Archive for August, 2010

Employee Spotlight: Practice Manager – Business Continuity and Disaster Recovery Patrick Dunn

Wednesday, August 25th, 2010

No wonder Patrick is engaging and dynamic at his numerous business continuity speaking engagements around the country…as a two-time All American cheerleader and former University of Maine mascot, Bananas the bear, he’s had plenty of practice motivating crowds!

Consonus is pleased to have Patrick Dunn as practice manager - business continuity and disaster recovery. His extensive background comprises over twenty years of industry experience providing crisis management, business continuity development, disaster recovery planning, information security, IT assessment, and project management for Fortune 500 and Big Five accounting firms. Impressive credentials include time spent at SunGard Availability Services as a BC/DR Consulting Practice Manager, as well as Cap Gemini, Wright Express, Check Free/FISERV, and Fairchild Semiconductor.

As if his job doesn’t keep him busy enough, Patrick is an active member of numerous highly-regarded industry organizations up and down the east coast, including the Contingency Planning Association of the Carolina’s Inc. (CPAC) where he was recently appointed vice chairman. Industry certifications include: Certified Information Systems Security Professional (CISSP), Certified Business Continuity Professional (CBCP), and National Incident Management Systems (NIMS).

On those rare occasions of downtime, Patrick enjoys wine tasting (Shiraz is his favorite), American Revolutionary history (as a former Park Ranger for the National Park Service he led historical tours), and watching his beloved Boston Red Sox. Obviously a proud graduate of the University of Maine at Orono, Patrick lives in Flowery Branch, Georgia.

Three cheers for Patrick!

Data Protection and Your Career Dissipation Light (CDL)

Monday, August 23rd, 2010

As you look back over your IT career, you’ve probably (hopefully) had your share of success stories and significant accomplishments.  But there are events looming out there that may have a massive impact on your company and your career in the worst possible way.  The classic line from the movie Backdraft (1991) sums it up perfectly, “You see that flash of light in the corner of your eye? That’s your career dissipation light. It just went into high gear.”

Game Over.

Here are just a few reasons why your Career Dissipation Light can go into high gear (this = bad):       

1.    The Finance System is DOWN.  And has been for 48 hours.
The financial system is technically up and running but no one can login, receive payments, issue new invoices or cut purchase orders.  Turns out that you’ve got a network worm running rampant on the internal network … who knew?  Your team was supposed to!

2.    Contractors Gone Wild
So your company develops applications that are used by 95% of the Fortune 500.  Your source code repository is your company’s most critical data asset.  Here’s the news flash:  Your most critical data asset was stolen this morning when the new app dev contractor reported to work.  He simply went in, archived all the source code and uploaded it to his home network.  Problem is no one stopped it…hey, no one even knew about it.

3.    Losing your job to Asian hackers?  PRICELESS. (A MasterCard Moment)
This one will put your CDL into overdrive. Picture this:  Your company is experiencing explosive growth.  It sells goods and services over the ‘Net and you are picking up new customers by the hundreds every day.  Life is good!

You leave for vacation expecting some well earned rest and relaxation.  However on day one, your vacation is blown out of the water when you get “the call.”  It’s the network team lead calling every number he has to track you down.  When he gets you live, he gives you the low down:

  • MasterCard has contacted your company.  Thousands of MasterCard customers are reporting credit card fraud … going back for 90 days.  The common thread among all of these reports is that 100% of these consumers are your customers.
  • Network packet captures from this morning show that customer records are being copied in real time to a server at a university in China.
  • The network team lead thinks that multiple servers have been compromised in your cloud computing environment and some person or process is continually resetting the admin password.
  • MasterCard is demanding that your company’s system be taken off the ‘Net immediately and is threatening a $25k per month fine because of non-compliance with PCI.

The network team lead wraps by saying the CEO has an emergency meeting with the board at 8:30 AM tomorrow morning so he wants you in his office by 8:00 PM tonight.  You hang up the phone, tell your spouse and kids to pack their bags, and head home early to try to save your job.

These different scenarios illustrate how absolutely vital a comprehensive data protection plan is to your business; one that includes 7×24x365 monitoring, high availability, and multiple layers of protection. Unfortunately, there is no one single antidote to ward off all attempts. But a cross-functional approach is the best choice and absolutely necessary to safeguard your business-critical information and applications from outside attacks. You can’t afford NOT to have a well-defined security policy in place; the future of your job and the longevity of your company depend on it!

Jim Brown, CISSP
nGuard, Inc.

Headquartered in Charlotte, NC, nGuard is a valued Consonus manufacturing partner in the security arean, providing security assessments, managed security services and security solutions to companies located in the US.  nGuard’s intense focus on real world security expertise and internationally recognized security certifications allows the firm to service a broad range of companies and industries. For more information, please visit www.nguard.com.

Look at the Big Picture When Choosing an IT Solution

Thursday, August 19th, 2010

Instant gratification is part of the American way.  We are conditioned to look for the “quick fix” to solve problems fast and reap the rewards even faster. Unfortunately, this way of thinking leads companies to focus small, without really considering the various nuances involved as well as the business impact such a problem can have across departmental lines. 

Much like investing in an architect when building a house, a long-term vision is crucial.  Decisions have an impact beyond just the immediate problem they are fixing — what are the interrelated areas of business and how does IT impact these areas? 

Important to longevity is implementing agile technology that evolves with you. To do this, you have to go beyond the technology to dig deeper into the pains of the business and how technology can help ease or eliminate these pains. 

For example, say you’re running out of storage space. The first notion may be to add another server rack to take care of the problem. But if you dig deeper, you might find that the problem can actually be solved by archiving the unstructured data which is cheaper and allows you to reclaim storage space without a large capital outlay. Plus, the solution can be deployed quicker and you can achieve ROI in one month. And with this investment, you have the beginnings of a disaster recovery plan, which you know you should have, but don’t. Now that’s a smart business decision—one worth the time in extending the focus. 

Make the effort to investigate and develop an IT solution that solves multiple business needs — they are out there.  In the short term this could require more capital investment, but you may be able to achieve ROI faster and reap better long-term rewards than a more immediate fix. It’s time to look at the big picture!

Employee Spotlight: Senior Account Executive John Rapp

Thursday, August 12th, 2010

You would think John Rapp was from the south with his genteel mannerisms and polite disposition. But get him talking and that thick Long Island drawl gives him away. Fortunately, he does not have the New York “attitude” that often-times accompanies the accent. (No offense to New Yorkers.)

Always the consummate sales professional, John is a Consonus senior account executive based in Charlotte and is responsible for clients in North Carolina, South Carolina, and Virginia. Some of his accounts include: Analog Devices, Belk, Founders Federal CR Union, Kaplan Early Learning, Quoizel, The Roanoke Times, and RF Micro Devices.

“I thoroughly enjoy working for Consonus,” says John.  “I like the way we differentiate our company and IT solutions from our competitors to provide strategic, forward thinking, real value to our clients. And I especially like the dedication and enthusiasm of the people throughout the company that I work with.”

Before coming to Consonus, John was a Services Sales Consultant for Hewlett-Packard where he achieved over 150% of last year’s goal covering major commercial accounts in five states. Prior to HP, John served as the manager of an enterprise accounts team for CA, Inc., a regional director for Talisma Corporation and an account specialist for IBM.

As John explains, “I’ve been a sales representative and a sales manager for some of the largest players in the IT industry as well as some start-ups.   I’ve also covered Fortune 500 clients in major metropolitan territories as well as small to mid-sized businesses in more rural areas.  My broad base of experience adds an industry perspective that is very useful to my accounts.” 

When John is not busy at work, you can find him on the golf course (probably closing a deal). And like a true Long Islander, he is an avid fan of Islanders hockey. Though as he tells it, “To witness this spectacle, you just have to ask yourself, why.”

Married to Nancy for 27 years, he is the proud father of a daughter who just graduated from Wake Forest University Law School.

When asked about transitioning from the north to the south and the differences between regions, John says, “I was told there would be pie and that southern folk would offer it wherever I went… Neighbors would bring pie to my house, etc.  — I haven’t seen much of that.”

The 12 Layers of IT Security

Monday, August 9th, 2010

In Ancient Greek warfare, Alexander the Great popularized a combat formation known as the phalanx – a rectangular mass composed entirely of heavily armed infantry deployed in ranks of eight men deep.

This historic phalanx model of protection applies to IT security today, where the need for organizations to deploy a multi-layered defense to fend off attackers is imperative. Each layer reduces the number of attackers that get through until the numbers dwindle down to a manageable amount. 

In terms of IT infrastructure security, here are the levels of fortification that should be a part of your data  protection strategy for the enterprise: 

  1. Anti-Virus
  2. Anti-Spam
  3. Intrusion Prevention
  4. Intrusion Detection
  5. Active Email Scanning
  6. Active File Scanning
  7. Firewall
  8. Monitoring
  9. Security Best Practices
  10. Data Loss Prevention
  11. Educated and Attentive employees
  12. Well Defined, Implemented, and Enforced Corporate Policies

Like the Phalanx, even the most layered defense still has its vulnerabilities. The weakest components in a data security plan are usually corporate policies and employee education; these two elements are more apt to expose your business to internal risk by opening up the corporate network to attack.

Ultimately, the goal of any data protection strategy is to guard your business-critical information and applications from attacking armies of hackers and mal-intents. Unfortunately, there is no one silver bullet to ward off all attempts. But a layered approach to security comprised of robust levels and supported by skilled IT professionals will ensure you win not only the IT security battle, but the data protection war.