Search This Blog

Friday, March 4, 2016

Are Your Kids The Latest Target Of Hackers?

The short answer is yes. V-Tech and Hello Kitty join the depressingly long list of companies to have been hacked in 2015. This time, however, the data taken were overwhelmingly about children – their usernames, passwords, addresses, birthdays, photos, and other personal information.
At first glance, you may be wondering why hackers would bother, but there are three major reasons for targeting toy companies. First, they are an easy target. V-tech representatives admit that the company’s security was subpar. Second, children tend to reuse passwords just like adults do, so getting a password for one site may unlock most, if not all the sites that child uses, and of course, some sites require payment for various features to be unlocked, or are purchasing portals, so the child’s information may inadvertently expose a parent’s credit or debit card information.
Third, and perhaps most chillingly, it could well be about the long game. A hacker need only wait until the child is old enough to get a credit card and then steal his or her identity. It’s not like it costs anything to store the data and wait, and given how easy it was to breach V-Tech and Hello Kitty’s security, that’s as good as being handed free money.
There are two tragedies rolled into one here. The first and most obvious is that not even our kids are safe from hackers, and nothing seems sacred to them. The second is that the breach could have been avoided. It’s not like V-Tech or Hello Kitty didn’t have ample warning or ample opportunity to protect themselves against such things. Online tech portals have been screaming from the rooftops all year about the dangers, and outlining the steps companies need to take if they want to be secure. V-Tech and Hello Kitty simply opted to do nothing with the information. That makes it somewhat difficult to feel sorry for them. They got lucky for a while, skating by with minimal security. Looks like their luck ran out. How’s security at your company? If you are unsure, a network audit is probably your best first course of action.

5 tips for turning a business unit into a startup

Turning a business unit like IT from internal to external-facing is tricky. Here are five keys to make it a successful change.

Large and mid-sized companies are particularly well-suited for enhancing existing products or for coming up with new ones that are directly within their lines of business. However, a trickier proposition is commercializing a business unit like IT, which traditionally is viewed as an internal cost center that serves the needs of other company departments.
First, there is a natural bias against turning IT (or any other administrative function) into a business unit that has external as well as internal customers. This is because there is fear and trepidation that IT cannot serve more than one master—and that, inevitably, service levels within the company will fall if IT also has to worry about pleasing outside customers.
There is also the problem of who is going to head up an entity that has always been an internally focused department, and that now is being tapped to serve outside customers. CIOs and IT'ers in general tend to be technical and introspective. They do not always make good salespersons and promoters.
Nevertheless, there are companies that have successfully spun off profitable businesses from internally focused departments like IT, and from these efforts we have learned what works. Here are five best practices that characterize these successful startups:

1. Perform the upfront due diligence to validate that there is a viable business

There has to be an extremely compelling business case to transform an internal business unit into an external business. On the financial side, there must be sufficient commercial opportunity to at least produce breakeven results in a very short time. Most likely, this means that outside customer commitments are already lined up. The new spinoff organization will likely be drawn from internal personnel, and the impacts of such a move need to be weighed so that they don't present any risk to corporate service levels.

2. Decide who is going to staff this business unit

The individual heading the startup must have a combination of business savvy and technical knowledge in the set of services being sold. He or she should have the skills bandwidth to work with both innovators and administrators. This is a difficult hybrid set of leadership skills to find, but it's almost always required, or the startup will be in jeopardy. Second, the internal staff that is identified to work in the startup should be fully assigned there—and not function with a split of responsibilities between the startup and the enterprise. This can best be affected (and afforded) when the organization has solid bench strength behind these key individuals. Finally, the startup must have a very service-oriented staff with business acumen and an ability to empathize with their customers' needs. If the startup can't provide excellent service, it will have difficulty getting (and retaining) customers.

3. Determine the legal framework that the new company will operate under

Will the startup be a subsidiary, a new line of business unit within the enterprise, or a totally independent company with an independent board? How will the enterprise be represented on the board, and who will fill any board positions that are not occupied by the enterprise? There are pros and cons to each approach, and it is important for startup promoters, legal counsel, the CFO, the CEO and others to review all of these scenarios and to determine "best fit."

4. Sell the idea to the CEO, the CFO, other C-level management and the board

Startups are fraught with risk, even with customer commitments and the ability to leverage enterprise resources and personnel that already exist. Whether it is the CIO, a line of business managers, or any other manager in the enterprise, business viability due diligence, customer commitments, projected staffing and operational expenses of the organization, the services the startup will offer and how they will be priced, the potential opportunity risks, etc., should all be thoroughly discussed with C-level managers, the board, attorneys and any other stakeholders in the process. These discussions should begin as informal what if meetings that graduate into more serious discussions—until they reach the level of a board meeting, when the proposal comes up for approval. A consensus-building process like this can take months, but it is well worth it because those promoting the startup must get everyone on board.

5. Focus the startup on service and innovation

Customers coming to the startup, especially if it is an IT endeavor, are looking for technology solutions, excellent service and a fair price. The startup must be equipped with a compelling solution that immediately meets pressing customer needs. The startup must possess the skills and talents to continuously innovate and build on this solution. Pricing must also be competitive. More than anything, however, startups can move toward the head of the class if they can provide consistently excellent service. Good service is the Achilles heel of many vendors in the IT marketplace, but an area of concern that customers never overlook.

How the next president will change the H-1B visa

Here's an early outlook on how the various presidential candidates may approach this issue if elected.

What if Trump wins the presidency?

President Donald Trump would change things.


India is on Trump's list of countries "ripping off" the U.S., along with China, Japan and Mexico. His immigration platform includes a series of H-1B reforms, including a hire-Americans-first provision.
Laid off Disney IT workers, who complained of training visa-holding replacements, spoke this week at a Trump rally. Sen. Jeff Sessions (R-Ala.), a leading proponent of H-1B reforms, is endorsing him.
If the Republicans continue to hold both chambers of Congress, the prospects for a standalone H-1B bill improve.
Comprehensive immigration reform proponents oppose piecemeal approaches, blocking H-1B cap increases as well as reforms. President Barack Obama may veto a standalone reform bill, but President Trump would likely sign the bill.


But Trump, the billionaire businessman seeking the GOP nomination, is also a wild card.
Trump may want H-1B reforms bundled with the legislation he needs to build a border wall and fund mass deportations, setting the stage for a different kind of fight with Congress.
From a tech industry perspective, the most immediate danger posed by a President Trump may his use of the president's executive powers. He could attack the H-1B program with new enforcement approaches, as well curb the Optional Practical Training STEM extension that Obama now wants to expand.

What if Clinton wins the presidency?

Former Secretary of State Hillary Clinton doesn't talk about the H-1B program. She doesn't mention it in her immigration platform or on the campaign trail. But she is not a total enigma.
Clinton, who is seeking the Democratic nomination, supports comprehensive immigration reform. She is unlikely to rile India on trade, but would accept some reforms to the H-1B program if they are part of a comprehensive immigration bill.

It remains to be seen whether Clinton -- possibly to offset Trump on this issue -- will be forced to directly talk in the campaign about the H-1B issue.

What if Bernie Sanders wins the presidency?

U.S. Sen. Bernie Sanders, the Vermont independent seeking the Democratic nomination, is a critic of the H-1B program and would be receptive to standalone reform legislation.
Sanders and Clinton haven't talked about the visa program in any of their debates. It's been a missed opportunity, and the people at fault are the national news reporters who pose the questions.

What if Rubio wins the presidency?

U.S. Sen. Marco Rubio (R-Fla.) is aligned with Sen. Orrin Hatch (R-Utah), who is the tech industry's chief Senate advocate for increasing the H-1B visa cap.
But Florida is ground zero for some of the most visible H-1B-related layoffs, with the Disney just the latest. Rubio's pro-industry views may be tested here.
U.S. Sen. Bill Nelson (D-Fla.), has been troubled by the Disney layoffs, but Rubio apparently has not been.
If Rubio can win in Florida, it may be proof that the H-1B issue is too niche and a non-factor in a national contest. The next two weeks may determine whether this issue has legs in the national debate.

What if Cruz wins the presidency?


Sen. Ted Cruz is co-sponsoring H-1B reform legislationwith Sen. Sessions. His bill attacks H-1B usage by raising the wages of visa workers. It also includes a prohibition on non-disparagement clauses that keep IT workers from talking publicly about their experiences.
If Cruz raises the H-1B issue at all in his campaign, it ought to be in Florida.
Rubio has tried to offset Cruz's H-1B reform legislation by ignoring the Sessions/Cruz bill and pointing out, instead, that in 2013, Cruz supported a substantial hike in the H-1B visa cap. Rubio is a sponsor of Hatch's Immigration Innovation Act, also called the I-Squared Act, which would raise the annual base H-1B cap to between 115,000 and 195,000 visas. (The current annual base H-1B cap is 65,000.)
As president, Cruz would work with Sessions and other H-1B reformers. He might attack the OPT program as well, using his executive powers.

What impact is the presidential contest having on the H-1B issue?

One clear impact is being felt by Nasscom, India's IT trade group. It is stepping up defense of the offshore industry model.
R. Chandrashekhar, the industry group's president, argues that the use of IT services firms is about improving and modernizing IT operations at clients' businesses. The visa workers aren't there to simply replace the U.S. workers, but to modernize IT operations, he argues.
"It's certainly not with the intention of just getting in a set of people to replace an existing set of people and continue to do things in the same manner," said Chandrashekhar, in an interview. "That doesn't make for a good business casein any sense."
What Chandrashekhar doesn't want is for India to be singled out by lawmakers.
Many of the reform proposals attack the wages paid to H-1B workers. If visa wages rise, the economics of offshoring decisions change, argue reform proponents.
Whatever is done by lawmakers regarding the H-1B visa, "it should be applied uniformly to everybody," said Chandrashekhar. That means any reforms apply to U.S. outsourcers as well as to overseas firms.

Can the presidential election actually change the way the H-1B program operates?

Whether a new president can change the IT offshoring industry by altering the H-1B visa program remains to be seen.
The president has executive power and can complicate the H-1B program, but Congress sets the visa cap and many of the visa rules. The lobbying forces are powerful. The IT workers at risk are mostly invisible.
IT workers who have been "shadowed," participated in "knowledge transfer" or otherwise trained their replacements are often older, and have long tenures. They may make good money and benefits.
These are the workers who run the IT systems that power manufacturing systems, utilities, healthcare and retailers, and are far removed from the glamour jobs at Twitter, Google, Facebook and the catchy startups.
One former utility IT worker posted an ad on Craigslist, since removed, with the title: "50% off labor sale -- outsourced IT worker."

Reference & Courtesy: http://www.computerworld.com/article/3040384/it-careers/where-the-presidential-contenders-stand-on-h-1b-visa-issues.html

Thursday, March 3, 2016

IT Growth Outlook is Bright

With spending on hardware and software reaching record amounts, new research shows the IT industry's growth outlook has reached its highest level in five years.
Fueling the growth, according to the CDW IT Monitor, is the anticipated record-high demand for hardware and software investments. The data shows 80 percent of IT decision-makers are planning hardware spending, up 4 percentage points from October. Small businesses and local and state governments are expected to see the most significant increases.
Additionally, 82 percent of IT decision makers are anticipating making software purchases, up 7 percentage points.
Neal Campbell, senior vice president and chief marketing officer for CDW, said the data indicates that the IT spending outlook, first established in 2007, has reached a significant milestone.

"More IT decision-makers are feeling optimistic about the prospects of their IT budgets increasing, and they are anticipating significant IT investments in the next six months, especially on the hardware and software fronts," Campbell said. "We believe that organizations will continue to look at technology investments as ways to boost efficiencies, increase productivity and gain new competitive advantages in 2012."
Optimism regarding increased IT spending is the strongest among IT decision-makers in the health care, manufacturing and IT industries, according to the research.
The retail industry also continues to increase its investment optimism. IT leaders anticipate hardware and software purchases to increase by 3 and 9 percentage points, respectively, from October.
The CDW IT Monitor is based on surveys of more than 1,000 IT decision-makers representing all sizes of companies and multiple industries, across three levels of government.

Meet the Man Who Keeps Microsoft Safe and Secure

As the chief security officer for Microsoft, Mike Howard has more than a passing interest in the things he sees on the nightly news. Whether it's an uprising in the Middle East, the ongoing threat of terrorism or a natural disaster somewhere in the world, the former CIA officer is prepared for the impact various events could have on his company and its employees.
"Cybersecurity is a big issue on everyone's mind as we've become more globalized as a society and businesses have expanded their footprints and everything is digital," Howard said. "But, traditional security issues of theft, violence against employees, terrorism and natural disasters are all still paramount in terms of being the big security challenges for businesses."
This is especially true when your company is so large and so much in the public eye. Howard's security team is ultimately responsible for the safety and security of Microsoft's entire executive team, its 90,000 employees, roughly 90,000 contractors, 700 facilities in more than 100 countries worldwide and all of the visitors to those facilities. He's also responsible, of course, for all of their computers and hardware and the information it they contain.
The Microsoft security teams deals with threats of violence against executives and employees, employee violence, kidnapping threats, terrorism, natural disasters, property theft and, peripherally, intellectualproperty protection (which also falls under the purview of a separate, cybersecurity group at Microsoft).
Security "evangelist"
In Howard's time at the company, the security team has had to evacuate employees from Beirut and the Ivory Coast, has contracted forensic psychologists to examine threatening letters and regularly provides emailed safety information and warnings to all employees who travel overseas.
But it may be his role as an "evangelist" for the company's physical security business group that looms the largest in Howard's job description. Finding ways to communicate and demonstrate the importance of security — both physical and cyber — to the company's executives is the linchpin of developing a security program that manages to keep such a large and public company running smoothly, he said.
"A lot of [Microsoft's commitment to security] has to do with the evangelizing of security on several fronts within the last decade," Howard said. "My IT securitycounterpart and I have worked diligently to really get the movers and shakers, the decision makers here to understand security and to support those security efforts and the pushing down of that message throughout the enterprise."
Howard believes that his work driving home the importance of both physical and cybersecurity is part of the reason that Microsoft's company culture has come to reflect those values.
"We brief all new corporate vice presidents on security, we bring senior executives to the Global Security Operations Center in Redmond, [Wash.] and show them what technologies we employ to keep the company safe," Howard said. "We're not just guys checking doors and responding to emergencies."
Howard believes that Microsoft has come to understand what many companies never do: That cyber and physical security is integral to the company's overall business, and even its marketing plan.
"Security is important to the entire company," he said. "Intellectual property could be compromised and it can affect the company's brand reputation or lead to lawsuits," Howard said. "This realization led to cultural shift with company becoming more security conscious."
Employee assistance
To facilitate the rollout of solid security plans throughout the company, Howard's team has had to essentially deputize every employee to be the eyes and the ears of the company. Microsoft does that with a formal training program.
"Having a training program in place is essential to any security program," Howard said. "Without it, you don’t have a well-rounded security program. We have a certain amount of full-time employees and vendors to cover Microsoft globally; we could never cover the world adequately without educating and creating awareness programs that teach people what to look for."
Today, regular Microsoft employees are instructed to stop a stranger entering a building and ask to see their badge.
"That never would have happened ten years ago," Howard said.
Howard said that good security also involves working with the company's human resources department, which offers employee assistance programs that can help workers in difficult times and potentially prevent an employee problem from becoming a security threat.
"A robust employee assistance program is very important to security issues," he said. A bad economy, problems at home, even dealing with a sick relative can be things that can trigger security issues at work and having a team in place to help solve those problems can prevent them from ever turning into an incident of violence or theft, he said.