Daily News Archive

Sunday, February 25th

"Learning usually passes through three stages.  In the beginning, you learn the right answers.  In the second stage, you learn the right questions.  In the third and final stage, you learn which questions are worth asking.”  – Unknown Author

 

The Picks of the Day

Environment: Prioritizing Global Warming

“After he lost the contentious 2000 presidential election to Republican George W. Bush, Democrat Al Gore went into a bit of a slump. But the man who had served eight years as vice president under President Bill Clinton found a new calling in a series of lectures, across the country and around the world, on global warming — an issue on which he first spoke out while representing Tennessee in the House (1977-1985) and Senate (1985-1993).”

http://www.nytimes.com/cq/2007/02/23/cq_2324.html

 

Time Change Demands I.T. Attention

“Starting this March, Daylight Savings Time will begin three weeks earlier and end one week later because of provisions in the Energy Policy Act of 2005. The time change will require patching, adjusting or replacing software that controls time-sensitive functions, such as medication administration records. ‘We want to make sure patient care and records are properly recorded,’ says Michael R. Overly, a partner in the information technology and outsourcing practice at Foley and Lardner, a Los Angeles-based law firm.”

http://www.healthdatamanagement.com/html/news/NewsStory.cfm?articleId=14722

 

EMC's Billion-Dollar IPO

“So much computing power, so little of it used efficiently. That's the plight facing many corporations, their data centers jam-packed with energy-sapping servers that run corporate networks and Web sites. The good news is that a handful of companies, including EMC subsidiary VMware, are practiced at the art of better harnessing all that computing power—and cutting soaring energy bills.”

http://www.bio-itworld.com/newsitems/2007/february/02-22-els-emc

 

Service in the air ... and on the tarmac

“But increasingly, service is being bumped from flights. For the sake of cheap tickets, consumers may be willing to forgo meals and free movies, but why is the rate of lost baggage at its worst in more than 10 years? Why have delays in takeoffs and landings risen for the past five years? Why is there an increase in the number of passengers unexpectedly denied flights? Why are long tarmac waits more common?”

http://news.yahoo.com/s/csm/20070223/cm_csm/etarmac

[This is yet another example why competing on the basis of cost and price reductions is not sustainable.]

 

IT Process Improvement / Quality Management

Free On Demand Webinar:  Asking the Right Questions

Aligning IT and the business side of an organization doesn't mean teaching code to CEOs. The reality is that business executives can't possibly be expected to know and understand the technical details of an enterprise. Instead, they need to understand goals, objectives and what to ask in order to manage the IT function.

http://www.jupiterwebcasts.com/_archives/2007/webcast_02-15-07/index.html

The PPT is available at:  http://www.spaffordconsulting.com/feb%2015%20-%20asking_v2.ppt

 

Free On Demand Webinar:  Using ITIL to Manage Virtualization

This webinar covers issues for consideration when it comes to virtualization in the data center.  By using ITIL as a framework, each process area is covered and questions that should be reviewed are given.

http://www.jupiterwebcasts.com/_archives/2007/webcast_02-22-07/index.html

The PPT is available at:  http://www.spaffordconsulting.com/feb%2022%20-%20ITIL%20&%20Virt.ppt

[The live event was very popular with attendees from all over the world asking many questions during and after.]

 

How Technology Delivers For UPS

“UPSs innovation is an example of how technology can help companies capture institutional knowledge about their customers. Before, when a truck loader or driver walked out the door, the package- loading techniques or route tips they'd developed over the years usually walked out with them. Now that knowledge is accessible in a central system. That eases the burden on substitute drivers and shortens the training time for new ones, lessening the chances of a lapse in customer service.”

http://www.businessweek.com/magazine/content/07_10/b4024005.htm?campaign_id=rss_magzn

[You may be wondering why this is under IT.  After reading the article, ask yourself how much institutional IT knowledge exists only in peoples’ heads vs. being formally documented.]

 

Accurate Configurations – Why Technology Alone Isn’t the Answer

“Having an accurate and timely understanding of what is in production is vital to everyone in IT. So much so that many groups are rushing to implement automatic tools that promise to discover new and changed systems on the network. Like any tool, these automated systems have a time and a place but groups must understand the causality of their Configuration Management concerns before simply buying one of these tools and putting it into production.”

http://www.spaffordconsulting.com/Accurate%20Configurations.html

 

IT Audit / Internal Audit

Dan Swanson

The only way to describe Dan Swanson to people who don’t know him is that he is a force of nature J  Dan collects and dissiminates information on audit, process improvement, and security to thousands of practitioners virtually every day through his CCC and SEC email lists. 

http://www.securitybenchmark.com/

 

Last month Dan Swanson became the editor of EDPACS. Until March 5th they have removed the subscription access controls so everyone can review what a subscriber

to EDPACS actually receives. This includes access to 10 years worth of articles at:

http://www.informaworld.com/smpp/title~content=t768221793~db=all

 

EDPACS is a monthly audit, control, and security newsletter with ~24 pages in each issue. and is the world's longest running IT Audit newsletter, going into its 35th year in 2007!  Going forward, Dan has indicated they will be focused on writing about four key areas, that is: Governance, Audit, Control, and Security. Dan is also always on the lookout for new authors writing about emerging issues and practical solutions (for readers to consider), send any article proposals to dswanson_2005@yahoo.com 

 

Finally, Mich Kabay has completed a comprehensive review of EDPACS recently.  His article is entitled: "EDPACS Archive a Treasure Trove" is accessible at:

http://www.networkworld.com/newsletters/sec/2007/0219sec1.html

 

note - Mich's free network security newsletter goes out to more than 50,000 security professionals each issue and past issues are accessible at:

http://www.networkworld.com/newsletters/sec/index.html

 

Forensic Audits: Got a Clue?

“The idea that public companies should undergo periodic forensic audits designed to detect fraud failed to excite a panel of audit experts during a meeting of the Public Company Accounting Oversight Board's Standing Advisory Group. Most members of the panel seemed unconvinced that a companywide forensic audit would be cost-effective — or, indeed, effective at all.”

http://www.cfo.com/article.cfm/8759510?f=alerts&x=1

 

Internal Control Seminars

Several of my colleagues have been presenting compliance-related seminars across the country for the past five years:  Sarbanes-Oxley, Corporate Governance, Internal Controls, Fraud Prevention and Detection, and Information Security.  The next seminars are in March in New York, Atlanta and Houston:  SOX Compliance for Small and Medium Sized Businesses (“SOX for SMBs”).  They will discuss practical, cost-effective internal controls over financial reporting.  The seminars are as entertaining as they are informative.

http://www.compliance-seminars.com

 

Legal and Regulatory Compliance

AS5: More Flexible, Less Effective?

“With just a few days until the comment period ends, the Public Company Accounting Oversight Board got an earful from its advisory board on Thursday about the new standard for auditors' attestation of corporate internal controls. In a nutshell, the corporate executives and accounting experts questioned whether the more-flexible standard will lead to less-effective audits.”

http://www.cfo.com/article.cfm/8756854?f=alerts

 

PCAOB's Niemeier: No Sarbox Rollback

“Charles Niemeier, a member of the Public Company Accounting Oversight Board, warned policy makers and other critics that they may damage the reputation and competitiveness of U.S. markets if they roll back the Sarbanes-Oxley Act and other securities laws, reported Reuters.”

http://www.cfo.com/article.cfm/8724384/c_8724695?f=ThisWeekInFinance022307

 

New laws target data security problem

“San Francisco (InfoWorld) - As more details emerge about the recently disclosed security breach at TJX Companies, lawmakers in Massachusetts are considering new laws that would put the onus for paying for such breaches on retailers and merchants, rather than banks and credit unions, the Wall Street Journal reported Thursday.”

http://news.yahoo.com/s/infoworld/20070223/tc_infoworld/86299_1

 

MP3 ruling could haunt music tech firms

“A federal jury's ruling that Microsoft infringed on two MP3 patents and must pay $1.52 billion in damages could turn into a major sour note for other technology companies in the digital music business.”

http://news.yahoo.com/s/ap/20070223/ap_on_hi_te/microsoft_alcatel

 

Security and Risk Management

The Fear biz is the computer security biz

“What are you afraid of? What causes you real fear, the kind that causes your heart to beat faster involuntarily, your stomach to sag like you've eaten lead, and your mind to lose its reason and revert to the primitive reactions of fight and flight? Spiders? Snakes? Serial killers? Speaking in public? Or the worst, the thing that freaks out almost everyone - scary clowns?”

http://www.theregister.co.uk/2007/02/11/computer_security_fearmongering/

 

Experts sceptical on Vista security

“Microsoft has been promoting Windows Vista's security for years, saying that it will prove to be its strongest, toughest operating system ever.   But now that the long-awaited operating system is out, how will Vista really stack up?”

http://www.techworld.com/features/index.cfm?RSS&FeatureID=3187

 

Despite Government Data Losses, Security Education Spending Not Growing

“While laptop and data loss continue to plague government agencies, a new report shows that federal spending on user education remains stagnant.  Out of an annual IT security budget of $5.6 billion, the United States is spending $140 million to $150 million annually on security awareness and training, according to Prabhat Agarwal, manager of Information Security Analysis for Input, a government-focused market research and analysis house. That user education number is expected to hold steady through 2012. “

http://www.darkreading.com/document.asp?doc_id=118058&WT.svl=cmpnews1_4

 

Hackers are ringing the changes

“Data security specialists are warning that hackers and other criminals are turning their attention from personal computers to the new generation of sophisticated mobile phones.  Next generation (3G) cell and smartphones equipped with bluetooth wireless (WiFi) capabilities are now starting to hit the marketplace in a big way. But questions are being raised about how much protection is being provided.”

http://business.scotsman.com/technology.cfm?id=297902007

 

Healthcare / Bio-Informatics / Care Delivery Organizations (CDOs)

Fee based On Demand Webinar:  Optimziing Health IT

Information technology’s (IT) use in healthcare is booming yet many hurdles are being encountered in regards to successful adoption and then ongoing support of these systems. Many healthcare organizations are rushing to implement technology to meet mandates but have challenges to address in terms of strategy, controls and processes. As a result, the outcomes of these organization’s IT investments are suboptimal and, in some cases, actively put patients and the healthcare provider at risk.

http://www.complianceonline.com/ecommerce/control/trainingFocus?product_id=700297

[This is a fee based webinar and the charge is $249/session.]

 

Massachusetts RHIO Makes Progress

“After four years and a $50-million commitment, many of the building blocks for Massachusetts' regional health information organization (RHIO), MA-SHARE (Simplifying Healthcare Among Regional Entities), are being stacked into place.   That's good given this is a critical year for MA-SHARE as grant money starts running out. ‘If RHIOs do not have a business model by the end of 2007, they will likely not survive until 2008,’ says John Halamka, CIO of CareGroup Healthcare System and CIO of the Harvard Medical School:

http://tmlr.net/jump/?c=25182&a=296&m=4406&p=100137676&t=164

 

Cutting-edge hospitals hooked to Wi-Fi support

“The sometimes desperate isolation of a hospital stay or visit is fast giving way to the digital age.  Today's hospitals have Wi-Fi Internet access, patient-information portals and patient blogs. And many electronic gadgets, including iPods, once banned from within hospital walls for fear of interference with equipment, now pose little or no problem.”

http://www.chicagotribune.com/technology/chi-0702180401feb18,1,7043142.story?track=rss&ctrack=1&cset=true

 

Warnings Over Privacy of U.S. Health Network

“The Bush administration has no clear strategy to protect the privacy of patients as it promotes the use of electronic medical records throughout the nation’s health care system, federal investigators say in a new report.”

http://www.nytimes.com/2007/02/18/washington/18health.html?ex=1172552400&en=68d85b69970ce946&ei=5070

AHIMA’s response to the GAO report:  http://sev.prnewswire.com/health-care-hospitals/20070219/CGM03620022007-1.html

 

Health IT remains a bipartisan issue, but with Democrats now in charge on Capitol Hill, the rush for national health IT legislation is on

“In the past year, lawmakers have struggled in their efforts to pass health information technology legislation. The Senate and House each passed a bill that they sent to conference committee by early fall, but the prospects for creating a framework for a National Health Information Network died without ever being presented for a full vote in either chamber.”

http://www.govhealthit.com/article97682-02-19-07-Print

 

Continuity of Care Document is approved by HL7, endorsed by HITSP

“The healthcare industry reached a milestone Monday in its goal to exchange clinical records electronically. Health Level Seven announced that the Continuity of Care Document was approved by ballot and that it received the endorsement of the Healthcare Information Technology Standards Panel.”

http://www.healthcareitnews.com/story.cms?id=6408

 

Human Error / Safety / Environment

Human Error Multipliers

“Studies show that up to 80% of network availability incidents can be tied to human error. In addition, the fourth annual CompTIA study on security breaches shows that 60% can be attributed to human error. With statistics proving over and over that human error should be of concern, it is a wonder that more attention is not paid to managing it. In fact, there are a number of behaviors that can dramatically increase the odds of human error yet organizations fail to manage them.”

http://www.spaffordconsulting.com/Human%20Error%20Multipliers.html

 

NPR:  What Will it Cost to Fight Global Warming?

“Many scientists say immediate action it needed to stop global warming. But some economists argue that the benefits of any realistic solution aren't worth the cost. Can we afford to stop global warming?”

http://www.npr.org/templates/story/story.php?storyId=7551080&ft=1&f=1007

 

[Energy] Industry Getting Heat on Climate Positions

“The major oil companies are changing gears. They are expressing less skepticism with regard to whether global warming represents a threat to the environment. But, most are still not doing enough to remedy the matter, leading critics to say that the only way the energy conglomerates will move decisively on the issue is to enact mandatory rules.”

http://www.energycentral.com/centers/energybiz/ebi_detail.cfm?id=284

 

As Asia Keeps Cool, Scientists Worry About the Ozone Layer

“Until recently, it looked like the depleted ozone layer protecting the earth from harmful solar rays was on its way to being healed.  But thanks in part to an explosion of demand for air-conditioners in hot places like India and southern China — mostly relying on refrigerants already banned in Europe and in the process of being phased out in the United States — the ozone layer is proving very hard to repair.”

http://www.nytimes.com/2007/02/23/business/23cool.html?ei=5088&en=494dbbd124791731&ex=1329886800&adxnnl=1&partner=rssnyt&emc=rss&adxnnlx=1172402173-scT/ZSwc141vO4tRTXs3uw

 

Outsourcing / Globalization / International

Shopkeepers protest as Wal-Mart eyes India

“Executives from U.S. retail giant Wal-Mart toured Indian stores on Thursday as they work on a deal that could change the face of the country’s $300 billion retail sector and has sparked fears of mass job losses.  In New Delhi, over 100 demonstrators waving banners and shouting slogans marched on government buildings to protest against the entry of the world’s largest retailer into India.”

http://www.msnbc.msn.com/id/17276629/

 

Declaration of Dependence

“The report, which polled 210 Western firms about what autonomy different functions enjoy in Asia, shows that sales, marketing, and human resources have much more freedom in how they operate compared with finance, IT, and R&D.”

http://www.cfo.com/article.cfm/8696746/c_8757373?f=ThisWeekInFinance022307

 

Confiscated airline carry-on items become big sellers on eBay

“What happens to those scissors, lighters and the occasional machete confiscated at US airports? Some land in an Ali Baba-style cave here, to be auctioned on eBay.”

http://news.yahoo.com/s/afp/20070224/tc_afp/usattacksairlinetravelinternet

 

Economics / Business / Misc.

The Snake Eater

“This is a story of can-do in a no-can-do world, a story of how a Marine officer in Iraq, a small network-design company in California, a nonprofit troop-support group, a blogger and other undeterrable folk designed a handheld insurgent-identification device, built it, shipped it and deployed it in Anbar province. They did this in 30 days, from Dec. 15 to Jan. 15. Compared to standard operating procedure for Iraq, this is a nanosecond.”

http://www.opinionjournal.com/columnists/dhenninger/?id=110009638

 

CFO: All pain, no gain

“In today's Sarbanes-Oxley world, the chief financial officer post - once a finishing school for future CEOs - has become the crummiest gig in the corporate suite. Combine the workload necessary to comply with the controversial 2002 legislation and the knowledge that you're almost certainly the sacrificial lamb if the SEC comes calling, and it's a recipe for skyrocketing turnover.”

http://money.cnn.com/magazines/fortune/fortune_archive/2007/02/05/8399150/

 

U.S. airlines pledge to review service plans

“Major U.S. airlines pledged on Thursday to review and update their customer service plans as necessary and called for a government review of airline and airport preparations for handling weather-related problems.”

http://www.reuters.com/article/domesticNews/idUSN2217752520070223