General IT No comments yet

A Short History of Storage Devices

By on July 14th, 2011

I can’t really ever see myself being a technology historian, but I do find the development of technology and technology advancements astonishing at times. It’s easy to forget that some years ago, I used to think that my new 20MB hard drive was the bees knees.. “It’s 20MB of Hard Disk Drive, I’ll never need to upgrade it. I could store my entire life’s work on it and still have room to back up my floppies.”. How times change. I recently found this infographic on the spamfighter blog which I think summarizes the rise of storage perfectly. Check out the difference in per GB cost between 1980-2010: Continue reading A Short History of Storage Devices →

Information Security No comments yet

Phone Hacking, Corporate Responsibility and Employee Accountability

By on July 12th, 2011

The UK has been awash with scandal upon scandal in recent months. Individuals and organisations who we are supposed to trust have abuse their positions and the circumstances available to them. Is this to be the century of corruption? The politicians led the way with the expenses scandal,  immediately followed by questionable banking practices which brought the world to the brink of bankruptcy. Now in our latest installment of the “people doing what they really shouldn’t” saga, we have once reputable press organisations hacking into the phones of, well, pretty much everyone.

The world needs a double dose of the medicine that is corporate responsibility and employee accountability.   Whether or not the chiefs at the head of these corporate tribes were aware of the activities of their employees, ultimately they have a duty of care to take reasonable measures to prevent this kind of unacceptable behaviour occurring. Failure to do so is a slippery slope which rapidly evolves from the occasional cheeky rogue, to an inherent culture of wide spread wrong doing. Individuals should not be given a shield of plausible deniability or proclamation of ignorance. Each and every individual should be liable to take responsibility for their actions.  Chiefs have a responsibility to foster and enforce an ethical culture through the correct provision of training and providing the right tools for employees to adopt that ethical behaviour.

Just this week we have learned that News International were in fact in possession of emails which were withheld from the police in an attempt to control possible damage from implication of law breaking. Although possible, it’s difficult to release information in  an email without actually thinking about it’s content before clicking send. Much more difficult than giving the go ahead to do something in the spur of the moment over the phone. Information created or received by an organisation should be treated with the respect it deserves, but with the casual use of email in day to day life, it’s easy for the lines to blur. People generally use their work email accounts for general informal internal communications, even external at times.  When wrong doing is suspected, the legal defence of “that email was sent in this context” is used all to often.

As an organisation, one line of defence to this legal minefield is.. yes.. you have guessed it.. email labelling.  Forcing users (whether employees, directors or other execs) to select an appropriate label before sending an email builds not only awareness of company policies, but also re-enforces a culture of employee accountability.  Investment in an email labelling tool, could in the long run save your organisation millions or may even save it from the recently bloodied axe, which took out News of the World in one fell swoop. Furthermore, there are no longer any excuses on cost. You can do this for free.  Although you don’t get all the benefits of the paid version of Boldon James’ Email Classifier, the FreeMark version of Classifier allows you to do exactly that, label emails. ITS FREE,  the clue is in the name – FreeMark.  If you want to learn more about the FreeMark initiative, please visit www.freemarkinitiative.com

 

General IT, Information Security No comments yet

As A Service, Cloud Services Defined

By on April 18th, 2011

I recently turned to my long suffering fiancee and requested that she deliver me BaaS (Breakfast As A Service) every morning. The request wasn’t well received, and neither was the long winded explanation about how everything else is available as a service these days, so why not breakfast.  Needless to say, I have been making breakfast for weeks.

AAS (As A Service) is one of those marketing tag lines which seems to have taken hold and gained great tracking across the IT industry. Perhaps the most prominent of these is SaaS – Software As A Service. In this post, we’re going to explore where this paradigm has come from and we’ll look at some of the more visible acronyms out there.

From Product to Service

Historically, the majority of Information Technology was provided to organisations by software development companies, who would create products and then sell licenses to use those products. The products would be delivered and installed on site and hosted by the organisation Continue reading As A Service, Cloud Services Defined →

Information Security No comments yet

Theory of Gravitational Information Security – Making Security Policy Implementation A Reality

By on April 11th, 2011

This article draws on elements of gravity theory to help visualise information security concepts and to describe how to practically implement security policy objectives. It describes a metaphorical model where gravitational forces are analogous to the level of security controls we apply to an organisation’s information. Be warned, this will quite possibly be the nerdiest article I have written, but will be simple enough.. no degree in particle physics required to grasp it.

What is Gravity?

Gravity is a force which attracts and pulls physical objects towards each other. All objects are known to be affected by gravity, from the smallest atom to the largest star in the night sky. A general rule for gravity is, that the greater the mass of an object, the more gravitational force it will exert on the other objects around it. The sun, for instance, pulls the earth towards it in the same way that the earth pulls the moon ever closer as time passes.

At an atomic level, the closer to the center of an object we get, the greater the gravitational force is. As density increases, the movement of those central atoms is more restricted whereas the outer atoms are often able to move more freely.

The Analogy

In the same way as gravity applies force to those atoms drawing them towards the center, we can secure information by applying varying levels of enforcement based on sensitivity. If we imagine the sum of our organisation’s information as a spherical object made up of thousands of information atoms, we can start to visualize the relationship. Our most sensitive information is at the core of our infosphere (information sphere) and we must apply more force to protect it. As we move further towards the surface of our infosphere, the controls we will want to apply will be less restrictive and we will let those less sensitive information atoms move more freely.

Continue reading Theory of Gravitational Information Security – Making Security Policy Implementation A Reality →

General IT No comments yet

Cloud Computing/Virtualization vs Grid Computing Projects.

By on April 5th, 2011

This article discusses the industry trend to move towards cloud computing services/infrastructure and the possible impact this may have (or have already had) on ongoing grid computing voluntary projects. We will first cover in brief definitions of cloud computing, virtualization and grid computing. Subsequently, we look at possible declines in grid computing processing being caused by the efficiencies of moving to cloud services.

What is Grid Computing?

Grid computing is a computer processing model which takes large computational tasks and splits them into smaller sub-tasks. These sub-tasks are then distributed across a network of computer processors, each doing a small part of the overall job. The sub-task results are then passed back to the central grid node for inclusion and correlation in the overall project results.

One of the pioneer projects in the field of grid computing was the SETI At Home project initiated a Berkeley University in 1999.  I was a participant in the project from 2000-2006 and recently returned to continue my contribution.  The purpose of this project is to Search for Extra Terrestrial Intelligence (SETI). Radio-telescopes are used to monitor the vast amount of signals coming from space to seek out evidence of narrow-band signals which do not occur naturally in the universe. Analysing this vast amount of data is no small task and has been a core driver for the implementation of the grid computing project. The collected data is farmed out to millions of volunteer computers across the world, the data is crunched and then sent back to Berkeley processed.

Since 1999, several more projects have appeared across the various fields of scientific study including cancer research, global warming, astrological and many more. I recently joined(rejoined) the following:

SETI@Home - Search for Extraterrestrial Intelligence
Rosetta@Home – Medical research (Protein, Cancer)
World Community Grid – Medical research (Cancer, MS, AIDS), Environmental (Energy, Clean Water)

What is Cloud Computing?

There are tonnes of websites and books out there that can explain this for you. In short, Cloud Computing is all about moving information services out of a traditional local Continue reading Cloud Computing/Virtualization vs Grid Computing Projects. →