Hi,
This is an observation and thought that was triggered today by the headline from the Black Hat Conference that SCADA systems are under the security microscope.
Over the past few years I have worked on large projects with resellers to install various converged systems, one example being IP telephony. An observation which I find echoed through the industry is this... Companies who started off as traditional suppliers of products such as telephony, CCTV, access control etc who have now moved into the IP world really struggle with the concepts of data networking and would appear that they haven't recruited or trained accordingly in this field. On the other hand it appears that those who have been trained in data networking find the switch to learning telephony for example far easier.
So the question is this... Are the security concerns with systems such as SCADA another example of where FM system providers have failed to recruit and train with the move towards convergence and as such these systems are installed with network security as an oversight?.
I would certainly suggest that companies investing heavily in such systems have the correct skills available to sense check any installation and challenge these resellers in security principles.
J
Friday, 5 August 2011
Thursday, 4 August 2011
The "Cloud" - an economic impact?
Hi,
The "Cloud" is a hot topic and one I guess discussed frequently between CIOs. I would say I will blog about this many times over the coming years and decided to write a quick post today following a question which popped into my head...
You frequently hear of economists making statements such as "the recent snow storms (or whatever the event) has led to a loss of so many £millions in revenue due to many businesses being unable to operate".
Businesses now are more reliant than ever on IT systems and this will only increase. If a company has a severe network outage which lasts a few hours this can have a major impact on the business depending upon their reliance on IT systems. Of course good business continuity strategy and system resilience can mitigate against these but such things can come at high expense and just how many companies in such times can spend their money on such things?.
Anyway, getting back on track... Now imagine the wide adoption of cloud based services. A network outage now of several hours at a large provider can take out hundreds of businesses at huge collective loss. OK, so I would imagine that these cloud service providers will have multiple layers of resilience to mitigate against such an outage but it is not something which is an impossibility.
Lets take this one stage further, imagine an outage of a major ISP, even at a localised geographic level, this could stop hundreds of companies reaching their cloud service which is located elsewhere. Again I would imagine that Cloud providers will have ISP resilience but most companies trying to route to them will most certainly not.
The point here is obvious, the Cloud providers will be centralising many companies services which makes the following crucial:
The "Cloud" is a hot topic and one I guess discussed frequently between CIOs. I would say I will blog about this many times over the coming years and decided to write a quick post today following a question which popped into my head...
You frequently hear of economists making statements such as "the recent snow storms (or whatever the event) has led to a loss of so many £millions in revenue due to many businesses being unable to operate".
Businesses now are more reliant than ever on IT systems and this will only increase. If a company has a severe network outage which lasts a few hours this can have a major impact on the business depending upon their reliance on IT systems. Of course good business continuity strategy and system resilience can mitigate against these but such things can come at high expense and just how many companies in such times can spend their money on such things?.
Anyway, getting back on track... Now imagine the wide adoption of cloud based services. A network outage now of several hours at a large provider can take out hundreds of businesses at huge collective loss. OK, so I would imagine that these cloud service providers will have multiple layers of resilience to mitigate against such an outage but it is not something which is an impossibility.
Lets take this one stage further, imagine an outage of a major ISP, even at a localised geographic level, this could stop hundreds of companies reaching their cloud service which is located elsewhere. Again I would imagine that Cloud providers will have ISP resilience but most companies trying to route to them will most certainly not.
The point here is obvious, the Cloud providers will be centralising many companies services which makes the following crucial:
- The Cloud Providers Infrastructure including network, security, servers, storage etc
- Circuit and ISP Resilience of the Cloud Provider
- A customers own network and their ISP connectivity
- A customers own security
OK, so maybe large centralised outages are rare but surely the impact if it happens is vast and such strategy providers an obvious target for malicious attacks wishing to cause maximal disruption.
Going back the original comment about economic impact, if such outages happen, could this be large enough to provide a noticeable impact to a countries bottom line. Oh and of course many IT department will be stripping back their technical teams as they have less servers and storage to manage. More people on the Job queue maybe?.
I am not against "Cloud" in anyway but I am interested in others thoughts on the subject of risk and what IT professionals should way up when looking at strategy and a possible move towards the "Cloud".
Welcome!
Firstly hello and welcome to my blog and my first ever post online. Let me introduce myself, I am John, and I work as an IT Solutions Architect based in the UK. My first point of clarification is that although very unoriginal and possibly boring, John is my real name and my parents obviously liked it back in the 70’s, and as such I shall finish each blog with “J” in an attempt to be personable and reach out to readers. The “J” is obviously a copout but I can live with it in an attempt to save my fingers. The IT Solutions architect bit is also true but I like to see myself more as a well rounded business minded person and less of a nerdy geek seeing only 0’s and 1’s instead of the bigger picture. Of course, the nerdy, geeky stereotype is a little annoying and is so often wrongfully assumed of those working in my profession. I guess writing a blog may not help my cause but I have a lot to say so I’ll take my chances in that respect. Of course those who fit the stereotype are welcome and should read on proud of their contribution to where we are today both scientifically and technologically. To conclude this oversized paragraph, I do not discriminate, in fact the more the merrier, geeks and others alike!.
So what will I be blogging about? Well I hope to keep the material as broad ranging as possible, appealing to a wide audience. The following is a taster of things to come:
Consumerisation and BYOD (Bring Your Own Device)
Recruitment - experience verses certifications
Recruitment - experience verses certifications
Cloud
Outsourcing
Supplier Management – Where can I find a trusted supplier
IT departments - disliked and undervalued or innovative and recognised?
WLAN – Challenging environments
System Security
Anyway, I have waffled on enough, I hope you enjoy, I know I will!.
J
Subscribe to:
Posts (Atom)