« September 2008 | Main | December 2008 »
Log management – a safe bet for 2009?
In my last blog, I talked about being optimistic for LogLogic - a "rising star" Silicon Valley company with a funny name. There's no doubt that belts will tighten around IT spending in 2009, but Enterprise Strategy Group analyst, Jon Oltsik, anticipates a few technology areas will remain strong. Namely: virtualization, networking, security, storage, and services.
When drilling down into security, Oltsik predicts: "Security management will merge with log management. That works for ArcSight, RSA, LogLogic, and LogRhythm." From our vantage point, security management and log management indeed go hand in hand.
In other news, Forbes security columnist, Andy Greenberg, predicted Wednesday that the cybersecurity industry will remain "recession-proof," despite decreases in overall IT spending. He cites both IDC and Forrester Research as supporting sources:
In another report last month from research firm IDC, less than 10% of companies planned to cut security spending, the least of any category of tech expenditures. More than a quarter of those companies, by contrast, planned to scale back spending on business intelligence software and collaboration software.
Another report from Forrester Research in September showed that security spending would increase during the banking meltdown to account for 10% of total IT budgets. The bulk of that money, says Forrester analyst Jonathan Penn, will go toward systems designed to keep former employees or disgruntled workers out of proprietary systems and to prevent business-killing data breaches.
So why are we still optimistic? Businesses can't afford to have their reputations tarnished by major data breaches (ahem, a la T.J. Maxx). They must be accountable or face losing customers. An important caveat to remember: threats aren't always from external hackers in cyberspace. Businesses must actively monitor employee user activity. "In periods of recession or slow growth, companies are going to turn their attentions to customer retention rather than customer acquisition," writes Penn in an e-mail. "The last thing you need in that environment is a data breach and the associated brand damage." We couldn’t agree more.
Posted November 25, 2008 in | Permalink | Comments (0)
« September 2008 | Main | December 2008 »
The Obama plan: accountability and startups with funny names
Now that we have a new president elect, everybody is asking themselves: what does the Obama administration mean for me? LogLogic is no exception and I have been asked the Obama-question by employees and reporters alike. The bottom line is that I am optimistic – the new government appears intend to focus on innovation, transparency and accountability.
Of course Obama’s first order of business is the US and global economy. Many have suggested that the federal government should sponsor a “man on the moon” type program to spur technology innovation. Most recently, Google CEO and Obama technology advisor Eric Schmidt called for an “innovation bailout”, a bold government-funded effort to create jobs by rebooting America's energy infrastructure, and a reformation that restores trust in government by using technology to increase openness and civic participation. It's vital, he said, "that small startups with funny names get founded and get funded in the new regime. That's where the wealth will be created."
Barack Obama's technology policy also proposes we appoint the nation's first CTO to increase transparency within government and to spur innovation and growth.
From the Obama-Biden technology policy:
Our nation’s progress has been stifled by a system corrupted by millions of lobbying dollars contributed to political campaigns, the revolving door between government and industry, and privileged access to inside information-all of which have led to policies that favor the few against the public interest. An Obama presidency will use cutting-edge technologies to reverse this dynamic, creating a new level of transparency, accountability and participation for America's citizens.
The emphasis on bringing accountability back to the heart of our nation's capitol provides an interesting call to Silicon Valley leaders. Why? Accountability means further penetrating corporate and governmental institutions to track and trace what is really going on behind closed doors. Accountability means heightening security, stabilizing corporate governance and increasing efficiency. And, let's not forget accountability means protecting citizens and customers through unprecedented levels of openness and transparency.
As a “rising star” in Silicon Valley, LogLogic – the compliance company with the funny name (really, try saying it quickly ten times) - is committed to do its part when it comes to innovation. Of course, Jon Granville, Director of Global IT and E-Commerce for the Body Shop already pointed out in my previous blog that our log management technologies help our customers achieve higher degrees of accountability and transparency. So, yes - I am optimistic.
Posted November 19, 2008 in | Permalink | Comments (0)
« September 2008 | Main | December 2008 »
Respect Your Customers – Protect their Information
It's always refreshing to talk to customers and be reassured we are helping them improve their businesses day to day. Last week, we announced both The Body Shop International PLC and Ameren Corporation (NYSE: AEE) as new LogLogic customers. Both companies are using LogLogic to meet regulatory compliance – The Body Shop is using LogLogic in the U.S. and will deploy us in the UK, EMEA and APAC to meet the Payment Card Industry Data Security Standard (PCI), and Ameren is using LogLogic to meet the North American Electrical Reliability Corporation (NERC) requirements as well as Sarbanes-Oxley (SOX).
I want to call your attention to my customer-hero of the week: Jon Granville, Director of Global E-Commerce & IT for The Body Shop. He is committed to protect customer data as a way to show respect to his customers - compliance or not. We love Jon's enthusiasm! Particularly as we experience an economic downturn - businesses will need to show they value customers by protecting their personal and private information. Unfortunately, this is not always the case.
Just last month, Cisco announced research findings for the most common data leakage risks and mistakes employees make. Out of the 2000 employees and IT professionals surveyed in 10 different countries, respondents admitted to a number of astonishing risky behaviors, such as:
- · Altering security settings to bypass corporate security policies and access unauthorized sites
- · Accessing unauthorized areas of networks and facilities
- · Sharing sensitive corporate data with non-employees
- · Sharing corporate devices with non-employees
- · Losing portable storage devices
- · Allowing others to "tailgate" behind them into corporate facilities
- · Leaving devices with passwords to personal financial accounts and corporate systems unattended and unlocked
Cisco also released a few whitepapers on the topic. One reports:
· A shocking 11 percent of employees said they or fellow employees accessed unauthorized information and sold it for profit, or stole computers.
· 20 percent of IT professionals said disgruntled employees were their biggest concern in the insider threat arena.
What can we learn from this? First off - we encourage all consumers to buy goods and services from companies who will protect you and your identity. Demand to be treated respectfully. Second, for any business interested in earning or maintaining customer trust, protect customer data above all else. Not only are there regulatory compliance mandates across various industries telling you to do so, but can you really afford a major data breach in today's economic climate?
Posted November 18, 2008 in | Permalink | Comments (0)
« September 2008 | Main | December 2008 »
Podcast: ITIL requires better log management and analytics to gain IT operational efficiency, accountability
This podcast was done by Dana Gardner:
Read complete transcript of the discussion. Find it on iTunes/iPod. Learn more.
Implementing best practices from the the Information Technology Infrastructure Library (ITIL) has become increasingly popular in IT departments. As managers improve IT operations with an eye to process efficiency, however, they need to gain operational accountability through visibility and analytics into how systems and networks are behaving.
Innovative use of systems log management and analytics — in the context of entire IT infrastructures — produces an audit and performance data trail that both helps implement and refine such models as ITIL. Compliance is also a building requirement that can be solved through verification tools such as systems monitoring and analytics in the context of ITIL best practices.
To learn more about how systems log tools and analysis are aiding organizations as they adopt ITIL, I recently spoke with Sean McClean, principal at consultancy KatalystNow, and Sudha Iyer, director of product management at LogLogic.
Posted November 11, 2008 in | Permalink | Comments (0)
June 2010
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 |
Categories
Archives
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
Blogroll
Blogroll
Compliance
Good Reading
- Internet and Web Security Review
- Log Management ROI
- Log Management Best Practices
- SANS Institute Log Management White Paper