efficient devices-and-articles #iclassed, standardized technical advisors' facilities

Posts

Showing posts from 2010

Internet Governance Forum (IGF)

The IGF is a worldwide multi-stakeholder event, with mandate from Paragraph 72 of the Tunis Agenda, and is convened by the United Nations (UN) since 2006. It is now on its fifth run which will be held in Vilnius, Lithuania and the theme is, “ IGF 2010 – developing the future together ”. In the Philippines, Advance Science and Technology Institute (ASTI) and Asia Pacific Network Information Center (APNIC) will be making available remote sessions to be held in Audio Visual Room, CICT-NCC Building, C.P. Garcia Avenue, U.P. Campus, Diliman, Quezon City. Here is the schedule: If interested, in fact, everyone is encouraged to join, please contact Ms. Ryne Amatorio from ASTI with these telephone numbers +63.2.927.2557 / 927.3093.

Know thy time

It's a statement and work of Peter Drucker. He's the management practice master, the dean of the profession and the discipline in general according to his works, literature and practitioners themselves. He's behind the notable Non-profit's Drucker Prize for which he defined innovation as change that creates new dimension of performance , which means very big about time in human activity. Leaders of all organizations, in business, health, education, technology including but not limited to innovation, except military which may vary in high degree for some reasons, knows about management and why time is the best argument for humans to not forget when doing their job. In consulting, generally, this is probably the main reason why their outcome is crucial and that their fees are not that cheap. They do understand their job, the value they create and contribute to the organization they work with. They can also be fully aware to the broader aspect of business which is the sub

Cyberspace added another dimension in warfare

Cyberspace has become the (new) fifth domain in warfare after land, sea, air and (orbital) space according to Economist’s article . If we have been following events about how the Internet has been playing a role in our lives, on how our organizations functions and our governments provide services to the public, we would have noticed some extra-ordinary events that had already happened. Some are very nice and others the not so good. How are we preparing to embrace the new generation securely?

iclassed Educating

Our training is based on decades of industry experience and IT practice consulting with companies. It's not only the result of empirics within which we deal on IT directly. Our consultants' work goes along with their delivery an extensive research of their subject(s), making sure they will resolve successfully. The goal is to make sure participants, IT practitioners or internal staff are not simply going to be dependent what the their current IT efforts are telling them to do. There is always work to be done within business-IT ecosystem even when everything seem to be working perfectly. Modules include: 1. Productivity in the Knowledge Era *, 2-day; 2. The IT Practice , 3-day; 3. Business-IT Fabric (or simply) Cyberstrategy (in our own terms and language), 5-day (3-day lecture, 2-day practical workshop, best deal for you and especially your company). A professional education concentrated with business and enterprise productivity and major efforts constituting IT through: 1.

Consulting, managed services and differentiated IT solutions

Never have IT been as exciting and challenging as today due to > business systems—don't forget society's—continuing technological advancement; and > conformance (or compliance ), administrative and technical aspects especially for regulatory requirements . If you take adaptation of standards and compliance of regulations as expensive for you, your team and your business, we can help you reverse that experience. They are going against our very normal way of doing things or becoming a lot more inconceivable to our already demanding duties and responsibilities. It simply means they are all coming along for us to confront them. We can do it in an affirmatively flawless manner. As much as possible the disbursements wouldn't have to be imperceptible or quetching anymore. If it was, that is. For a very quick engagement with our clients, we have laid a solid foundation for their business systems and IT. We’ve repeatedly been saying these for m

Information security

The ISO/IEC 27000:2009 provides overview and vocabulary for the information security management system, the ISO/IEC 27001:2005. It defines information security as a preservation of confidentiality, integrity and availability of information. In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved. In order for an information security activities to be successful, one would have to think about the mentioned preceding elements. Considering a top secret information, which the stakeholders cannot allow to be processed through the systems and internetworks without a good mechanisms in place. Doing so otherwise would only put information in peril. It may also be that information could never be trusted completely. Taking into account all factors and resources have been in proper places. Let us look at the two important mechanisms that may satisfy the above mentioned security elements: Cryptography and digital certificates

EU unveils five-year digital economy plan

If you are going to look at the targets, they not really are going to be delivered in that span of five-year. It maybe that is to initially put all of the foundations (e.g. infrastructure to be laid out all of EU) necessary to accomplished the mentioned targets. After the infrastructure and other critical dependencies has been deployed and ready, I am thinking enabling the services would no longer be that hard considering said foundation has been carefully planned, designed and delivered to provide necessary services to the member countries and stakeholders. EurActiv have just posted on 19 May 2010, European time, a report by European Union’s five-year plan to concentrate on infrastructure for high-speed Internet. The following are the main objectives in support of the said plan: Ultra-fast broadband by 2020: 50% of European households should have subscriptions above 100Mbps (no baseline). Promoting eCommerce: 50% of the population should be buying online by 2015. Cr

Interconnected Philippine islands

With the recently concluded automated election, where only few were said to be not reach by the telcos to transmit results, there is a good chance that all over or majority of the parts of the Philippines is now possible to be connected to the global Internet. If the government, in support to the Strategic Roadmap for the ICT Sectors, ESkwela, et al, is going to pursue and fund the program as an immediate and priority project the connectivity can now happen or at any moment on. That is if the connections used during the 10 May 2010 automated elections are to be considered for the mentioned government projects.

Probing mobile networks

On 14 May 2010 we were scheduled to go to several places and decided while on the road to use our phones to check how signals for Globe and Smart would switch from typical GSM signal or 2G, 3G and HSDPA or 3.5G. The phones we used are both SE with models of G502 for Globe and C902 for Smart. Both are 2G, 3G and HSDPA capable. Going to Libis, Quezon City, the following were the routes we take: From EDSA along Roxas Blvd > Gil Puyat > Finlandia > cross South Super Highway > Philippine National Railway > Dela Rosa, Pio del Pilar > Makati Medical Center > Dela Costa > cross Ayala Avenue > between RCBC building and Cityland > Gil Puyat > EDSA > Boni > EDSA Central > Shaw Blvd > Ortigas Center > San Miguel Ave > Julia Vargas > SM Pasig > Frontera > Ortigas Avenue > E. Rodriguez > Eastwood City Going to back to EDSA, Roxas Blvd, the following were the routes we take: Eastwood City > E. Rodriguez > C5 > Kalaya

Deal security

Do not talk security attacks unless things, in the first place, have already been ironed out. This can be taken up but not as the primary issue yet. It goes to say, particularly if information infrastructure is still being laid out, that ICT strategies e.g. few to consider are usability, capacity and security, and in general, have to be dealt with first and foremost. With all the tested technology specifically for security purposes, why organizations still cannot get rid of the attacks? The following few might be one of the answers: IPv4 is really not secure There is two or more, if not a single straight way, to mitigate it. If it is done correctly organization can still be secure. Plan IPv6 and turn it on now. Caveat: We still have to see how capable it is however the next generation Internet protocol has been addressed to have security integrated in the design. Funding not enough to address security Fund it or what many advised it never connect to the Internet.

What speed did you really subscribe to

For some customers who just want to have Internet connection, speed is 2MB wireless broadband, they would ask the telco’s sales representative if they can avail of the current offering, and if it is available in their area. Some sales representative would surely shoot it with yes, and we already have presence nationwide , and you would pay less from the service if you subscribe now. Maybe, because there is an on-going promotion especially if the so-called offering is a new service. Like for instance, a customer have subscribed on the service. The customer, does not know anything except that it already paid it and, is now ready and excited to use broadband. It turns to be not getting what has been expected. If you are familiar with the real situation you would always know there is an exception. Not all areas are suitable for that kind of speed or in other term frequency. Plus if you live, even though you are in the city, where, no signal is reachable, service is still being provision

Outsource overall management and operation of IT possible

With the ever increasing reliance of organizations to IT, and others not keen to supporting their in-house technical staff to update skills, there is a big chance they cannot deliver what is expected of them. Some years ago, many claims that IT already plays a major part in the business including national infrastructure like energy, finance and transportation. It is critical that IT including the most important element of it, the people, are given reasonable access to resources they require to become effective in what they have been assigned to do. Organizations even though they require it, cannot maximize IT if so-called resources are not being treated fairly. Solution is outsource overall IT activities. Though outsourcing has been successful in many areas, IT management and operations might require a different parameters, a carefully crafted policy, terms and service agreement, so customers are assured that IT is constantly being delivered to support the needs of the organization.

dotPH improved 24/7 downtime monitoring system

As a customer, I am updated with dotPH notification. Here is the new one, see below, received 7 May 2010. To our valued client, This is to inform you that we have expanded our downtime monitoring system to provide you better service. In addition to our 24/7 automated monitoring system, we have now assigned personnel to attend to webhosting and dotPH site downtime issues even after office hours. To report downtimes, call our office at (+632) 6372104-05, 6336906, 6354152 or 6384483. Leave a voicemail stating your domain name, mobile number, email address and the details of the downtime. Please be as specific as possible -- the more details you can provide, the better it will help us address the issue quickly and efficiently. A text message will be sent to the personnel on duty informing them that a downtime issue has been reported. An email containing a recording of your voicemail will also be sent to ensure that the downtime can be resolved as soon as possible. For

An IT consultant is

An IT practitioner, who is technical in various elements of, directly or indirectly relevant to its, business. The core being information technology and contiguous facilities, the kind of work we cover, in iclassed or as IT consultants, contractors, managed service provider and educators. It's number one in the entire agenda to be suave in its technical worth. The others or various number twos that require the IT consultant's attention, for the sake of being in business, are to take care of its market, customers, research, finances et al. That should mean the IT consultant must know its own business and is the real deal. An IT consultant must be an IT practitioner. It cannot be magic that all of a sudden somebody became an IT consultant, doing high level kind of job, they say. With solid foundations, these are learning, practice which must be encompassing and research at the very least, an IT consultant will have practical and tangible impact in the business. IT is not impo

The ingredients of good cyber security program

I am thinking, if an organization (or rather the world) is to create an effective cyber security initiative, it should have majority if not ALL of the following: Legislation and policy Law enforcement Inline with open and international standards Manpower Multi-stakeholderism Responsibility Global and common strategy Global cooperation Adequate funding Support and resources Carefully planned and designed infrastructure Education and training Innovation Development Fair business practices Clear cut public exposure Goodwill.

The pre- and post-acquisition of ICT

The acquirement part is of great sense. It involve not a only a single process. It can have varying activities from before, during and after the delivery of the acquired material or solution. The processes may include sub processes and it gets down to having the pre-acquisition and post-acquisition. Underneath the sub processes may go through different stages which starts with careful planning, designing, et al. If you go to your finance and ask for some money, more often than not, you are asked, for what purpose it is going to be used about. It is typical. Come budget forecasting season, allocation of ICT stuff depending on their lifecycle, where there are some that needs to be replaced and upgraded, everything that is perceived to be necessary and important to operate a peaceable ICT environment must be diligently allocated a reasonable amount. The figure is a CALMS, just to show where is pre- and post-acquisition. Investing in ICT by all means is (can be more or less) about

Organization's stakeholder on the same page with ISO/IEC 38500

The key stakeholder in a publicly traded organization is board of directors. They are charge, on behalf of the company and shareowners, to deliver and achieve corporate value. On top of anything, is to take care of their money (see on CG of MS, NASDAQ, WB), it takes into account the overall resources; it also facilitates direction and oversees organizations' capability to achieve goals and comply on regulations. Management down the ranks does the rest, working on every details from reporting to supporting business operations and future plans. The capability of any organization to attain expected outcome depends on how both board and management ascertain the need in, for the purpose of the subject take IT. Business people, unless former or current ICT practitioner, rarely knows about the field including the detailed part of it. Management have lots of experts though (from being an specialist of certain IT task, analyst up to managerial level) to rely on when necessary. Many high-lev

SOX ACT 2002 Section 404 and ISO/IEC 38500

Sarbanes-Oxley Act 2002 is a U.S. law. The passage of the bill is to improve quality and transparency in financial reporting and independent audits and accounting services for public companies in the U.S. including companies that are non-U.S. but being traded in any of the U.S. stock exchanges. The SOX during its early days perceived by many it is not reasonable, in some unexpectedly high even to large publicly-traded corporations. It creates even more burden for smaller reporting companies. With the incarnations being made by concerned regulatory organizations, in this instance the SEC and Public Company Accounting Oversight Board (PCAOB), issues mentioned have been continuously addressed and the law become more relevant for organizations to comply (and even adapt in other cases) to make financial reporting accurate as well as reliable and secure information technology for internal control. Since after the 2007 reforms, which is referred to the released of the new PCAOB Accounting Sta

Cyber bill if pass require a worldwide effort

Following few statements about what the bill is by the authors. Since the Internet is of global in nature, a legislation that address global cyber crime may be needed. Also, maybe it can do good for all. “Cybercrime must be a top priority for our national security,” Gillibrand said in a joint statement with Hatch. “If we’re going to protect our networks, our infrastructure, our economy and our families, we have to go after cyber criminals wherever they may be — and it must be an international effort." “Cybercrime is a serious threat to the security of the global economy, which is why we need to coordinate our fight worldwide. Until countries begin to take the necessary steps to fight criminals within their borders, cybercrime havens will continue to flourish,” Hatch said. One of the authors have reported how much New York businesses are losing because of cybercrime. The U.S. law would be called, International Cybercrime Reporting and Cooperation Act . In fact, prior to this law,

8Ps preview

We've seen varying and elaborate ways to accomplish uncommon artifacts and rock solid business systems but still we had to create our own. For a simple reason, methodologies are not always full-clad, and practitioners concur on and adjust them, subsequently, overcoming problems and be able to pull through on agreements and goals. That's why we had to establish our own basic prerequisite for whatever job we should be in -- Purpose (Initiative, beginning of master plan) - does it solve issues for or augment the business? People (Strategy and requiring correct Specifications) - who can deal with such assignment? Humans make everything and miss a lot! Product (Architecture and Technology) - do we need it and how do we use it? However and whatsoever they are must not influence the major portion of the decision. Policy (Practices, Standard, Rules, Regulations and Laws) - we need comprehensive and panoptic guidelines. Process (Action guided by the purpose ) - make sure we are cons

In spite of the many security development, IPv4 still have flaws

Not fine, solved, okay but the correct term, maybe, on IP version 4 security is, mitigated. Isn't it safer to say that way? While working on our presentation slides to be delivered next week to one of the computing organization's cyber security event in the country, I connected my computer to the Internet to look for claims, that IP cannot provide 100% guaranteed security, at least for now, it may also be forever, particularly on matters that concerns politics -maybe the toughest concern ever, maybe national infrastructure too, high-profile individual and organizations and more. They developed the Internet Protocol version 4 without considering security in the design [and the myth that the Internet protocols were designed for warfare environments, CPNI, 2008]. According to the report, in page 5, "As a result, any system built in the future according to the TCP/IP specifications might reincarnate security flaws that have already hit our communication systems in the past. Pr

Internet Society Next Generation Leaders

ISOC: Are you a Next Generation Leader? Each year, the Internet Society will accept a group of qualified young Internet professionals from academia, the public sector, technology industries, and civil society into its Next Generation Leaders programme. Candidates will be between the ages of 20 and 40 and must be able to demonstrate leadership potential in their chosen field. Individuals accepted into the programme will automatically become Global Members of the Internet Society. Accordingly, the Internet model of decentralized architecture and distributed responsibility for development, operation, and management has been the catalyst for boundless innovation and creativity. That model also creates important leadership opportunities, especially in those spaces where technology, policy, and business intersect. Please find more about the program at ISOC Website .

ISO/IEC 27003:2010 ISMS' implementation guidance

It is new and got published 13 Feb 2010! This standard, accordingly, focuses on the critical aspects needed for successful design and implementation of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2005. It describes the processes of ISMS specification and design from inception to the production of implementation plans, obtaining management approval to implement an ISMS, defines a project to implement an ISMS and provides guidance on how to plan the ISMS project, resulting in a final ISMS project implementation plan. The ISMS or ISO/IEC 27000 family composition: - 27000 is overview and vocabulary (can be downloaded here for free); - 27001 is requirements; - 27002 is code of practice; - 27004 is measurement; - 27005 is IS risk management; - 27006 is requirements for bodies providing audit and certification; - 27011 is guidelines for the telecommunications industry. The above are published documents and more from this family of standards are still in

Corporate governance of IT

A small and purely a consultancy firm (registered in Philippines), StrateGICT Company, says, the high level principles-based advisory standard, the Corporate Governance of Information (and Communications) Technology or the so-called ISO/IEC 38500 have taken its own place, along the many and earliest IT management systems e.g. ITIL, ISMS, QMS, et al, as a valuable resource particularly developed to aid, however not limited to, business owners and directors to achieve the paragon of, no matter how small or big the organization is, including how they can understand and coherently extend and discharge duties on, their strive in IT. According to the standard, it must be effective, efficient and acceptable. Where each of the six principles namely: 1. Responsibility; 2. Strategy; 3. Acquisition; 4. Performance; 5. Conformance; and 6. Human behaviour; in conjunction of their use of IT, should be evaluated, directed and monitored.

Computer as a Driver

Yes, I did say that. Human would feed the instruction and the computer would drive it in its own without any hitch. Computer can be a driver to all, even people can be drive by. Computers are being used to facilitate day-to-day activities including operation of businesses, provide efficient and quick services, controls transportation unmanned and those travelling in space, helping medicine, reach out to loved ones and even committing crimes. In a great context the technology can contribute significant effect to characters and activities. It follows what is being instructed to do for and only human can discern a profound choice which is supposed to be drive by. It must be for good and the right ones, an instrument that would provide amplest benefits to all. Otherwise a corrosion loom towards. That is not so good.

Data privacy

Who needs it? I would say all. Not only human being would require their confidential information must be protected at all times. It includes electronic transactions and media, devices, archival, repositories and more, where a bulk of information are cast. In compliance of international standards, laws and regulations, considering they are engage effectively, individual and organizations could attain their required level of information security. Data Privacy Day is celebrated (worldwide?), January 28 every year. It promotes events and activities that stimulate the development of technology tools and create dialogues among stakeholders interested in advancing data protection and privacy.

One-sided look: (A short tale on) Infrastructure Security

Security, as they may say especially from specialists, without doubt has great impact to stakeholders and organizations that wants all its assets, except those of meant to be public, be protected at all times or when it is warranted. In the case of a critical information infrastructure, there might be a one-sided answer that IT specialists would at first hand consider before dealing on any other security solutions. Look at how internetworks is link on one end to the other. There are many different ways a multiple network sites could be interconnected, most popularly through the Internet, however the choice still depends on the kind of data that flows through it. Say at Qwerty Auto Elec Company (QAEC in short, fictitious organization name only), the riches and biggest, wanted all of its domestic and international offices linked altogether and must be secured without regard to drawbacks. It does not want its information leaked, no unauthorized access and ingress attacks (e.g. DOS) on the

Search This Blog