IT Productivity Center

Tools for CIO, CSO, and CFO can use for Sarbanes Oxley, Disaster Recovery, Security, Job Descriptions, IT Service Management, Change Control, Help Desk, Service Requests, SLAs, and Metrics.

Last build:
Language:
en-US
Feed URL:
http://www.itproductivity.org/rss.xml

RSS FEED IDEMS: IT Productivity Center

  • Texas counties illegally posting Social Security numbers online
    (Computerworld) -- Like dozens of county governments around the country, Fort Bend County in Texas has for the past several years been posting public records containing Social Security numbers on its Web site. The records are accessible to anyone in the world with an Internet connection and are routinely sold to list brokers, real estate companies and mortgage firms.

    Texas Attorney General Greg Abbot ruled that such disclosure of Social Security numbers in public documents is a violation of both state and federal privacy laws and is a criminal offense punishable by jail time and fines. The ruling followed an inquiry by Fort Bend's district attorney in 2005 about how its county clerk was expected to deal with Social Security numbers when they were present in public records.

    Abbot's ruling has caused an uproar among county and district clerks in the state who are panicked by the prospect of being held criminally liable for actions they say were carried out as part of their normal business. Many have shut down or severely restricted public access to court records and are seeking help from state legislators who have hastily introduced a House bill seeking to absolve clerks of criminal and civil liabilities for disclosing confidential information.


    Mon, 05 Mar 2007 17:16:59 -0700

  • Security crisis? First, remain calm
    Security(IDG News Service) -- Security managers have to keep their cool and clearly communicate with chief information officers (CIOs) during a crisis affecting company networks, a top security official with Microsoft Corp. said.

    Otherwise, trying to educate CIOs in a panic mode will complicate how an attack is countered.

    Ideally, management should be briefed before a crisis, so they know how the response will proceed. Also, security managers need to know how to communicate in nontechnical terms for CIOs who may not have the same background.


    Fri, 02 Mar 2007 06:00:50 -0700

  • Overwhelmed IT systems partly to blame for JetBlue meltdown
    (Computerworld) -- Several issues with its IT systems contributed to JetBlue Airways Corp.'s fiasco after it was forced to cancel more than 1,000 flights after an ice storm last week, a spokesman said today.

    "For one [thing], we didn't have enough of our home-office employees or crew members trained on our reservation system," said spokesman Eric Brinker. "So while we were dispatching people to the airports to help, which was great, they weren't trained to actually use the computer system. So we're going through a process now where we're actively training those crew members."

    Brinker said the discount airline is also in the process of expanding the capabilities of its reservation crew members so they can accept more inbound calls.

    "We basically maxed out," Brinker said. "We're working on a system to be able to automatically notify them better to take phone calls."


    Tue, 20 Feb 2007 14:09:23 -0700

  • Microsoft's Open XML under scrutiny on its way to ISO approval
     (Computerworld) -- Microsoft Corp.'s Open XML document format, its progress unimpeded so far as it speeds toward approval by the International Organization for Standardization (ISO) later this year, may have hit its first bump on the road.

    Nineteen countries, including some that have already adopted the alternative ISO-approved OpenDocument Format (ODF) standard, submitted comments and objections regarding Open XML, according to an official letter sent out  by the ISO and viewed by Computerworld.


    Wed, 07 Feb 2007 16:04:51 -0700

  • Huckabee ordered that drives from 87 state computers be destroyed
     (Computerworld) -- Former Gov. Mike Huckabee, who ordered the destruction of a number of computer hard drives before leaving office last month, is now the subject of an ethics complaint because of his actions.

    Hard drives in 83 PCs and four servers were destroyed, according to Claire Bailey, director of the Arkansas Department of Information Systems (DIS). She said that her office backed up information from the servers but not the PCs, and gave the backup tapes to Huckabee's former chief of staff. The DIS apparently did not retain a copy of the data on the backup tapes.

    The computers from which the hard drives were removed and destroyed were located in the state Capitol, a state office in Washington, the Arkansas State Police airport hangar, the governor's mansion and the Arkansas State Police drug office, she said.


    Tue, 06 Feb 2007 17:07:20 -0700

  • Business and IT Impact Analysis Questionnaire

    This Business and IT Impact Analysis Questionnaire has been designed by one of Industry's most experienced application assessment consultants.  This Questionnaire has been used in over 500 assessment, DRP and business impact projects in the past four years.  Included is a Risk Ranking definition.  The Word version of the questionnaire is automated with check boxes that can be updated in Word.

    The Questionnaire (Form) is a 23 pages in length and contains the following:

    • Facilities / Business Function / Application

    • Sarbanes-Oxley Compliance

    • ISO 17799 Compliance

    • HIPAA Compliance

    • System of Internal Controls

    • User Environment

    • Processing Environment

    • Historical Information

    • Operating Environment

    • Criticality of Application

    • Database / File Name

    • Documentation

    • Security

    • Application Support and Maintenance

    • Resource Usage

    •  Hardware Requirements by Department

    •  Backups


    Sun, 28 Jan 2007 06:02:14 -0700

  • ISO 17799 Compliant Disaster Recovery Planning

    The ISO 17799 compliant Disaster Recovery Planning (Business Continuity) Template is Version 4.2.  The template has increased in size from 140 pages in version 3.1 to 189 pages in the current version. 

     New with this version of the Disaster Recovery Planning Template are:

    • Added Section defining the ISO 17799 compliance requirements
    • Reviewed and modified entire DRP/BCP template to ensure compliance with ISO 17799
    • Business & IT Impact Questionnaire updated to meet ISO 17799 compliance requirements
    • Added Best Data Retention and Destruction Practices section
    Sat, 27 Jan 2007 13:39:34 -0700

  • Cisco flaws may threaten networks

    (ZDnet) Three security holes in the software that runs Cisco Systems' routers and switches could let miscreants disrupt computer networks, including the Internet.

    The vulnerabilities lie in Cisco's Internetwork Operating System and could be exploited to crash or remotely run malicious code on devices that run the software, the San Jose, Calif., networking giant warned Wednesday in security advisories. IOS runs on Cisco's routers and switches, which make up a large portion of the Internet's infrastructure.

    Cisco's warning prompted the U.S. Computer Emergency Readiness Team, or US-CERT, to issue an alert. "A remote attacker may be able to execute arbitrary code on an affected device, cause an affected device to reload the operating system, or cause other types of denial of service," US-CERT said on it Web site.

    Being able to execute arbitrary code means that an attacker could change the configuration of a router or switch, redirecting traffic or potentially sniffing the data that travels through a Cisco device. In a denial-of-service attack a vulnerable router or switch would be taken offline, disrupting any traffic it is tasked to channel.


    Thu, 25 Jan 2007 13:09:22 -0700

  • Security Manual Templated Updated to Meet ISO 17799 Standard

    ISO 17799 Security Manual TemplateAn updated Security Manual Template published by Janco has just been that meets the full ISO 17799 standard.  The template is being expanded to over 200 pages. 

    ISO/IEC 17799:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 17799:2005 contains best practices of control objectives and controls in the following areas of information security management:

    • Security policy;
    • Organization of information security;
    • Asset management;
    • Human resources security;
    • Physical and environmental security;
    • Communications and operations management;
    • Access control; and
    • Information systems acquisition, development and maintenance.

    Sat, 13 Jan 2007 08:12:29 -0700

  • 2007 IT Salary Survey Released
    2007 IT Salary SurveyPark City, UT  -- Janco has found the IT Hiring Recession is over. Victor Janulaitis, the CEO of Janco said, For the first time since the recession of 2001 there has been a significant increase in demand for IT Professionals.  Hiring is up across the nation as companies begin to focus on business expansion.
    Sat, 13 Jan 2007 07:59:03 -0700

  • Blog Policy Template Released

    Blog PolicyBlog Policy, Procedure and Guidleine Template was released.  It is 8 pages long and covers everything needed by any size enterprise to manage the eveloution of its blogs.  Go to:

    http://www.itproductivity.org/blog.htm


    Thu, 04 Jan 2007 08:05:37 -0700

  • IT Infrastructure Costs

    Managing IT costs and the service delivery process was just made easier with the release of The Metrics, IT Service Management and Service Level Agreement bundle. 

    Delivering quality IT Service and measuring IT's performance is a difficult and time consuming exercise. Many enterprises believe that they do not have the time, money, or resources to initiate and monitor the processes necessary to do this. However, enterprises cannot determine how much something is worth unless its value can be quantified. It is a necessity of the new economy that every business unit needs to demonstrate its worth while meeting necessary service objectives.

    An annual update service is available.


    Wed, 20 Dec 2006 18:32:19 -0700

  • Dual-Mode Phones Nourish Sales
    (Computerworld) -- At Anthony Marano Co., sales personnel serve a dual role as buyers of the fruit and produce it distributes. And they now use dual-mode mobile phones, which work on both a wireless LAN inside the companys Chicago facility and a Cingular Wireless cellular network outside the building.

    The phones and the network underpinnings for the dual-mode technology have been used in full production mode by about 50 employees for the past 18 months.

    Workers equipped with the phones can walk around Marano’s 400,000-square-foot warehouse to check on produce shipments and connect to the companys WLAN through 72 access points. If they need to go outside, they can continue talking over the cellular network, according to Nowak.

    Mon, 18 Dec 2006 17:53:03 -0700

  • U.S. agencies target moneymaking scams
    (IDG News Service) -- Three U.S. agencies have initiated more than 100 law enforcement actions against bogus business-opportunity peddlers and work-at-home scams, including several Internet-based schemes.

    The Project FAL$E HOPE$ crackdown, announced Tuesday but in operation for most of the year, targeted scammers in 11 states, including California, Texas, Florida and Maryland. The Federal Trade Commission, Department of Justice and Postal Inspection Service worked with law enforcement agencies in those states to take action against the alleged fraudsters.

    Project FAL$E HOPE$ includes new cases announced Tuesday, developments in existing cases, criminal convictions, and state actions. The project also announced new education material for advertising sales staff, aimed at helping screen ads for bogus business opportunities.


    Wed, 13 Dec 2006 13:39:47 -0700

  • Hackers work around Vista activation feature
    (IDG News Service) -- Hackers are distributing a file that they say lets users of the corporate version of Microsoft Corp.'s Windows Vista operating system get around the software's antipiracy mechanisms.

    Windows Vista must be "activated," or authorized by Microsoft, before it will work on a particular machine. To simplify the task of activating many copies of Vista, Microsoft offers corporate users special tools, among them Key Management Service (KMS), which allows a company to run a Microsoft-supplied authorization server on its own network and activate Vista without contacting Microsoft for each copy.

    The software, Microsoft.Windows.Vista.Local.Activation.Server-MelindaGates, lets users spoof that KMS process, allowing them to activate copies of the enterprise editions of Vista, its creators say. The hacked download can be found on various  file-sharing sites.

    Microsoft's official KMS offering is available to customers with 25 or more computers running Vista. The machines activate the software by connecting to the KMS server and must reactivate every six months.
    Sun, 10 Dec 2006 17:01:51 -0700

Submit your RSS Feed

Subscribe to this RSS Feed

Copyright © 2006-2007 Listopica, Inc. RSS Feed Directory