April 2009 Entries
Hurrican Season 2009 to Boost Remote Managed Services for Backup, Recovery and Storage - April 3, 2009
Recent events in the southeast prompt users to rethink their storage strategies
Orlando Florida -- Hosted storage and services are becoming increasingly popular with users in the hurricane-ravaged southeastern U.S. in the aftermath of Hurricane Katrina and the 12 others that hit land in recent years.
Many IT managers are now attempting to plan for the unthinkable and have totally revamped their storage and server infrastructures. That has served them well as they confronted more recent storms such as Ike and Gustav.
"I think that probably the most important thing that we have done is that we have moved to an Application Service Provider(ASP) model wherever possible," said Peggy Villars-Abadie, executive director of IT for the New Orleans Parish School Board, explaining that the organization's digital lesson planning and critical "Blackboard" system are both hosted elsewhere. Blackboard, which is an academic Web portal, is hosted by a Washington-based company of the same name, and Villars-Abadie explained that the Board's ERP systems are hosted by Maine-based Tyler Technologies.
After the devastation wrought by Katrina, Villars-Abadie and her staff have thrown their weight behind hosted storage, servers, and services. Three years ago, the school board lost a massive chunk of its hardware to the floodwaters and the ensuing chaos, a scenario that Villars-Abadie is desperate to avoid repeating.
"The devastation that the school board experienced, not just from the storm but [also from] the ensuing political upheaval, made everyone open to new ideas," she said. "[It's] the nightmare of not having access to the information because it's dependent on our ability to reach the physical infrastructure."
The exec told Byte and Switch that the school board now uses data centers in locations as far flung as Maine, Baltimore, San Diego, and Illinois.
"They are all over the place," she said. "None of them are in the hurricane area – all our storage is at their sites, we don't keep any of that here."
The next major piece of IT infrastructure to be moved off-site is the school board's student information system, which Villars-Abadie admits has caused some unease, particularly amongst teachers.
"There was a little nervousness around that initially, but people that work in our data center were confident with it going off-site," she explains. "I said 'We don't have anything more critical than our financial information, and that's stored off-site.'"
Even before the ravages of the recent hurricane season, many organizations in the most vulnerable parts of the southern U.S. were looking for alternatives to their current IT infrastructure, according to Orlando Florida based Cherub Networks.
"Companies are getting out of the southeast," said CEO Brian McCarthy, explaining that doctors’ offices and health care organizations, in particular, are looking to host their applications and storage off-site. "There’s a lot of Web applications coming in from the medical space – this means that these doctors, if the hurricane comes through, still have all their stuff."
Denver-based ATS Medical Management, which is a partner of Cherub Networks, told Byte and Switch that firms in states such as Texas, Louisiana, and Mississippi, have been re-evaluating their technology infrastructures for some time now, well before the recent problems in the region.
"One of our customers is in South Texas, and one of the reasons why they like this is they are getting all their information off the coast, and to a part of the country that's out of the reach of hurricanes," said Walter Payson, the CIO of ATS Medical Management. "We have got another [customer] in Louisiana, that's the same thing."
The exec explained that many medical firms would much rather outsource the storage capacity and server horsepower required to run key systems such as electronic medical records and billing.
"I think it's the push towards everybody running an electronic patient record and the fact that these systems involve a lot of complexity," added Payson. "Cherub Networks provides the storage and the infrastructure, and we handle the application layer."
To Learn more and how to do it Right, call: (407) 965-1910 or go to: http://www.cherubnetworks.com/managed-services.php
Cherub Networks LLC is well known for it's flagship product iTGuardian Managed Services which is designed exclusively as a managed or hosted solution to provide our customers with the most cost effective management of their IT infrastructure 24x7. Cherub Networks uses iTGuardian enterprise class technology helping you provide end-to-end monitoring and management of your IT infrastructure over the secured and encrypted Internet connection. This solution helps Cherub Networks deliver an unlimited range of unique managed services, providing extraordinary levels of performance and availability for you, our customer. iTGuardian Managed Services Benefits.
Office in Orlando Lake Mary Longwood Lakeland Tampa Daytona Beach Maitland St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral MSP continuously monitoring healthcare network infrastructure Microsoft patch managing all critical systems Advanced Technology Service Hosting Hosted Data Center Exchanges Sharepoint SQL Event Log Application Backup Firewall Capacity Disk Space CDW Online Backup DR Replication De-Dup De-Dupe iSCSI SAN NAS GRID computing on demand storage Cloud We are well known for desktop, server and network monitoring, management, security online backup cloud computing storage archiving VoIP Hosting top 10 Virtualization HaaS SaaS Help desk 24x7 for small medium enterprise SMB SME employees IT as a service software hardware support onsite remote hosted exchange sharepoint fixed cost cutting solutions microsoft hp symantec spam barracuda anti-virus gartner magic quadrant robo soho GRID on demand ibm dell cdw low cost budget HaaS disaster recovery business continuity SaaS capacity cost per gigabyte firewall HaaS SaaS evault seagate iron mountain
Top 10 things to look for in a Managed Service Provider (MSP) - April 3, 2009
Orlando Florida -- Many organisations are turning to managed security services providers (MSSPs) to manage specific areas of security. This may include firewalls, data hosting, code development, vulnerability assessment and monitoring.
While outsourcing relieves the burden of managing these systems in-house, if there is a security breach the burden of responsibility still lies within your own organisation. It is therefore vital to investigate and conduct thorough due diligence of an MSSP before engaging its services.
So how do you go about making the decision to outsource and what criteria should you use to select your service provider?
First and foremost, what sort of relationship do you already have with business process outsourcers and IT outsourcers? It pays to be honest in answering this question, because if your relationships with outsourcers tend to end in acrimony it’s unlikely you will fare any better with an MSSP.
Keep in mind that you cannot outsource security per se; you can only outsource tactical tasks relating to security. Therefore someone at your organisation should still serve as the security “owner”, ensuring that business requirements are being met by the outsourcer efficiently and effectively. It is important to remember that it is the MSSP's job to secure systems to the extent that you require. It still remains your job to secure the business. Be crystal clear on identifying responsibilities which are the MSSP's and those that remain yours.
If you are considering whether or not to outsource security monitoring then the organisation needs to understand the specific business requirements against the willingness to invest resources. If security monitoring is a critical component to the organisation, the level of tuning and tailoring needed to meet these requirements is often best done by building the solution internally.
Data hosting is another frequently outsourced service. Some hosting services may physically lock your servers in cages and not give internal staff access to the cage without your knowledge. This gives you a lot of control over security even though the service provider is doing most of the work. It’s important to also remember that you have a right to know who has access to your data and systems, so don’t be afraid to request background data.
Go armed to the hosting provider with a list of questions to ensure that security meets your expected standards. They include:
• What policies and standards do they work to?
• How effective is their physical security and how frequently to they test controls?
• Does the vendor employ a security manager with an industry recognised security qualification (e.g. CISSP)?
Don’t be afraid to pry and insist on a tour of the facilities. A willingness to show you around and openness when answering your questions should inspire confidence.
The same goes for those vendors writing code for your business. It’s essential that the SLA states the security requirements of the final product. Too many times I’ve seen deliverables that function to specification but are insecure once they go online. If you already have internally used standards for code development then make sure that the service provider is aware of their content.
Similar concerns are relevant for services such as e-mail outsourcing. The provider's provisions for security and procedures for patch management are all important. It should also be noted that an organisation does not necessarily have to outsource management of its e-mail infrastructure to outsource security. However, security can be increased in the face of e-mail-borne hazards by outsourcing both e-mail and messaging infrastructure.
Discretion on the part of the service provider may also be an issue. Do you want them to advertise that your company is a customer? You would certainly not want them to be discussing security breaches with other third parties.
The following list serves as general recommendations when selecting an MSSP:
• Choose an (MSSP) you trust. Be prepared to use MSSPs you have not previously worked with that have proven track records with organisations like yours. Take references and go with personal recommendations.
• Select an MSSP that understands the needs of its customers and has the required technical capabilities
• Ensure that the service provider has financial stability. Do your due diligence!
• Choose an MSSP that can be flexible and willing to cater for different business needs.
• Make sure employees in your organisation and those at the MSSP understand the limitations on what you are allowed to outsource imposed by industry bodies, government agencies and others.
• Appoint one person or team as the contact point for the MSSP.
• Make it clear what the MSSP is allowed to do without first consulting you. Major incident alerts must have clearly defined escalation paths. Be clear about who should be notified when a critical incident occurs.
• Ensure that all employees are aware of the contract and its effect on them.
Finally, remember that while using an MSSP relieves the burden of managing those aspects of security in-house, it does not relieve the responsibility your organisation has regarding liability if there is a security breach.
It’s important to acknowledge that reversing the outsourcing decision can be an expensive exercise as it would probably entail rebuilding both IT Infrastructure and staff.
By outsourcing security operations to an MSSP, your business can improve its security posture while avoiding a large investment in technology and resources. These potential benefits can only be achieved by selecting the right managed security services provider.
To Learn more and how to do it Right, call: (407) 965-1910 or go to: http://www.cherubnetworks.com/managed-services.php
Cherub Networks LLC is well known for it's flagship product iTGuardian Managed Services which is designed exclusively as a managed or hosted solution to provide our customers with the most cost effective management of their IT infrastructure 24x7. Cherub Networks uses iTGuardian enterprise class technology helping you provide end-to-end monitoring and management of your IT infrastructure over the secured and encrypted Internet connection. This solution helps Cherub Networks deliver an unlimited range of unique managed services, providing extraordinary levels of performance and availability for you, our customer. iTGuardian Managed Services Benefits.
Office in Orlando Lake Mary Longwood Lakeland Tampa Daytona Beach Maitland St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral MSP continuously monitoring healthcare network infrastructure Microsoft patch managing all critical systems Advanced Technology Service Hosting Hosted Data Center Exchanges Sharepoint SQL Event Log Application Backup Firewall Capacity Disk Space CDW Online Backup DR Replication De-Dup De-Dupe iSCSI SAN NAS GRID computing on demand storage Cloud We are well known for desktop, server and network monitoring, management, security online backup cloud computing storage archiving VoIP Hosting top 10 Virtualization HaaS SaaS Help desk 24x7 for small medium enterprise SMB SME employees IT as a service software hardware support onsite remote hosted exchange sharepoint fixed cost cutting solutions microsoft hp symantec spam barracuda anti-virus gartner magic quadrant robo soho GRID on demand ibm dell cdw low cost budget HaaS disaster recovery business continuity SaaS capacity cost per gigabyte firewall HaaS SaaS evault seagate iron mountain