The Intersection of human Factors, Acidents, Security and BusinessSpafford Global Consulting - A Technology Business Consultancy Focusing on Human Factors, Accidents and Security
People are the key to success!

 

The News - March 8, 2009

"It is not hard to learn more.  What is hard is to unlearn when you discover yourself wrong. – Martin Fischer

 

Top Picks

New Green IT Book:  Greening the Data Center: A Pocket Guide

This is a new pocket guide I wrote that is intended to give managers an overview of technical areas to look at to reduce power consumption in a data center.  The expected publish date is April 2, 2009 and there are pages for pre-purchasing:
Soft cover edition:  http://www.itgovernanceusa.com/product/1907.aspx
Download edition:  http://www.itgovernanceusa.com/product/1908.aspx

 

Warming might be on hold, study finds
“The discrepancy gets to the heart of one of the toughest problems in climate science — identifying the difference between natural variability (like the occasional March snow storm) from human-induced change.”
http://www.msnbc.msn.com/id/29469287/

 

China calls for closer US ties in economic crisis
“China is looking to next month's meeting of world leaders in London to boost confidence and global coordination in dealing with the world financial crisis, its foreign minister said Saturday.  The G-20 meeting, scheduled for April 2, will bring together Chinese President Hu Jintao and leaders of the world's major economies in a quest for ways to stabilize financial markets, lessen fears of a lengthy recession, and begin overhauling the global financial system.”
http://www.google.com/hostednews/ap/article/ALeqM5hSCTc_ieqd4NCB2RsUHOjEQjRnRQD96P15LO0

 

Baxter admits contaminated seasonal flu product contained live bird flu virus
“While H5N1 doesn't easily infect people, H3N2 viruses do. If someone exposed to a mixture of the two had been simultaneously infected with both strains, he or she could have served as an incubator for a hybrid virus able to transmit easily to and among people.  That mixing process, called reassortment, is one of two ways pandemic viruses are created.”
http://www.google.com/hostednews/canadianpress/article/ALeqM5iV_RT6oBK3tOhtsWf5pnu5OIby9w

[I don’t mean this as an irrational FUD piece, but it does highlight how human error can be very dangerous in the biosciences.  To this day, I am very fearful of the home researchers doing their work without proper safety protocols.]
http://www.lifegen.de/newsip/shownews.php4?getnews=2009-02-25-5123&pc=s02
http://www.ceskenoviny.cz/news/zpravy/no-one-infected-with-bird-flu-virus-in-vaccine-tested-in-czechrep/360948

Book and Product Recommendations

The Financial Times Newspaper – Kindle Edition
I have always enjoyed the Financial Times and prefer it over the Wall Street Journal.  I recently subscribed to it on my Kindle and it is great getting the new current edition every day regardless of where I am.  This is one Kindle resource I strongly recommend.
http://www.amazon.com/gp/product/B001BAJA9K?ie=UTF8&tag=georgespaffor-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=B001BAJA9K

 

IT Audit / Internal Audit / Compliance/Ethics

Food Problems Elude Private Inspectors
“When food industry giants like Kellogg want to ensure that American consumers are being protected from contaminated products, they rely on private inspectors like Eugene A. Hatfield. So last spring Mr. Hatfield headed to the Peanut Corporation of America plant in southwest Georgia to make sure its chopped nuts, paste and peanut butter were safe to use in things as diverse as granola bars and ice cream.”
http://www.nytimes.com/2009/03/06/business/06food.html?ref=business

[Dan Swanson ran this interesting story in his newsletter.  I thought you might find it thought provoking as well.]

 

Where the truth is: Logs and breach-disclosure laws
“I have always championed log data as one of the cornerstones of IT security and one of the best ways to detect unusual activity as well as audit normal user and system activities. Log data is also useful for mitigating the fallout from security breaches since it reveals who accessed confidential customer data, when access occurred and by what methods.”
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=standards_and_legal_issues&articleId=9104578&taxonomyId=146&intsrc=kc_feat

 

IT Process Improvement / Quality Management

Lowering Incident Management Costs
“In today’s economy, IT is under pressure to reduce costs and "do more with less". As a result, IT managers are looking for ways to cut expenses wherever possible. Incidents and reactive work are being scrutinized for opportunities to cut costs and therein lies both challenges and opportunities for the groups that understand the type of costing benefit their work may bring.”
http://www.itsmwatch.com/itil/article.php/3807721

 

Quality Improvement in Healthcare: The Six Ps of Root-Cause Analysis
“This model is an adaptation of the approach to root-cause analysis described in the widely used London Protocol for the investigation and analysis of clinical incidents (2). The six Ps represent the six perspectives needed to answer the question, ‘Why did this event happen?’”
http://ajp.psychiatryonline.org/cgi/content/full/166/3/372

[The Six Ps are:  Patient, Personnel, Policies, Procedures, Place and Politics.  There are many aspects that IT should consider in any industry.]

 

Kevin Behr’s Blog
If you haven’t checked this out, you have to.  Kevin is a friend of mine and a card carrying genius.  His ongoing blog story about “The Adventure of Phil Chairs, Interim CIO” is now into its fourth installment.  I read these and can’t figure out whether to laugh or cry.
http://blog.kevinbehr.com/?p=153

SaaS project costs in detail: The payoff isn't always in cash
“Three SaaS users have slightly different stories to tell regarding whether SaaS saves them cash or, while costing more, enables efficiencies and expansion that pay off elsewhere for the business.”
http://searchcio-midmarket.techtarget.com/tip/0,289483,sid183_gci1350034_mem1,00.html?track=NL-974&ad=691867&asrc=EM_NLT_6038207

[Thank you for sending this one in Kurt!]

 

CMMI for Services is Now Available - Julia Allen Provides a Brief Overview
In lean economic times, service organizations, which make up 80% of the world economy, can benefit by using process improvement to make the most of their resources to achieve desired business results. CMMI for Services (CMMI-SVC) is a guide to help service provider organizations reduce costs, improve quality, and improve the predictability of schedules.

Customers are requesting that their service providers demonstrate a CMMI rating or capability profile, but attempts to use CMMI-DEV in a service setting can distort the integrity of appraisal results. Service providers deserve the same opportunity that the development community has enjoyed for years. They deserve the opportunity to improve their processes based on community models of practice that specifically address the interests and concerns of service providers. CMMI-SVC is the model of practice that service organizations have been waiting for.

CMMI-SVC provides best practices that service providers can use when they

  • Decide what services they should be providing, define standard services, and let people know about them
  • Make sure they have everything they need to deliver a service, including people, processes, consumables, and equipment
  • Get new systems in place, change existing systems, retire obsolete systems, all while making sure nothing goes terribly wrong with the service
  • Set up agreements, take care of service requests, and operate service systems
  • Make sure they have the resources needed to deliver services and that services are available when needed—at an appropriate cost
  • Handle what goes wrong—and prevent it from going wrong in the first place if possible
  • Ensure they are ready to recover from potential disasters and get back to delivering services if the disaster occurs

Access more information on CMMI-Services at:

http://www.sei.cmu.edu/publications/documents/09.reports/09tr001.html

 

Kurt’s Corner

News and views from Kurt Milne, the managing director of the ITPI.  He can be reached at: kurt.milne@itpi.org.

 

Application and desktop virtualization need effective controls

If you are considering application or desktop virtualization technologies, they need all the bells and whistles for managing security, control and compliance risks in an enterprise environment.   THAT SAID – with effective user and configuration controls, application and desktop virtualization technologies promise to solve some major desktop compliance and control issues – as well as reduce hardware, power, and support costs. – Read here about the Top ten removable media security incidents. Humans are still a major if not the major part of the security equation. My favorite - #5 USB candy drop…

http://www.networkworld.com/community/node/38917?netht=rn_022509&nladname=022509dailynewspmal

 

Evolving Cloud Definitions – storage space example

The definition of cloud computing so far has been the most cloud-like – changing shape as it blows across the technology hype cycle.  But, two elements appear to be common to many different uses of the term.  1)  less hard resource investment up front, and 2) pay-as-you-go pricing model. In other words – solutions that turn fixed costs into variable costs, and reduce in-house admin and support costs.  My sense is that there are new additional service management and monitoring costs, however.

http://searchcio.techtarget.com/news/article/0,289142,sid182_gci1349688,00.html?track=NL-964&ad=691223&asrc=EM_NLN_6004953&uid=4561296#

 

Data Centers / Cloud Computing / Green IT

Power struggle: What role should IT play in reining in energy costs?
“As energy costs seesaw wildly and public concern over the environment grows, data centers are landing in the corporate cross hairs. And IT managers may find themselves on the hot seat, asked to account for the energy costs their systems incur. Some forward-thinking companies are even beginning to wonder if it isn't time for their IT and facilities departments to merge.”
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=333818

 

The Case for Data Center Services Is Strong in a Weak Economy
“It’s almost always a good ideas to outsource one’s data center needs in order to take advantage of the economies of scale a hosting provider offers, to save money on and comply with the environmental requirements power and allow yourself to focus on your core competencies. But in a credit-starved economy, Peccoralo said, the lack of available financing ‘puts the kibosh on any capital-intensive construction projects” for those thinking of building their own data center.’”
http://www.phoneplusmag.com/hotnews/cp-vegas09/the-case-for-data-center-services-is-strong.html

 

Using chargeback to reduce data center power consumption: Five steps
“The key objective is to include power as an IT service delivery cost component paid by the business user. This is challenging in and of itself when most organizations are struggling just to get hardware costs allocated. Part of the challenge is the limited breadth of most chargeback tools and the lack of reporting of actual power consumption.”
http://searchdatacenter.techtarget.com/tip/0,289483,sid80_gci1349650,00.html

 

The 5 Blind Spots of Data Center Infrastructure Management
This is a press release, from Egenera but I like their comments regarding five assumptions about virtualization that management teams make that do not necessarily prove out.  It’s worth a quick read.
http://www.msnbc.msn.com/id/29480165/

 

The Problem of Power Consumption in Servers
“Individual servers are consuming increasing amounts of electricity over time. Before the year 2000, servers on average drew about 50 watts of electricity. By 2008, they were averaging up to 250 watts. As more data centers switch to higher density server form factors, the power consumption will increase at a faster rate. Analysts have forecasted that if the current trend is not abated, then the power to run servers will be equal to or greater than the server cost, as Figure 1 shows.”
http://www.ddj.com/215800830

 

How to Optimize the Energy Efficiency of Your Server
“Energy efficiency in the data center is the hot topic of the day. We all want the fastest, most powerful servers for our data center. We want to optimize, virtualize and consolidate in the name of making our data centers more efficient and green. Here, Knowledge Center contributor Julius Neudorfer examines several key components that impact the total energy a typical server utilizes, as well as what it really costs to operate a server and how to optimize the energy efficiency of your server.”
http://www.eweek.com/c/a/IT-Infrastructure/How-to-Optimize-the-Energy-Efficiency-of-Your-Server/

 

Security and Risk Management

Opinion: Battling information-security Stockholm syndrome
“Corporate American has been battered by ineffective information security for a long time, with untold billions of dollars in collective losses through the years. Sites that tracked defaced Web pages stopped listing them when they become too numerous to enumerate. Similarly, data breaches are now so common that even large breaches barely make the news.”
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=standards_and_legal_issues&articleId=9084987&taxonomyId=146&intsrc=kc_feat

 

Hacker's hobby 'war-dialing' making a small comeback
“Penetration expert HD Moore has made a new war-dialer for 2009. It is free, and uses VOIP services to place up to 10,000 calls in an 8 hour period. The program is called WarVOX, and, like any self-respecting network security tool, it only runs in Linux.  Moore made the tool, he says, to assist network security auditors find holes in companies' phone systems.”
http://www.neoseeker.com/news/10064-hackers-hobby-war-dialing-making-a-small-comeback/

 

Stopping airport computer hackers
“Airtight Networks, a wireless security firm, recently dispatched so-called white hat hackers to 20 U.S. airports. The mission: test the security of Wi-Fi system and the people who use them. The results: 97 percent of airport Wi-Fi users were vulnerable!”
http://www.wptv.com/news/local/story/Stopping-airport-computer-hackers/XGDzUQc99E6xwk_MXrm3Yw.cspx

 

The Building Security In Maturity Model
“The Building Security In Maturity Model (BSIMM) is designed to help you understand and plan a software security initiative. BSIMM was created through a process of understanding and analyzing real-world data from nine leading software security initiatives. Though particular methodologies differ (think OWASP CLASP, Microsoft SDL, or the Cigital Touchpoints), many initiatives share common ground. This common ground is captured and described in BSIMM. As an organizing feature, we introduce and use a Software Security Framework (SSF), which provides a conceptual scaffolding for BSIMM. Properly used, BSIMM can help you determine where your organization stands with respect to real-world software security initiatives and what steps can be taken to make your approach more effective.”
http://blogs.wsj.com/digits/2009/03/04/new-effort-hopes-to-improve-software-security/
http://bsi-mm.com
[Thank you Julia!]

 

Smith: Winning the hidden war
“Because secure networking is imperative to our economic safety and national security, the federal government has an obvious responsibility to provide comprehensive leadership in preventing these types of attacks.  Until recently, however, our cyber-defense efforts were largely an uncoordinated hodgepodge of various programs and policies.”
http://www.washingtontimes.com/news/2009/mar/08/winning-the-hidden-war/

 

Health and Healthcare

Health Care Reforms Needed
“Efforts to reduce the incentives that health providers have to undertake unnecessary procedures are essential if Obama's reform ambitions are to succeed. However, such reforms are likely to be fiercely resisted by some doctors, who are highly remunerated for performing certain procedures--which may explain why the president has kept his plans deliberately vague.”
http://www.forbes.com/2009/03/02/healthcare-obama-us-business_oxford.html

 

Doc-Patient Relationship May Be Key to Quality
“different doctors. But the researchers found that people who have a strong relationship with a specific doctor are more likely to receive care that's consistent with recommended guidelines than are those who are connected to a medical practice but not to a particular physician.”
http://health.usnews.com/articles/health/healthday/2009/03/04/doc-patient-relationship-may-be-key-to-quality.html

 

With the Economy Down, Sleeplessness Is Up
“Almost a third of all Americans are tossing and turning, unable to get a good night's sleep because they're worrying about the economy, their jobs or their money, a new poll finds”
http://www.businessweek.com/lifestyle/content/healthday/624576.html?chan=top+news_top+news+index+-+temp_lifestyle

 

Build Security into Every Product, Coders Advised
“A panel of security experts agreed that security needs to thought of a lot earlier in the software development lifecycle, and that the IT industry needs to start shipping ‘hardened’ products, especially with the advent of the cloud and visualisation making the location of sensitive data even more difficult to locate.”
http://www.pcworld.com/businesscenter/article/160877/build_security_into_every_product_coders_advised.html

 

Human Error / Safety / Environment

HIV numbers 'surprisingly high'
“The rate of HIV infection is 'surprisingly high' among people aged over 50 years, the World Health Organization said on Tuesday, warning that cases among older people may be growing worldwide.”
http://www.straitstimes.com/Breaking%2BNews/World/Story/STIStory_345433.html

 

Common flu strain resists popular drug Tamiflu
“More than 98 percent of one of the influenza A viruses circulating this winter is now resistant to the antiviral drug Tamiflu, up from less than 1 percent just two years ago, according to a study in TheJournal of the American Medical Association.”
http://www.baltimoresun.com/news/health/bal-md.tamiflu03mar03,0,5436145.story

 

Poor maintenance, critical errors caused jet crash, report says
“The F/A-18 crash that killed four family members in a San Diego neighborhood on Dec. 8 was caused by poor maintenance on the plane and a series of critical errors by the pilot and officers trying to guide him to an emergency landing, a Marine investigation report released Tuesday concluded.”
http://www.latimes.com/news/local/la-me-miramar-jet-crash4-2009mar04,0,1947853.story

 

Global News / Business / Economics

Euro set to fall further on EU split over eastern Europe bail-out
“The euro dropped 0.5pc to $1.2604 (88.7p) against the dollar on Monday morning. European leaders have rejected a proposal by Hungary that a £169bn rescue fund be set up to help poorer eastern European nations through the economic downturn.”
http://www.telegraph.co.uk/finance/financetopics/recession/4926704/Euro-set-to-fall-further-on-EU-split-over-eastern-Europe-bail-out.html

 

Chinese Regime Spending Spree—Strength or Weakness?
“While the regime does indeed look strong from afar, get closer in and the picture looks very different. As Zhongnanhai prepares to gobble up chunks of the global economy, the regime’s national pension fund posted its first ever loss.”
http://www.theepochtimes.com/n2/content/view/12966/

 

Chinese leaders confront economic crisis
“This year, the number one issue will be how to survive the global economic crisis and keep China's economy growing. As the global economic crisis cascades into China, Communist Party leaders fear a spike in unemployment could trigger social unrest and snowball into a political crisis.”
http://edition.cnn.com/2009/WORLD/asiapcf/03/03/china.meeting.economy/

 

IMF Sees ‘Serious’ Risk of Global Economy Contracting
“The International Monetary Fund sees a ‘serious risk’ of a contraction in the global economy this year and will probably cut its 0.5 percent growth estimate in April, Managing Director Dominique Strauss-Kahn said.”
http://www.bloomberg.com/apps/news?pid=20601116&sid=anGwS5UVc4qw&refer=africa

 

A sign of hope for China's economy
“A closely watched index of manufacturing activity in China edged up in February, an early sign that the economy may have seen the worst of the downturn.  The official purchasing managers' index released by the Chinese authorities Wednesday rose to 49 in February, from 45.3 the previous month and continuing its improvement from a low of 38.8 in November.”
http://www.iht.com/articles/2009/03/04/business/04chinastat.php

 

US News / Business / Economics

Wars, Endless Wars
“The United States is on its knees economically. As President Obama fights for his myriad domestic programs and his dream of an economic recovery, he might benefit from a look over his shoulder at the link between Vietnam and the still-smoldering ruins of Johnson’s presidency.”
http://www.nytimes.com/2009/03/03/opinion/03herbert.html?ref=opinion

 

Growing excitement, expectations for green jobs corps
“Government support has rallied excitement for the prospect of a green jobs corps, as President Obama's stimulus package puts about $20 billion into greening the economy, according to the White House.Video”
http://www.cnn.com/2009/LIVING/03/02/green.jobs.training/index.html

 

CNN Website Special:  Where the Jobs Are
CNN has a website that links to stories about jobs.  For example, on article is entitled “Experts:  Ignore bad news to find a job”.  Drop by and use the page to browse a number of their stories.
http://www.cnn.com/SPECIALS/2009/news/where.the.jobs.are/

 

Bernanke: Fed will use all tools at its disposal
“Federal Reserve Chairman Ben Bernanke said on Saturday the U.S. central bank would use all of its tools to stabilize financial markets and pull the economy out of recession.”
http://www.reuters.com/article/topNews/idUSTRE52627J20090307

 

Technology & Science

Phew! Asteroid's passing was a cosmic near-miss
“An asteroid about the size of one that blasted Siberia a century ago just buzzed the Earth.  The asteroid named 2009 DD45 was about 48,800 miles from Earth when it zipped past early Monday, NASA's Jet Propulsion Laboratory reported.”
http://www.google.com/hostednews/ap/article/ALeqM5iMRlXoAOKgOWrgy2Iux54E-dmD8QD96NDH0G0

 

Are We Alone in This Universe?
“NASA is getting ready to launch the Kepler telescope on an ambitious, first-of-its-kind mission: to search for Earth-size planets in our galaxy, orbiting stars at the right distances to have water on their surface.”
http://abcnews.go.com/Technology/Space/story?id=7010234&page=1
[The Kepler project is very cool on the Spafford Cool Space Technology scale.  Kepler launched as planned on Friday and now is beginning its mission with engineers beginning the commissioning process.]
http://news.cnet.com/8301-11386_3-10191272-76.html
http://www.redorbit.com/news/space/1650645/after_launch_kepler_prepares_to_carry_out_its_mission/
http://www.cnn.com/2009/TECH/space/03/06/nasa.kepler.launch.planets/index.html
The actual NASA mission page is at:  http://www.nasa.gov/mission_pages/kepler/main/index.html

 

 

Google
Web spaffordconsulting.com



Copyright (C) Spafford Global Consulting, 2004-2008. All Rights Reserved.