New Books

Click on a book cover for more information or to order.

The Top Trends Shaping Business Analytics
While the practice of collecting and extracting intelligence from business information is not new today's analytic requirements are evolving dramatically. Business managers need answers today or tomorrow, not next month or next year. They need to capture and make sense of massive volumes of data spanning both traditional sources, such as transactional systems, as well as an ever expanding array of data from online and mobile devices. And in an economy that's forcing everyone to do more with less, they need scalable, affordable and simple-to-use solutions. Here are the top trends shaping analytics in 2010 and beyond.

Five Ways to Increase Operational Efficiency with Alert Management
An alert management platform empowers companies to target actionable information from IT applications and systems automatically to the employee who can resolve the issue--escalating as necessary. Effective alert management provides the tools to access internal systems and address events from a mobile workbench as well as resolve issues from any web-enabled mobile device. Process acceleration and service improvements can help resolve incidents an average of 40 percent faster, saving up to millions of dollars annually. There are five ways that implementing alert management can immediately increase operational effectiveness across the enterprise--including process and efficiency improvements in incident, service, and change management--while significantly reducing costs.

Ten Steps to Sarbanes-Oxley Compliance
One problem with the implementation of SOX is that it tends to set a standard for compliance that may be inadequate. Meeting SOX standards--i.e., passing 404--does not imply that a firm or an IT department has the processes in place required to manage its business. Nor does it mean that an optimal level of control exists anymore than having a pulse signifies good health. SOX compliance is the minimum standard, not an optimum standard. Regardless of your firm’s current maturity level, you will need to demonstrate SOX compliance efficiently and honestly. This article describes the typical steps required to pass section 404.

Troubleshooting 10 Gbps Networks
With 10 Gbps network deployments finally taking off in 2009, the focus of network administrators is now turning to the challenge of managing 10 Gbps networks and in particular to troubleshooting these networks. Existing network management tools can provide an overview of the network, but these systems are only as good as the information provided to them. By employing proactive performance monitoring tools in the network, problems can be avoided and if a network error occurs, the cause of the error can be quickly detected by utilizing the information gathered by these tools. This article by Dan Joe Barry from Napatech looks at some of these tools outlining the benefits that they provide for network administrators.

The 'New Normal' and Its Effects on Supply Chain Management
Senior managers in many businesses are using the catchphrase "The New Normal" as if it were a prescient view of the way things will be from now on. For those managers this view is unfortunate because their perception of The New Normal suggests a sort of baleful future in which everyone will have to do with less. In the supply chain management space, the New Normal perception usually translates to "fear driven." And that usually manifests itself in one of two reactions.

Stretching the IT Budget: Look Beyond the Obvious
IT departments willing to look beyond the surface and the obvious can often eliminate apparent tradeoffs without having to choose one side or the other. When faced with a situation that appears to force a tradeoff, try to examine the problem from a different angle. Taking this fresh-thinking perspective can stretch the IT budget to achieve goals that you might otherwise forgo in an environment of severe financial constraints.

The Keys to Intergenerational Harmony
Most of what's been written about multiple generations working side by side has come from those of us who are considerably older and more experienced than our Gen X and Gen Y counterparts. In this article, Sheryl Lindsell-Roberts and Nancy Settle-Murphy sought the perspectives of some of their Gen X and Gen Y colleagues. After all, for all of the wisdom we older generations think we have to offer, the Gen X and Y folks of the world have a lot to teach us, too.

Software Testing Project Execution
In an ideal world, project planning would be the main task and project execution would be like pressing a button to start and finish it. Alas, this is not the case. In many industries execution is still the king. This is because despite all the advances in automation and standardization of processes, executing any plan is still difficult. The road to execution is laden with unimaginable pitfalls and unavoidable circumstances that ensure that execution is a challenge and not a walk in the park.

12 Dangers of Endpoint Security
2010 promises to be filled with new technologies giving SMBs access to a growing variety of IT tools to improve productivity, such as netbooks, smartphones and cloud computing-based services. But without adequate endpoint security best practices in place, a business leaves itself open to external and internal threats that can cripple it. To enable SMBs to get maximum benefit in 2010 from these technologies, Symantec has developed a list of the "12 Dangers of Endpoint Security" to help SMBs and their solution providers identify and thwart them.

Why Are Information Technology Controls and Audit Important?
The role of IT control and audit has become a critical mechanism for ensuring the integrity of information systems and the reporting of organizational finances to avoid and hopefully prevent future financial fiascos such as Enron and WorldCom. Global economies are more interdependent than ever and geopolitical risks impact everyone. Electronic infrastructure and commerce are integrated in business processes around the globe. For the IT auditor, the need for audit, security, and control will be critical in the areas of IT and will be the challenge of this millennium. There are many challenges ahead; everyone must work together to design, implement, and safeguard the integration of these technologies in the workplace. The chapter from Information Technology Control and Audit, Third Edition by Frederick Gallegos and Sandra Senft explains why.

The Internet Security Landscape: A Look Back at 2009 and Predictions for 2010
It's been said we should learn from the past, live in the present and plan for the future. Symantec Security Response's top researchers analyzed the data they collected over the past year and compiled a list of the top security trends they saw from 2009. In their quest to stay ahead of the bad guys and anticipate security protection needs for their customers, they also theorize on what they expect to see in 2010. One thing is for certain, Internet security threats are not diminishing or going away. These researchers expect to continue to see an increase in sophistication of security threats and social engineering tactics in an attempt to victimize computer users.

Improving Performance in Troubled Times through Distance Learning
This article maps out several important steps to creating a successful multifaceted distance learning program. The starting premise: Simply throwing a slide presentation onto a website, while it may be fast and inexpensive, almost never achieves the intended results. Instead, it is a thoughtfully-created program that encompasses a variety of learning activities that can cultivate skills and accelerate time to practical application.

Introduction to Risk Analysis
Risk management is a process that provides management with the balance of meeting business objectives or missions and the need to protect the assets of the organization cost effectively. In this period of increased external scrutiny due to the myriad questionable management decisions and the corresponding legislative backlash, risk management provides management with the ability to demonstrate actively due diligence and how they are meeting their fiduciary duty. This chapter from How to Complete a Risk Assessment in 5 Days or Less by Tom Peltier examines how risk analysis helps managers meet their due diligence requirements.

Top Five Considerations When Retiring Legacy Applications
Due to the tricky nature of retiring legacy systems, managing the retirement of these systems must be completed in stages, and not by adopting an overly simplistic unplug-and-play approach. So how should a legacy application retirement project proceed? While there are in fact no hard and fast rules, here are five general tips for you to consider.

How to Make the Transition to the Collaborative Web 2.0 Work Process
According to research, eighty percent of the future collaborative work approach will be inspired by Web 2.0 technologies. As more companies are turning to cloud-based solutions to business computing needs, it becomes more obvious that Web 2.0 has much to do with the way things are shaping up in enterprise technology. At this point however, the trick is in making the smooth transition from file-based and offline methodologies to the collaborative "always on" approach. Here are five tips to help you make the transition to a collaborative Web 2.0 work process.

Data Protection: Where the Problems Lie
This article looks back at the foundations of data protection. It discusses how the introduction of RAID technology changed data protection and why RAID alone is not enough. It then discusses what needs to be done to provide better logical data protection. It closes with why disaster continuity faces issues related to cost, distance, and under protection and some recommendations for improvement.

The Insider Threat: A View from the Outside
Most employees and contractors are trustworthy and contribute their energy everyday towards the company mission. However, unexpected, disappointing events can cause individuals to perform criminal activities and they are sometimes unaware of the magnitude or the consequences of their actions. To provide adequate information assurance, special attention to the insider threat should be built into our security programs.

7 Steps for Staying Relevant in a Tough Market
This article describes a number of ways you can shore up your knowledge, skills and qualities that are likely to help position you favorably among employers, clients and business colleagues, especially important during these increasingly competitive times.

CIO Core Skills and Career Development
CIOs vary in appearance, age, gender, educational background, hobbies, and personality. There is no average CIO. However, successful CIOs have a core set of skills that allow them to succeed in an age of complexity and constantly shifting business requirements. This piece outlines the skills, challenges, and important management and information technology subject matter to help you with your own career and long-term strategic planning. Every successful person acknowledges the need for discipline - going beyond the "order-taking" mindset and deliberately working toward increased personal productivity, satisfaction, and contribution to the business. The following provides a high-level road map to becoming an effective CIO.

Overview of Software Testing Techniques
Software testing, as a separate process, witnessed vertical growth and received the attention of project stakeholders and business sponsors in the last decade. Various new techniques have been continuously introduced. Apart from the traditional testing techniques, various new techniques necessitated by the complicated business and development logic were realized to make software testing more meaningful and purposeful. This chapter from Software Testing and Continuous Quality Improvement, Third Edition by William Lewis discusses some of the popular testing techniques that have been adopted by the testing community. These techniques are Black-Box Testing (Functional), White-Box Testing (Structural), Gray-Box Testing (Functional and Structural), Manual versus Automated Testing and Static versus Dynamic Testing.

Survey: Employees Plan to Spend Nearly Two Full Work Days Shopping for the Holidays Using Work Computers
This holiday shopping season, employees plan to spend close to two full working days on average shopping online from a work computer-one in 10 plan on spending more than 30 hours shopping online from work. This according to the second annual online holiday shopping survey conducted on behalf of ISACA. The potential danger of shopping online is that it can open the door to viruses, spam and phishing attacks that invade the workplace and cost enterprises thousands per employee in loss productivity and potentially millions in destruction or compromise of corporate data. This article highlights security tips for employees and businesses.

Challenges Observed in System Architecture Engineering Practice
General system architectural engineering challenges are not the only ones faced by system architects. While working on numerous systems development projects, the authors have also observed and experienced the following significant architectural engineering challenges reoccurring repeatedly in practice despite near-heroic efforts made by many dedicated and professional architects. This abstract from The Method Framework for Engineering System Architectures provides a more detailed description of each of the above challenges observed in system architecture engineering practice.

The Top 10 Strategic Technologies for 2010
Gartner, Inc. analysts highlighted the top 10 technologies and trends that will be strategic for most organizations in 2010. Gartner defines a strategic technology as one with the potential for significant impact on the enterprise in the next three years. Factors that denote significant impact include a high potential for disruption to IT or the business, the need for a major dollar investment, or the risk of being late to adopt. These technologies impact the organization's long-term plans, programs and initiatives. They may be strategic because they have matured to broad market use or because they enable strategic advantage from early adoption.

Prevent Identity Theft with 12 Tips for Safe Holiday Shopping Online
As more business is conducted online and sensitive data is stored on personal computers, the risk of electronic fraud increases exponentially. The holiday shopping season further increases this risk as online retailers provide heavy discounts to attract consumers searching for the best deals. If history repeats itself, Monday November 30th, better known as Cyber Monday, will be the largest online shopping day of the year. And while shoppers look forward to this day, identity thieves are even more eager to steal the plethora of personal information that will be shared between consumers and businesses. Here are 12 tips for savvy consumers who wish to protect themselves this holiday season.

Getting Started with Security Metrics
In this audio interview, Krag Brotby, author of Information Security Management Metrics, explains the necessary preliminary steps you need to take before you start to collect data. It's a process of first determining the outcome, then the objectives to achieve that outcome, the strategies needed to reach the objectives, and finally the metrics needed to manage the process of achieving the outcome. As he makes clear, a security metrics program is much more than data collection and analysis.

Introduction to Computer Ethics
This introduction to computer ethics by Rebecca Herold traces its history, covers regulatory requirements, discusses various topics in computer ethics, highlights common fallacies, codes of conduct, and resources.

The Secrets for Giving Feedback to Millennials
Managing Millennials may be challenging. But when you take the time to consider reframing your communication, you'll find that your Generation Y employees will respond with enthusiasm and commitment. You may even be surprised at how well this applies to all generations of employees.

Supplier Risk Management
Spend analysis is the process of determining what is being spent, with whom, and for what. Such an insight is typically used to identify opportunities for cost reduction such as rationalizing supply base, increasing contract compliance and reducing maverick spending. This article explains how spend visibility is also critical in determining the risk to supply chain from the supply base. Spend analysis, though a critical step, is one of the many steps that an organization must take to manage supplier risk. The article concludes with a list of top 10 activities to reduce supplier risk, based on best practices in the industry today.

7 Questions to Ask Before Building an IT Strategy
Even as modern economic activities rely heavily on sound IT strategies, many organizations fail to take advantage of the many opportunities that technology can provide. For instance, some types of can improve processes and profit margins. Clearly, there is a gap between the availability of infrastructure, and what enterprises actually need to overhaul at their place of business to benefit cash flow. Before formulating your company's IT strategy, there are a few questions that you should ask.

Could Your Mobile Device Land Your CEO in Court?
There are many industry specific compliance regulations that are there to protect customers’ personal data and yet so many companies are still contravening these statutes and laws. So, if you lose your mobile device with work data on it or details of your customers, who is liable? Even if you own the device and it has work related data on it, your board of directors could be liable so effectively you could land your boss in court. That’s great fun if you hate your boss, but on the serious side most companies are just not aware of the implications or regulations of protecting data. This article outlines why companies should be protecting their data and how they can go about doing this.

Community SaaS: If you Build it, Will they Come?
A SaaS infrastructure is one of the best ways to enable growing communities of partners to work together in a cohesive rather than silo-ed or adversarial way. However, unless companies focus on that "little detail" of making sure that partners are actually using the SaaS solution, then the idea of communities enabled by SaaS and Cloud Computing will also die a slow death. Because the success or failure of SaaS does not rest solely on IT’s shoulders, this article discusses ideas for how IT can educate the business side of the company to create shared responsibility for effective SaaS implementations.

The Crisis Management Plan
The Crisis Management Plan is a documented plan detailing the actions the executives want to be taken when a crisis strikes the organization. It is designed to put order into confusion. After a crisis has surfaced, the executives who have been selected to serve on the Crisis Management Team work together to achieve control of the crisis in order to minimize the impacts of the crisis. When a crisis has reached the acute stage, the team employs the steps defined by the plan. Adhering to these steps will enable your organization to achieve control of the crisis. Remember that the key to successfully managing a crisis is to "Be Prepared."

Small Projects Management: 7 Tactics That Pay-Off Big!
If you're a software project manager, challenging projects and difficult clients can make your job quite stressful. From budget constraints to unrealistic expectations, small to mid-size projects can be difficult to manage. Addressing key problem issues faced by many project managers responsible for smaller projects, this article provides a workable framework for planning and monitoring. Guarantee the success of your next small project using the seven sure-fire strategies found here.

The Business Survivability Question: Is Your Data Safe?
Today's workforce requires immediate access to information, applications, coworkers and customers. Both large and small enterprises are increasingly online, mobile and Web 2.0-driven. These advancements illustrate that IT is no longer just a business tool; it is business. Yet every year businesses experience the effects of data loss stemming from information technology (IT) network outages and as IT systems fail, daily operations follow, and the results can be fatal. Businesses should strive to create a high availability infrastructure that responds robustly to new-age business challenges and disruptions. Data replication solutions can play an important role in implementing high availability. They can also serve as a cornerstone to effective business continuity (BC) and disaster recovery (DR) strategy and they can be very affordable.

Devising a Workable IT Planning Strategy
Effective decisions are elusive without good planning abilities and good decisions about how IT should be deployed and managed are no different. Consistent decision-making requires a defined framework, methodology or, in short, a process. So if IT planning consists of all of the activities that support consistent decision-making, then the IT planning discipline has to be made up of activities performed in a process that is repeatable, has defined responsibilities, has a defined order to the activities and is auditable. As this article explains, to make quality decisions, the process should provoke the right questions and supply the information that can support the decision-making.

12 Things You Should Know about Cloud Computing and Software as a Service
This article provides a list of 12 things you should know about SaaS and cloud computing.

Storage and the VMware VMFS File System
When designing a Virtual Infrastructure environment, one of the single most important things to consider and plan for is the storage backend. There are several options available that range from local storage, Fibre Channel and iSCSI. The first thing to think about is where you store and run your virtual machines. VMware's VMFS file system is specially designed for the purpose of storing and running virtual machines.