Quick actions help financial firm avoid security disaster

While most of the IT world has been spared a devastating security attack like Blaster and Sasser for the last few years, the damage wrought by all manner lesser-known computer viruses continues to inflict corporate pain. 10 of the Worst Moments in Network Security History For example, New York City-based investment firm Maxim Group, faced a security ordeal this year when a virus outbreak pummeled the company's Windows-based desktop computers and servers. "On early April 15th, a few people called to say they were having problems with their computers," relates John Michaels, CTO there in describing how the investment firm's IT staff started to get an inkling that morning that something was terribly wrong. "After looking into it, we knew something bad was happening, affecting all our users, and my servers." Malware was disabling applications by corrupting .exe files so they wouldn't open once they were closed, while also making thousands of connections to servers, saturating the network. "It damaged all the .exe files by corrupting them," says Michaels. "People were logging on and getting a blank screen." The virus was altering the registry of the computers. Maxim Group didn't have a centralized antivirus product in place, having allowed various groups to go their own way with differing products. In response, Maxim Group told the approximately 325 computer users not to shut down the computers while Michaels and his team contacted vendors for assistance. The decision to change that practice was made on the spot.

It wasn't easy. "Symantec took about three days to identify what the variant of the virus was," Michaels says. "They said they had never seen a variant of this." The virus was finally identified as a variant on "Sality," an older virus that strikes at .exe and now also will install a backdoor and Trojan. "We asked Symantec, are we the only ones telling you about this? Antimalware vendor Symantec was called in to set up a centralized antivirus server, while also attempting to analyze what the malware was and advise on clean-up. And they said 'We have 3 million infected.'"Cleaning up more than 300 virus-riddled PCs was a huge headache. In the course of beating back Sality, Michaels says he also contacted another vendor, Cymtec Systems, whose product he had demoed, to install the security vendor's Sentry gateway, which monitors traffic and bandwidth usage, enforcing Web site policies and blocking antimalware. Symantec advised total re-imaging of the computers, which Maxim Group undertook, a process that consumed several weeks.

The reason for the Sentry gateway is to prevent employees from going to "Web sites they probably shouldn't," especially as Web surfing raises the risks of malware infection, Michaels says. To this day, Michaels says he's not sure how the Sality variant got into Maxim Group's network to explode in that April 15 outbreak. "Maybe it was a Web site or a USB device, I don't know," Michaels says. But the virus outbreak also showed there was communication from the infected PCs to what might be a botnet. "They were connecting to rogue Internet sites," Michaels says, saying Sentry would help monitor for that kind of activity in the future. But on that day things changed in terms of the investment firm deciding to enforce stricter Internet usage policies. "Before this episode, we allowed social network sites, but we don't now," Michaels says. And are the old Blaster and Sasser worms that struck with such devastation over half a decade ago gone? Social networking sites are gaining a reputation as places where malware gets distributed, and if there's no clear business reason for using them, they're put off limits.

Unfortunately not, says the "Top Cyber Security Risks" report released this week by SANS Institute in collaboration with TippingPoint and Qualys. The report — which examined six months of data related to 6,000 organizations using intrusion-prevention gear and 100 million vulnerability-assessment scans on 9 million computers to get a picture of various attack types — notes "Sasser and Blaster, the infamous worms of 2003 and 2004, continue to infect many networks."

More Mac bundles for the masses

Deeply-discounted bundles have turned the difficult process of selling Mac shareware into a viral, timed event with plenty of pomp and circumstance. Two bundles have just crept up on the horizon, both of which offer an impressive variety of applications at a price calculated for an impulse buy. It's kind of like injecting the abilities of Billy Mays and Vince Offer into a package that's easier on the eyes and ears.

First, there's TheMacSale 2, brought to you by MacZOT, a vendor who is no stranger to these kinds of deals. But why buy all this software for a song when you can get a song with it? Up for grabs in this bundle is CrossOver Games, Picturesque, HoudahGeo, MacJournal, Morph Age Regular, Opacity Express, Searchlight, Vinoteka, Stone iMaginator and Stor. Yes, you also get "The Mac Sale - The Song!" with these ten applications, all for $50. Then there's TheMacBundles, which is brought to you by Steve Becker of MacEase software. If you order in the next seven days, you'll get BlogAssist, too. In this package, you can get iPhoto Library Manager, MYStuff, MyTunesRSS, PDFClerk Pro, Simon, Spyder, WebPrint Plus, Yum and Yummy FTP. Order in the next 21 days and they'll throw in A-Dock X and FolderGlance at no extra cost.

That's 12 apps in all for $50. Whoa there, Mr. Pitchman. Bundles have become a great opportunity for lesser-known Mac applications to get exposure. You may be asking yourself, "what's with all of these bundles?" That's a very good question. How many of the above apps did you know about before you read this? Given how prevalent these bundles have become, however, I'm worried that the community isn't finding new software through other channels.

Personally, I can only name five; I've tried three of them. Case in point, I've seen many folks abuzz on Twitter over a bundle that's being given away for free, but I don't see those people looking for more Mac software on MacUpdate and VersionTracker. Nonetheless, in giving out cheap licenses to use their software, there's often a little more incentive for users to try out the software than there would be in the usual timed-trial mode that much of Mac shareware uses. Instead, many of them are waiting for another bundle before they invest in more Mac shareware. Ideally, this translates into better word of mouth and free publicity for many months and years to come.

The scourge of complexity

While the definition of cloud computing is at best a bit fuzzy, the goal of cloud computing is extremely clear. As will be explained in this newsletter, complexity is the enemy of cloud computing. 11 cloud computing companies to watch In a recent article, Geir Ramleth the CIO of Bechtel stated that he benchmarked his organization against some Internet-based companies. That goal is to make a significant improvement in the cost effective, elastic provisioning of IT services. According to that article, "Bechtel operates 230 applications, and it runs 3.5 versions per application.

When you look at Salesforce.com, not only are they running one application, but they are running one version and they are only running it in one location," Ramleth says. That means it maintains approximately 800 applications at any given time. We don't see how Bechtel or any other IT organization will be able to fundamentally reduce cost and become more agile if it continues to offer a highly complex set of services. If his organization wants to make a change to some component of the IT infrastructure that supports one of the 230 applications they operate, they have to devote additional time to quality assurance to test how the change impacts each version of the application. In the example that Ramleth gave, his organization will incur significant extra cost in part because it has to allocate resources to support on average 3.5 versions of each application. Bechtel is not the only IT organization that supports a complex environment.

We believe that any IT organization that is serious about cloud computing has to get serious about simplifying the services that it provides. Many IT organizations utilize multiple WAN providers, develop a lot of custom applications, perform extensive customization of third-party applications, and have multiple systems for functions such as enterprise resource planning or supply chain management. What do you think? Is any effort being made to simplify that environment? Do you work in a highly complex IT environment?

Write to us and let us know. If you have a few minutes to fill out the survey, it will help us to cut through the hype and understand what IT organizations are actually doing relative to cloud computing. Also, we are performing a survey to help identify the concrete steps that IT organizations are taking to implement cloud computing.

Infosys revenue, profits slide in tough market

Infosys Technologies, India's second largest outsourcer, reported a decline in revenue and profit in U.S. dollar terms for the quarter ended September 30, as clients continued to hold back IT spending, and negotiated lower prices. Profits were also down by 0.9 percent to $317 million. The company has also forecast declining revenue for the quarter ahead, and for the fiscal year ending March 31. Infosys said on Friday that its revenue was US$ 1.15 billion for the quarter ended September 30, down by 5.1 percent over revenue in the same quarter last year. The results were however better than was forecast by the company in July.

Revenue for the fiscal year is expected to be in the range of $4.6 billion and $4.62 billion, down by 1.0 to 1.3 percent from a year ago. Revenue is forecast to be in the range of $1.15 billion and $1.16 billion for the quarter ending December 31, which is a year-on-year decline of between 0.5 to 1.4 percent. The decline is smaller than the 3.1 to 4.6 percent decline the company forecast in July. Infosys did a little better in the quarter in Indian Rupees, partly because of currency fluctuations. The company's results for the quarter are in accordance with International Financial Reporting Standards (IFRS). The effects of the recession on outsourcing still lingered in the third quarter, said Siddharth Pai, a partner at outsourcing consultancy firm Technology Partners International (TPI). Besides, the third quarter has traditionally been the weakest quarter in the year for outsourcing deals, he added. Revenue grew by 3.1 percent in the quarter from a year ago, while profit grew 7.5 percent.

Staff addition was down dramatically from 5,927 additions a year ago. The company added 35 clients and 1,548 new staff in the quarter. The company had 105,453 employees as on September 30, 2009. The National Association of Software and Service Companies (Nasscom), a trade body of Indian outsourcers, said in July that India's revenue from outsourcing services to clients abroad will grow by about 4 to 7 percent in the Indian fiscal year to March 31, 2010. In the fiscal year to March 31, 2009, the revenue grew by 16.3 percent to $46.3 billion, according to Nasscom estimates. There will be a lot of pent-up demand for Indian outsourcers in the next two quarters, but growth in revenue will not reach the about 30 percent Indian outsourcers had before the recession, he said. An improvement in business is expected in the fourth quarter, Pai said.

Companies that were considering outsourcing to India have already done so, and new business will be incremental, he added.

Cisco lays out why it might let Tandberg go free

Cisco Systems may be laying the groundwork for dropping its US$3 billion offer for videoconferencing vendor Tandberg despite the emphasis it has placed on video as the future of communications. On Oct. 1, Cisco announced an agreement to buy Tandberg for 153.5 Norwegian Kroner per share, approximately the price of the company's shares at that time. In a blog post on Monday, Cisco Chief Strategy Officer Ned Hooper responded to reports that the deal might fall through by emphasizing the risks and costs involved and saying the purchase would have to make financial sense in the end. "The bottom line is that Cisco will always act with fiscal prudence," Hooper wrote. The offer was recommended unanimously by Tandberg's board of directors but still requires approval by 90 percent of the company's shareholders by Nov. 9. But shareholders representing 24 percent of Tandberg's shares reportedly don't plan to accept the deal.

Last week, reports citing unnamed sources said Cisco would drop the offer rather than raise it. They think Tandberg can succeed on its own but are open to a higher offer from Cisco or another suitor, according to reports last month. That might come as a shock to the industry after Cisco increasingly emphasized the importance of video to its networking and its business over the past three years. But in his blog entry, Hooper said the potential rewards of the deal have received more attention than the risks and costs. The company has expanded its Telepresence line of high-definition videoconferencing systems, developed automated video editing and output software, and acquired set-top box maker Scientific-Atlanta in 2006 (US$7 billion) and mini-camcorder maker Pure Digital Technologies earlier this year ($590 million). Cisco has said Tandberg's gear would be integrated into its overall collaboration portfolio. Those include the challenges of Cisco's first acquisition of a European public company, the complexity of integrating Tandberg's Norwegian and U.K. operations, and currency exchange expenses that have added about $100 million to the overall cost of the deal, he wrote.

But by laying out the potential downsides of the deal while emphasizing fiscal responsibility, Hooper may have been preparing a way to back out if the deal doesn't win shareholder approval by the deadline, or showing the objectors that a fatter offer won't be forthcoming. "We believe the time is right for Cisco and Tandberg to come together," Hooper wrote. "(H)owever, no acquisition should be pursued or completed if it runs counter to the broader principles of prudence and financial fairness." Hooper said the deal was a good one and called Cisco's offer a premium of more than 38 percent over Tandberg's share price before July 15, when reports of a possible transaction first surfaced.