... but keeping track of the decryption keys is much trickier. Yet you'll need to do just that in the coming years if Barbara Nelson is right. "The challenge of the next decade is managing the security of data at rest," suggests the CEO of NeoScale Systems Inc. in Milpitas, Calif. Information resting on tapes, CD-ROMs and other backup media is a snap to scramble so bad guys can't read it. More of you are encrypting stored data to comply with regulations such as California SB 1386, which is designed to protect consumers' personal information. But how do you know whether you'll be able to read the data when you need it later? In some cases, that may be decades into the future, such as with patient information you need to protect. Dore Rosenblum, vice president of marketing, claims that NeoScale's Crypto-Stor Key Vault appliance can, among other tricks, create encryption keys, distribute them off-site for business continuity, archive them safely for years, share them with trusted sources and delete them when necessary. Rosenblum says NeoScale has an open application programming interface so it can connect to any data-storage device and follows industry standards for encryption. The Key Vault will be available next quarter, he says, starting around US$25,000. It could be a key to protecting your data.
Protect your end users ...
... from themselves for free. In 2005, Gartner Inc. estimated that 2.4 million Americans fell prey to phishing attacks. A few of them may work at your company. Alex Hernandez, director of advanced product development at CipherTrust Inc. in Alpharetta, Ga., says his company this week is releasing a free tool-bar plug-in for Microsoft Outlook and Lotus Notes users that puts a red warning icon on messages from suspicious locations. Unknown sites will be flagged as yellow, and safe messages will be given a green light. The TrustedSource Toolbar queries CipherTrust's online database of Web sites that are known to be sources of spam, phishing attacks or other malware operations. Hernandez says a plug-in for Web mail clients will be ready "in a few months." Can't beat the price.
Open-source code is good ...
... but not perfect. Coverity Inc. in San Francisco released its first analysis of the source code for 31 open-source projects -- everything from popular software such as Linux, Apache and MySQL to lesser-known tools like Amanda for backup and the audio player XMMS. Ben Chelf, Coverity's chief technology officer, explains that the company's Prevent analysis product explores "all possible paths through the code" to look for defects. He says the flaws per 1,000 lines of code varied from .055 to 1.23. He concludes that the research is "good evidence that open-source software is generally of high quality." In an upcoming analysis of Linux, Coverity intends to analyze various releases of the operating system down to the individual driver level. Coverity has been chosen by the U.S. Department of Homeland Security to study open-source tools for potential security holes.
Vendors' shift to services ...
... revenue continues apace. Thomas Lah, executive director of the Technology Professional Services Association in San Diego, says the 21 software and 16 hardware companies listed in the TPSA's Service 50 index continue to grow their services revenue faster than software license or hardware sales. He says the latest study from Q4 2005 shows that software companies now glean 60 percent of their dollars from services, while hardware firms are at 37 percent. "This is double the percentage of [services] revenue in both industries from 10 years ago," Lah says. He says the data underscores a shift in the way CIOs are evaluating technology vendors. That is, IT users want more than just features and functions. "They want to work with companies that can unlock the potential of technology with the right services," Lah says.
Estimate virtualization savings ...
... with a free calculator. Application virtualization vendor Softricity Inc. in Boston is today releasing its Return on Virtualization Calculator gratis. David Greschler, vice president of corporate marketing, says the spreadsheet has been certified by market research firm Forrester Research Inc. Softricity worked with Forrester to design a step-by-step process by which you can calculate the difference between running software directly on PCs and handling applications virtually. For example, you can compare the difference in cost for installing and terminating programs in either fashion. Greschler is betting you'll see that the savings aren't virtual.