start on the executive level and executives and managers need to receive regular status reports to make sure that the project is on the track and to remove any obstacles in case there are problems.
Monday, July 20, 2009
Week 5 reflective post
To ERP or not to ERP now is the question. Many companies are struggling to answer this question. ERP definitively has many strengths and advantages, but I think that the complexity of the installation and moving of all the processes to ERP is something that scares even the veterans in the IT field. Depending on the size of the company where ERP is being implemented and the complexity of installation, the process of converting to ERP could take years and cost millions or tens of millions of dollars. This is why about 50% of ERP installation fails on first attempt.
On the other hand, companies that do succeed in implementing ERP can reap its benefits. Savings are becoming visible due to increased efficiency and productivity. All of a sudden things that used to take days or months, now take hours. Work seems to be flowing much smoother. If that is not the case, then something is wrong with the ERP implementation. Hopefully with all savings in time and increased efficiencies, the company can start getting some return on their ERP investment.
ERP is not something that should be taken lightly, but it requires careful planning and integration to ensure its success.
On the other hand, companies that do succeed in implementing ERP can reap its benefits. Savings are becoming visible due to increased efficiency and productivity. All of a sudden things that used to take days or months, now take hours. Work seems to be flowing much smoother. If that is not the case, then something is wrong with the ERP implementation. Hopefully with all savings in time and increased efficiencies, the company can start getting some return on their ERP investment.
ERP is not something that should be taken lightly, but it requires careful planning and integration to ensure its success.
Tuesday, June 30, 2009
Week 4 - reflective post
Starting with the smoke signals, and pigeons, telecommunications played significant role in all societies. Since humans are “social animals” they have a need to communicate, weather that is for business or personal reasons. With the technological inventions made in 18th and 19th centuries in the communications and transportation areas, the development in telecommunications and networks started growing exponentially. Bell’s invention of phone was a revolution in private communications, while Tesla’s invention of radio paved a way to a true global communications. Simultaneously, networks started to develop and soon entire industry based on communications was started. This has in turn accelerated exchange of news, ideas which resulted in commerce and trade sector rapidly growing.
Telecommunication and Networks are in a way connected to a technological progress of our society. We can practically track technological progress of the society by tracking the progress in telecommunications and networks. Today one smart phone probably has more computing power than all computers put together used in the World War II which happened only about 65 years ago. Satellite phones are already a reality today and they allow a voice and data communications from anywhere on the planet which was no possible until recently. Today’s fiber optical networks are transferring petabytes of data each day between different continents which were unthinkable just two decades ago. We can only imagine what will happen with telecommunications and networks in another 50 years.
Telecommunication and Networks are in a way connected to a technological progress of our society. We can practically track technological progress of the society by tracking the progress in telecommunications and networks. Today one smart phone probably has more computing power than all computers put together used in the World War II which happened only about 65 years ago. Satellite phones are already a reality today and they allow a voice and data communications from anywhere on the planet which was no possible until recently. Today’s fiber optical networks are transferring petabytes of data each day between different continents which were unthinkable just two decades ago. We can only imagine what will happen with telecommunications and networks in another 50 years.
Subscribe to:
Posts (Atom)
