IT Trends & Technology

First National Technology Solutions (FNTS) has been certified by Deloitte & Touche, LLP to be SOC 2 Type II compliant by the standards of the American Institute of Certified Public Accountants (AICPA), announced Rob LaMagna-Reiter, director of Information Security.  “Providing our customers with added peace of mind regarding the security and availability of their data demonstrates that we remain committed to giving them the confidence that their information is secure within a data center that has gone through a stringent and rigorous audit process,” he said.

Retirement, this word can invoke many different feelings when spoken.  For those that are up in years, they can look at retirement as one big, long vacation! Woohoo! Can’t wait, right?  But for those that are ‘retiring’ from playing their favorite sport at a ripe age of 30, they may not be so enthusiastic about the concept.  And so there are different reactions to this word ‘retirement’.  For me, I would like to retire sooner than later so that I have some good years left….but I digress.

Private cloud solutions make sense when they make sense. One of the challenges for the CTO of a company is trying to determine if their strategic IT direction will be to utilize a private cloud.

What can companies do about the security of private company information when it comes to employees using their own devices for work?

Do:

The most important thing for a company is to have a plan. Without it, you will be playing catch up as employees bring their own mobile devices into work. Make sure you understand what data must be protected and the storage requirements necessary for it. There are many types of data ranging from intellectual property to protected customer information such as personal financial information, customer credit card data (PCI), or protected health information (HIPAA). Each of these may require different levels of control/protection. In addition to information protected by laws and regulations, your contractual relationships may determine how data is accessed and where it is stored. Control and protection of information may range from basic vendor management, encryption of data at rest, to prohibited devices. [Note: If you have PCI or HIPAA requirements it is best to discuss this with a PCI or HIPAA expert.]

In the midst of spring, the severe weather threats of torrential rain, hail, and more importantly, high winds and tornadoes.  Many companies, especially small organizations should be reviewing their disaster contingency plans. However, many do not have adequate, if any, business continuity plans or have heavily outdated plans that are not reviewed regularly from an IT perspective in the event of a disaster.

Recently, I had a relative whose laptop died and she was upset about losing all of her data.

Five 9s, or 99.999%, refers to the desired availability of a given computer system. Having a 99.999% means the system will deliver its service to the user 99.999% of the time it is needed. In total, the only downtime in a given year calculates out to five minutes and fifteen seconds. Five9s is recommended for mission-critical data and e-commerce.

I get the pleasure of working with several refrigerator-sized storage subsystems capable of holding several hundred to thousands of spinning hard drives and solid state devices. These drives combine to store and service Petabytes of data.  One of my main responsibilities is ensuring your data is available even if a few of those drives go bad and fail. I often get asked about data protection, so I thought I’d review one of the tools we utilize within our arsenal – RAID (Redundant Array of Independent Disks)

One of the first questions I get from most prospects is “What does FNTS provide for Disaster Recovery?”  The answer is: a lot.  But let me digress before tackling the answer in detail.

Many of you may be a little nervous about placing cardholder data in the “Cloud”.  Don’t worry-this is a normal and welcomed concern.  In February 2013, the PCI Security Standards Council released an Information Supplement titled PCI DSS Cloud Computing Guidelines.  This supplement provides organizations guidance if they are going to be placing cardholder data in the “Cloud”.

How many of us receive e-mail on a monthly basis from our financial institution?  With the technology that we have today I am guessing that most of us receive statement notifications electronically instead of via the post office.  How many of us can actually tell whether or not the e-mail received is legitimate or from someone trying to obtain the username and password to your account?  There are a few signs that you should look for before clicking on a link in any e-mail you receive.

The acronym BYOD or Bring Your Own Device, is taking the business world by storm.