Quest Software IT Blog

IT Simplified - Quest's Executive Blog

Perspectives on technology, culture and community from Quest's thought leaders
Skip navigation
Overview All Content (37) Blog Polls Set as default tab

Manage categories

Close

Create and manage categories in IT Simplified - Quest's Executive Blog. Removing a category will not remove content.

Categories in IT Simplified - Quest's Executive Blog
Add a new category (0 remaining)

Manage Announcements

Close

Create and manage announcements in IT Simplified - Quest's Executive Blog. Try to limit the announcements to keep them useful.

Announcements in IT Simplified - Quest's Executive Blog
Subject Author Date Actions
Add a new announcement

Read Recent Blog Posts

Refresh this widget
Paul Christman
0

Last week, The Arizona Republic reported that the Arizona state legislature’s computer systems had been infiltrated. Hundreds of state documents were stolen and posted on a hacker website. The perpetrators were self-proclaimed “hack-tivists” and the act was largely symbolic, since most of the stolen documents were already in the public domain. 

   

Recently, Government Technology magazine reported that the Utah Department of Health had been breached last month. Initial investigation estimates that as many as half a million records were copied from Department of Health servers. This breach was not a demonstration of hacker ability, it was a focused effort launched from somewhere in Eastern Europe to gather sensitive personal records for criminal purposes. If the Arizona Legislature event was misdemeanor graffiti, the Utah Department of Health incident was felony breaking and entering.

 

State of Utah CIO Steven Fletcher, a tenured, respected and competent public servant, was forced to resign because of the breach. In his final interview with reporters, Fletcher said that attacks on the state’s computer infrastructure have increased 600 percent in just the past four months. The governor’s office confirmed that over a million attempts a day are made to infiltrate the state’s networks. The entry point for the Department of Health breach appears to have been a “weak password” that was discovered and exploited by hackers.

 

Remedies for this security defect are technically possible and could have been implemented.  We can implement stronger identity and access controls.  Identities can be managed centrally through federated directories.  Common configurations can be pushed across diverse networks.  Password complexity policies can be applied to applications and servers.   Accounts with elevated privileges can be placed under a higher level of control and ongoing scrutiny than accounts of standard users. Putting these solutions into practice requires two important commodities that seem to be in short supply: money and the will to take preemptive action.

 

The money required to prevent breaches is small compared to the cost of response and remediation.  As the old saying goes, “an ounce of prevention is worth a pound of cure.”  Utah Governor Gary Herbert said, "The compromise of even one person's private information is a completely unacceptable breach of trust."  The threats are serious and on the rise.  My call to political and technology leaders across the country is to spend the political effort and money to improve the security of our critical information infrastructure.  Without the funding and the political will to implement policies consistently across agencies, we will continue to see expensive remediation after more and larger privacy breaches.

248 Views 0 Comments Permalink Categories: General, IT Operations, Products, Software Industry Tags: case_study, public_sector, authentication_services, technology_trends, federation, government, security_breach, identity_administration
Walter Angerer
0

Ever since I joined the workforce (which was longer ago than I care to admit!), the corporate mantra has always been the same: “We need to do more with less.”


The more, of course, refers to work, while the less, naturally, refers to money. Frankly, we’ve gotten to point where the need to do more with less pretty much goes without saying. I mean, seriously, when was the last time your boss came into a meeting and said, “Good news! Our budget was just dramatically increased and the company is not expecting nearly as much productivity from us this year!”


Fair or not, doing more with less has simply become an expected and accepted part of the job description for most workers, especially those who ply their trade in IT.

 

Now, scientists will tell you that there is no such thing as perpetual motion; that forward progress cannot go on indefinitely.  Unfortunately, chances are none of those scientists rank among the executive decision makers at your company. The fact is, when it comes to productivity in the corporate world, perpetual motion is expected, and in some cases, demanded.

 

So how do we do it? How do we constantly keep advancing levels of productivity, even in the face of decreased budgets? The answer, of course, is innovation. Finding bigger, better, faster, and perhaps most importantly, more cost-effective ways of doing things.

 

In the world of backup, the need to feed the ever-hungry monsters that are cost savings and performance efficiency led us to an innovation known as the “single pane of glass.”

 

And for a time, this new approach served its purpose, greatly improving work flow and reducing the effort involved in protecting and managing complex environments. Those vendors that were quick to embrace the single pane of glass concept reaped rewards in the form of new customers and increased market share. Some still tout the single pane of glass today as their major competitive differentiator.

 

But the need for constant innovation and advancement in the name of increased productivity and cost savings --- the need for perpetual motion --- can quickly turn yesterday’s marvelous innovation into today’s outdated approach. Eventually, innovations of the past run out of steam, and the need for perpetual motion once again becomes front and center.

 

Such is the case with the single pane of glass approach to backup and recovery. The once-static nature of IT infrastructure has given way to a level of fluidity most never have imagined. Virtualization and cloud have forever changed the data center. Mission-critical applications and databases have become exponentially more critical. And the need to protect IT services has replaced the need to protect IT infrastructure. In other words, IT has become a world that the single pane of glass was not designed to protect.

 

The problem with the single-pane approach is that, as its name suggests, it delivers a flat, single-dimensional view of data protection; a limited approach that supports just a single IT admin role and inherently focuses on infrastructure rather than services. In a world where infrastructure is fluid and assets are constantly moving between physical and virtual, and on-prem and off, the single pane can quickly become, pun intended, quite a pain, not only for the single admin asked to shoulder a tremendous workload, but for the business-line owners with no visibility into (or control over) whether or not their critical assets are protected.

 

At Quest, we believe the time to innovate has again come. It’s time to shatter the “single pain” approach to data protection, and instead enable specialized, role-based workflows that map specifically to the service or services a given admin is responsible for protecting. It’s time to enable business line owners to play a bigger role in the protection of their data and services.

 

Next month, we’ll be formally unveiling a new technology that does just that; one that shatters the single pane of glass, better enables IT to align backup and recovery with the changing needs of today’s business, and helps organizations meet the never-ending need to do more with less. Perpetual motion is, after all, perpetual.

 

Stay tuned!

454 Views 0 Comments Permalink Categories: Data Protection Tags: backup, sla, service_level_agreements, vranger, data_protection, backup_and_recovery, netvault, innovation, backup_and_restore, netvault_family, quest_netvault_backup
Shayne Higdon
0

The misspelling in the title is intentional.  I am referring to monitoring-as-a-service (MaaS).  Bernd Harzog of The Virtualization Practice wrote an informative piece comparing on-premise monitoring to SaaS-based monitoring where it chronicles the technology requirements of a monitoring solution and points out some of the current, new solutions.

 

According to Gartner, $2B was to be spent world-wide in 2011 on application performance monitoring (APM).  This is a 15% increase over 2010.  Keep in mind these numbers do no incorporate money spent on MaaS solutions.  This is a huge market.  A mature market with a lot of on-premise deployed software with a ton of customizations that need to be accounted for when moving to MaaS.  Bernd didn't really highlight that APM has historically been a political hot bed in accounts as there is no single buyer or user of the solution.  APM affects many groups -- network, storage, database, application and the lines-of-business.  It's a complex sale.  Can this ever be solved?

 

Going to a website, downloading an agent and voila -- an instant dashboard and perfect reports definitely sounds magical.  Keep in mind deploying an agent is the easy part of an on-premise solution deployment.  Monitoring is not a one-size-fits all approach.  I agree there is some percentage of the functionality that can be deemed good enough, but the good enough needs to be valuable enough to make a purchasing decision.  The hard part is that different user and executive groups have different needs and requirements thus often requiring the "monitoring group" to customize whatever solution is chosen.  This is where things get difficult and political which adds complexity to both the technology deployment and the buying cycle.

 

The point Bernd makes on security is crucial.  I have no doubt each of the companies he listed are growing, and rapidly at that; however, very few customers are going to do a 180 degree turn and move from a currently deployed on-premise solution to a MaaS offering.  They've simply invested too much in on-premise APM solutions and they aren't completely ready to transition when a lot of their applications are still on-premise.  It's too risky.  Please understand I am not saying that customers won't push vendors like Quest and other to do both and ultimately things will move by and large to MaaS.  In fact, I think they will and we must adapt and lead them to the future.  But that future is a progression.  An evolution, not a revolution, of sorts.  This is why you have seen us evolve by creating easy to use, downloadable products in specific domains like network, database and virtualization monitoring.  Each domain install gives you the base Foglight platform.  When you decide you need end user, applications or storage monitoring you can easily move to richer feature set of Foglight.  We also give you the ability to monitoring virtualized infrastructure through the Beta of our Foglight OnDemand MaaS solution.

 

Ultimately, the SaaS delivery model will be more efficient and productive than on-premise APM solutions, but moving from all on-premise APM to MaaS isn't a no-brainer yet.  You need to partner with a vendor that knows this market and is continually evolving to meet customer needs.  I believe Quest is that vendor as evidenced by our continued product innovation, growth, customer satisfaction and being in the "Leaders" quadrant of the Gartner 2011 Magic Quadrant for APM.

 

Are you considering a move to a MaaS?  Tell me about what's pushing you in that direction.  I would love to hear from you.  Feel free to email me privately at Shayne.Higdon@quest.com.

667 Views 0 Comments Permalink Categories: Virtualization, Acquisitions, IT Operations, Products, Software Industry Tags: foglight_community, new, monitoring, cloud, vfoglight, innovation, technology_trends, foglight_analytics, executive_blog, total_cost_of_ownership, vkernel, foglight_on_demand, vkernel_vops, boundary, appdynamics, appfirst, copperegg, logicmonitor, monitoring_as_a_service, relic
More

Actions

Notifications

Meet the Executive Team

Doug Garn
Vice Chairman
PostsEmail
Carol Fawcett,
VP, Information Services
PostsEmail
Shayne Higdon
SVP, Product Management
PostsEmail
Steve Dickson
SVP, Product Management
PostsEmail
Darin Bartik,
VP & GM, Database Management
PostsEmail
Kim Kinnison,
VP, Worldwide Support
PostsEmail
Walter Angerer
SVP & GM, Data Protection
PostsEmail
Michael Sotnick
VP, Worldwide Channels & Alliances
PostsEmail
Paul Christman
President & CEO, Public Sector Inc
PostsEmail
Terri Avnaim
VP, Corporate & Field Marketing
PostsEmail
David Cramer
VP & General Counsel
PostsEmail
John Ganley
VP, Human Resources
PostsEmail