News
4/1/2008
08:12 PM
Terry Sweeney
Terry Sweeney
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Mission Creep And Storage

Anyone who has ever worked in an organization of, say, more than 50 people is aware of the phenomenon of mission-creep. It's always clear that it has occurred when the person whose initial job was ordering Post-its finds himself handling quality control, handling "external relations" (whatever that is), and traveling two-thirds of the time to make sure branch offices are using the right copying paper. Does any of this ring a bell for today's storage professionals?

Anyone who has ever worked in an organization of, say, more than 50 people is aware of the phenomenon of mission-creep. It's always clear that it has occurred when the person whose initial job was ordering Post-its finds himself handling quality control, handling "external relations" (whatever that is), and traveling two-thirds of the time to make sure branch offices are using the right copying paper. Does any of this ring a bell for today's storage professionals?Storage analyst Charles King calls attention to the new complexities storage managers face in the wake of networked storage, virtualization, and other centralizing technologies that do away with direct-attached or isolated storage gear.

Yeah, storage has become more than handling daily and weekly backups. State and federal laws concerning data privacy and preservation have turned storage pros into legal scholars, archivists, and enforcement specialists.

Handling tape rotation is a far cry from deciding how long untouched data remains on a server. Selecting a SAN vendor may look like a cakewalk after setting up corporate policies that decide who gets access to what data, and when. And IT is no longer defined by 18-month projects where it makes sure manufacturing has all the capacity it needs -- it's working more frequently as a team in a centralized data center, looking at the business and its challenges a little more holistically.

I've bloviated before about the demise of the specialist, and I'm not so sure that it's a bad thing. In this day and age when this index has crashed or that price peaks anew, it seems like someone with intimate knowledge of the business and the technical wherewithal to address its thorniest issues might have more job security (and make more money) than the guy who swaps out tapes every night.

Or buys the Post-its.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7298
Published: 2014-10-24
adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality.

CVE-2014-8346
Published: 2014-10-24
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.

CVE-2014-0619
Published: 2014-10-23
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.

CVE-2014-2230
Published: 2014-10-23
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter to ck.php.

CVE-2014-7281
Published: 2014-10-23
Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53_CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.