It may be tempting to leap from XP to Windows 8, but the devil’s in the detail.

Windows XP is 10 years old, yet a substantial number of businesses are still using it.

They’re not really at fault. Upgrading to Windows Vista was considered too much work for too little payoff, and for many businesses upgrading to Windows 7 has for a long time seemed unnecessary.

That’s changing, however. With the rise of Ultrabooks and tablets, businesses using XP have found that it falls short. Decreasing support from manufacturers and software vendors means that XP can no longer drive the technologies they want to use.

Many in this position tell me that their plan is to wait for Windows 8. It shouldn’t be. Not only will migrating from XP to Windows 8 be a more difficult and complex task than moving right now to Windows 7, but Windows 8 remains a long way off.

Time to upgrade, but to what?

Support for Windows XP will end in two years. Microsoft has already renewed its lease on life twice, and it won’t do so again.

At the moment, you simply can’t buy a new PC with XP, and downgrade licenses can be hard to obtain.

Businesses using XP know they need to upgrade. Rather than develop plans and policies around Windows 7, however, some are understandably attracted to Windows 8.

For one thing, Microsoft is spruiking Windows 8 as a fix for integrating PCs, phones and tablets across the enterprise — something that IT leaders know is a must.

For another, they believe that if they have to go through what could prove to be a difficult upgrade process, it might as well be to the latest and greatest thing.

But I think waiting for Windows 8 is a risk for a number of reasons:

We don’t know exactly what it is

The Windows 8 beta has not yet been released, and therefore we can’t assess its utility for the enterprise. So far, Microsoft has been promoting consumer-oriented features of the OS, such as its tile interface. We simply can’t be certain yet what these features will mean for the enterprise desktop. It could be that businesses will find Windows 8 to be too consumer focused.

We don’t know when it will be out

With the beta due for release shortly, we can assume on previous experience that Windows 8 will see a general release sometime between October and December this year.

That said, many businesses will prefer to engage in the traditional wait for Service Pack 1, so it may be July next year before they’re ready to upgrade. At that point, XP’s lifecycle will have only six months left to run.

It’s going to be a bigger leap

When you move from XP to Windows 7, most users find the change relatively easy. It’s a much more intuitive switch than that between Office 2003 and the ribbon-based Office 2010, for example.

Exactly what the tile interface and the emphasis on tablets and touch will mean for desktop familiarity in Windows 8 is yet to been discovered, but it’s bound to be a bigger change and there will be a learning curve.

Indeed, when you look at demonstrations of Windows 8, the interface has more in common with an Xbox than a PC. The OS is very deliberately aimed at smartphones, tablets and other ARM-powered devices. This may turn out to be a big ask for enterprises.

It’s easier to upgrade to Windows 7

IT vendors now have a wealth of experience migrating their customers from XP to Windows 7, something that businesses going straight to Windows 8 won’t benefit from.

In addition, Windows 7 is well supported by manufacturers and suppliers today, and there doesn’t seem to be a great deal that Windows 8 will do in future that Windows 7 can’t right now.

Businesses running XP need to understand that Windows 8 won’t be the silver bullet that offers them an easy upgrade.

Their best bet is to develop a plan to move to Windows 7 as soon as they can — a system that’s a ready, proven and available quantity.

Rhys Evans is national practice manager of enterprise information systems with Thomas Duryea.

The Macmillian Dictionary defines the term “fit for purpose”, as something being “good enough to do the job it was designed to do”. With the lack of Disaster Recovery (DR) standards, how can we measure if an IT DR programme is good enough to do the job it was designed to do? How can we draw some conclusions from business continuity standards? The below diagram sets out how two business continuity management standards (the British Standards Institution’s BS 25999 and the Business Continuity Institute’s Good Practice Guidelines) can apply to DR methodology, through five phases.

1. Understanding the organisation’s business compiles policy and framework documents, and invokes a Business Impact Analysis (BIA), and a Threat and Vulnerability Assessment.
2. Organisation’s disaster recovery strategies review technical options addressing the gap between business expectation and current state.
3. Developing and implementing the organisation’s DR solution and plan, implements the preferred option, and compiles the DR plan (DRP).
4. Exercising, maintaining, and reviewing organisations DR programme, exercises the plan and incorporates DR checklists/ processes into change and project management.
5. Annual reviews to embed a DR culture into the organisation. As we will see through some of Thomas Duryea’s clients, disaster recovery that is “fit for purpose” depends upon particular requirements, and may consist of implementing all, or some of the five phases.
The examples below will demonstrate that even with differing business and budgetary requirements, organisations can implement an incremental and scalable DR methodology to ensure their unique goals are met (i.e. fit for purpose).

Golden Plains Shire Council
Golden Plains Shire Council (GPSC) is a municipality of approximately 20,000 residents situated between Geelong, Ballarat, and Melbourne. It offers access to city services, and a mix of country lifestyle. GPSC has a tradition of wool and grain growing, and animal farming. Wine production is an emerging industry. GPSC’s business did not fully appreciate DR requirements and as a result of financial constraints, GPSC provided DR capability via five replication technologies. Issues with this included sustainability, complexity, service restoration, and business ownership. A BIA was conducted highlighting the recovery requirements of the business could not be met with the existing solutions; financial investment was required; and business continuity workarounds needed reviewing. The business also began to understand that DR was not solely “IT’s problem”. GPSC investigated technical solutions and is currently working to increase their DR capability. Independently to the BIA process, GPSC compiled a DR policy and framework, and as their DR capability increases, amendments to their DRP are being done. By undertaking all phases of the DR methodology (although not in strict order) GPCS have progressed from having some disjointed and complicated technical replication, and providing unknown DR capability, to having a defined DR stake in the ground – with support and understanding of the business to move forward and deliver a DR solution that’s fit for purpose.

Service Stream
Service Stream provide solutions in the telecommunications and utilities sectors in areas of construction and design, asset management services, contact centre activities, logistics, and technology solutions. The Communications division (SSC) is dedicated to the support of telecommunication networks, providing communication services matched specifically to their clients’ needs. SSC needed to establish a DR capability, however the DR policy and framework were not immediately required, as these would be adopted by the whole organisation at a later date. An abridged BIA was undertaken, which provided recovery requirements, restart order, and assisted in the determination of the technical solution. SSC established their DR capability utilising VMware’s Site Recovery Manager (SRM), which provided the required rapid return to service. The DRP was written and validated via an exercise, involving starting and validating all applications and data within the Vmware DR “bubble” environment. SSC have scheduled quarterly exercises, and by undertaking selected phases of the methodology, they have ensured their DR capability is fit for their purpose.

Royal District Nursing Service
Royal District Nursing Service (RDNS) has a staff of approximately 1,400, providing 24×7 home nursing and healthcare, with over 1.7 million client visits, and more than 550,000 hours of care per annum. This enables people to remain in their own homes, providing them with more independence, choice, and control in relation to their healthcare. RDNS operate two data centres with core IT capabilities replicated between them providing DR capability. Implementation of new IT infrastructure provided the opportunity to review DR processes which were incorporated into existing BC documentation. RDNS implemented a new DR programme, where the initial focus was documentation and a DR policy and framework were created. A DRP (including existing recovery procedures), was created for both data centres, allowing them to be amended as technical DR capability increased. An abridged BIA was undertaken using process recovery requirements captured in the (business continuity) BIA. Where these were unavailable, IT local knowledge was substituted to determine business
requirements. This resulted in minor amendments, to the deployed solution to closer align it to business requirements. By following all phases of the methodology in strict order, RDNS, have delivered a DR capability that is fit for purpose.

Tweet

Remembering Steve Jobs 1955 - 2011

T oday’s news of the death of Apple icon Steve Jobs comes as a shock not just to the technology industry but to the whole world. We here at Thomas Duryea would like to pay our respects to Steve as a great visionary, leader and entrepeneur – who took the Apple company and indeed the world to new places with his creative genius.

Our thoughts are with his family and friends as we remember the life and achievements of an inspirational man whose legacy will live on.

Apple’s tribute to Steve Jobs can be visited at http://www.apple.com/stevejobs/

With wave upon wave of new, consumer devices coming into the enterprise in the hands of employees, the question ‘How can I put this on the network?’ is ringing loudly in the ears of CIOs. Concerns over security and support costs have led many to reply, ‘You can’t,’ while others have made concessions where they can.

Like it or not, most realise that the push from employees to bring their own devices to the enterprise table — what’s been labelled BYO Computing (BYOC) — is a trend that’s here to stay.

The Flood

The ability to access anything they want, from any device they want, from anywhere, is something that a growing number of users are demanding.

These employees are the ‘digital natives’. Technology is an inseparable part of both their work and social lives, and they want to use the technologies that they believe are best for the task at hand.

The idea behind BYOC is to let them.

Why BYO?

At its heart, BYOC is about productivity. Its premise is that users are more productive when empowered by the technologies they prefer. If your marketing department have cut their teeth on Macs, for example, it makes little sense for the business to force them to use Windows 7 if it doesn’t need to.

Similarly, if half your executive team are BlackBerry champions, while the other half are iOS converts, isn’t the enterprise best served by supporting both?

Won’t it be a nightmare?

Of course, BYOC goes against many of the ruling paradigms of enterprise IT, where the holy grail has been a standards-based, tightly controlled desktop environment. CIOs haven’t wanted to lose control of their network and watch their helpdesk calls skyrocket, and concerns about security and compliance are legitimate. But what CIOs should realise is that, if they refuse to make controlled concessions to accommodate bring-your-own devices, users will often find their own way.

One case I recently saw involved a user emailing his company’s entire CRM database to his Gmail account, for example, simply so he could work on it at home, using his preferred environment.

The tension can be summed up thus. What IT departments want is security, simple management, centralised control, maximum ROI and low cost of ownership. In return, what users generally receive is inflexibility, limited access, no personalisation, slow response to technological change, and an inability to work how they’d like.

BYOC is about breaking this dichotomy.

How to implement it

For a BYOC program to be successful, users must call the shots, with the business handing over a stipend for them to spend. The primary focus must be on the user experience, with support for as many applications on as many devices as possible.

One tool making great inroads is Citrix Receiver — a thin-client solution with an App Store like interface that allows users to choose which enterprise applications they want to access, all of which are touch-enabled and have tailored interfaces for different operating systems and devices. The back-bone of the solution is a centralised BYOC web portal that allows users to browse and select the devices and applications that suit their needs.

Stuart Driver, Citrix’s Director of IT Services for Asia Pacific, is responsible for Cirtrix’s BYOC strategy, which is now three years old. When implementing BYOC, he recommends a five-step process:

Summing up

User-centric computing is on the rise. The fact that it’s a push coming just as much from the board as from as younger, more tech-savvy staff, would suggest it’s here to stay. By putting their own systems in place, CIOs can embrace this change while putting themselves in a position to control it.

The key is not to try to predict the future by picking and choosing the specific devices they’ll support, but instead to create the programs and policies that will allow the enterprise, and its employees, to productively ride the BYOC wave.

The bike CEO Andrew Thomas will be riding in this week's Australasian Safari.

Thomas Duryea’s CEO, Andrew Thomas has this week landed in WA to participate in The Australasian Safari – seven tough days and 2000km of motorsport endurance, the ultimate off-road adventure where competitors tackle the remote, rugged and stunning terrain of Western Australia.

Starting from Perth these adventure tour riders tear through the remote northern goldfields to historic Kalgoorlie, following the tracks of the professional motorsport competitors in the Australasian Safari (the likes of Craig Lowndes and Ben Grabham!). Andrew will be riding up to 400km on his dirt-bike each day and sleeping overnight in bivouac camps in outback WA.

Andrew’s safari is sponsored by Thomas Duryea Consulting, NEXTDC , Citrix, Oakstone Bridge Consulting and Zimbaroo.

Never one to be too far away from a technology gadget – Andrew will be staying in contact with all those at Thomas Duryea and keeping an eye on the running of his company remotely this week, via his iPad and his Citrix Receiver application.

Above is a photo of the bike before it gets covered in a coat of mud over the next 7 days. The race starts today and goes until 30th September. Watch out for Andrew’s updates over the next week as he tells us of his adventures. Go Andrew!

For many businesses, the benefits of cloud computing have made it a no-brainer. The cost savings of its ‘pay-per-use’ model, the elimination of capital investment and the ability to scale on-demand make it the most economically desirable computing infrastructure on the market.

But a significant number of businesses, however, have been put off by two important concerns. The first is security. Businesses haven’t liked the fact that, despite promised precautions, their data will reside on shared infrastructures and will be internet-exposed.

The second is prior investment. In switching to the cloud, many businesses have been asked to write-off thousands of dollars worth of on-site spending on hardware infrastructure and software licenses, something that just hasn’t made good business sense.

The result has been what I call the ‘cloud chasm’: a stark gap between the early adopters who’ve brushed aside these concerns, and the majority of businesses who’ve been held back. The good news is that new types of cloud computing have recently emerged that deliver economic savings and scalability on-demand without compromising security and making prior investments redundant.
To understand how, we have to look at how the cloud has been implemented to date.

THE CLOUD SPOTTER’S GUIDE

Cloud computing has three variants:

1. Public cloud is cloud computing in its traditional form. The cloud services your business uses are hosted externally on a shared infrastructure of virtual machines, managed by a third-party cloud provider.

2. Private cloud is a manifestation in which your cloud services are hosted internally on an infrastructure of virtual machines, managed either by your own staff or with a vendor’s help.

3. Hybrid cloud is a mix of both public and private services. You might choose to host your CRM externally (using SalesForce.com for example) while hosting your email and documents in house.

Choosing the right model for your business means juggling various demands. Your staff simply want freedom, flexibility, familiarity, reliability and control – the ability to work efficiently from anywhere and on any device. Your IT team, however, is looking for a solution that’s secure, manageable and low risk. They want someone reliable in charge of up-time, backups and system upgrades. Finally, from a financial perspective, your business needs a solution that offers value for money and predictable costs.

THE PROBLEM WITH PUBLIC CLOUD

Boiled down, the big trouble with traditional public cloud implementations, often referred to as Infrastructure-as-a-Service (IaaS), is data; more specifically where it’s stored. For both security and compliance reasons, businesses have said, “I can’t afford to have my data to reside on a shared, internet accessible platform that’s outside my control.”

While many cloud providers have urged these businesses to worry less about this important fact, recent events such as the hacking of Sony’s PlayStation Network (a hack in which the details of 70 million customers were stolen), have only underscored these concerns.

The other big problem with the public cloud is its inherent reliance on internet connectivity. Consider how often your internet has failed. Now apply that to your whole business. The fact that public cloud services has meant a shift from local network (LAN) connectivity to a wide area network (WAN) has created multiple points of potential failure.

PRIVATE CLOUD-AS-A-SERVICE

In response to the dilemmas of the public cloud, many vendors are now focusing on private solutions. While the idea of the private cloud is not new, recent technological developments and partnerships are making it a much more cost-effective solution.

The private model is essentially this:
rather than subscribe to a third-party cloud service, your business instead becomes the weather-maker – building your own cloud and hosting it on site. This allows you to keep control of your data. It’s not overseas and it’s not ‘somewhere’. It’s wherever you need it to be; on your premises or in your data centre.

The virtual servers, systems and software behind the cloud infrastructure are still managed by your cloud provider, but the solution is remotely managed, rather than remotely hosted.

For business owners, the big plus is security. You’re able to keep everything behind your network firewall (just as you do now) taking to the cloud while maintaining your compliance with any data protection requirements your business is subject to.

The other advantage is that – unlike in the public cloud – you can continue to make full use your existing infrastructure investment. Your computing and network hardware can be deployed as part of the private cloud solution, for example.

Or, if you happen to be re-examining your requirements in light of the Queensland floods, your business can redeploy it off-site as a disaster recovery platform.

Under the private cloud, you can also continue to use the software licenses your business already owns, while making the switch to a swiftly scalable, operational expenditure funded cloud, paid for monthly on a usage basis.

As long as it’s delivered ‘as-a-service’ you don’t lose the support and monitoring you’d get from a public cloud solution. Compared to sticking with your own traditional infrastructure, you can expect cost savings of around 32 percent over three years.

WHICH CLOUD IS RIGHT FOR ME?

Three simple questions can help you decide which type of cloud best suits your business:

1. What’s your aim? Why do you want to take your business to the cloud? Is it to save costs, boost performance, increase flexibility, or all three?

2. Do you care about your data? How important is data security and control for your business? Do you need to control where it’s stored, including backup copies?

3. Do you have prior investments you don’t want to lose? Do you have capital expenditure tied up in hardware and licenses or are you prepared to start afresh?

If you are willing to risk putting your data in a shared environment and to write-off your current IT platform (something that’s easier if it’s reached its end-of-life), then there’s no reason that your needs can’t be met by a public solution.

But if data security, compliance or existing investments are a concern, then you’d do better to consider a private cloud solution delivered as a managed service.

DOING IT RIGHT

Whichever model you choose, the next hurdle is implementation. From specialist providers to major service providers such as Optus and Telstra, there’s currently a proliferation of cloud services on the market, some of which you can switch on in less time than it takes to read this post.

The key to doing it properly, however, is to fully understand your requirements. The most common complaint when businesses switch to the cloud is that their systems ‘don’t perform as they used to’. Almost without exception, this stems from an underestimation of the demand for bandwidth or processing power.

While there are many players out there it pays to remember that the cloud is still an expert game. To maximise its business benefits, partner with an expert who’s prepared to work hard to develop a deep understanding of your business and its needs.

I’ve just returned from the fabulous Las Vegas where this year’s EMC World conference was held. All I can think of to summarise this entire experience is WOW!

EMC World 2011 was the biggest EMC World ever, with over 10,000 attendees and more than 100 exhibitors and sponsors. Keynote sessions and technical breakouts were jam packed as was the exhibitor hall, as EMC’s partners and suppliers vied for the attention of the storage industry’s largest customer base.

Here are some of the biggest talking points of the event…

• Project Lightning – more of a direction rather than a product, Project Lightning seamlessly extends the SAN into the server, and the server’s local storage into the SAN by using SSD technology. This effectively offsets IOPs to the server level rather than the storage system which provides storage performance benefits.
• GreenPlum – in a nutshell, this technology is based on an open-source database and has massively parallel processing that can perform advanced queries on massive datasets in seconds. This allows EMC to be the major player in the growing market of ‘big data’ analytics which depends on billions of facts and hundreds of terabytes (more often petabytes) of data.
• Isilon – can be summed up as extremely scalable ‘big data’ NAS. Once again, by ‘big data’ we’re talking 10 petabytes of data or more, 100s of Gigabits of throughput and 100s of nodes that delivers extreme performance. Isilon differs from traditional unified storage systems in that nodes can simply be added as needed and the metadata, caching, and back-end IO will automatically be re-distributed across all nodes.
• VNX – the awesome VNX and VNXe unified storage systems are now bigger, faster and stronger. That means 2x the bandwidth, 2x the spindle count and 2x the capacity. Enough said!

With all the new product launches and technology directions unveiled at EMC World 2011 all I can say is that exciting times lie ahead for EMC customers and partners. I’m glad to be a part of it.

Thomas Duryea is an EMC Signature Partner and have been recognised as the 2010 EMC Top Achiever for Victoria & Tasmania as well as the 2010 EMC Specialist Partner of the Year for Unified Storage. As one of few Australian Signature partners, Thomas Duryea has years of experience and is well equipped to support your EMC and Data Management requirements.

There has been much talk recently concerning the concepts of the “consumerisation” of IT and the increasingly popular BYOC (Bring your own computer). My recent trip to San Francisco for Citrix Synergy has certainly brought clarity in my mind as to the validity and reality of these concepts and has helped me to draw the conclusion that now is the time to act – before the inmates start to take over Alcatraz!

As IT departments are moving faster towards cloud thinking and delivering elastic scale to their organisations there is new pressure from users to be more agile and flexible when it comes to working arrangements and the devices they want to use.

More and more staff are wanting the flexibility to allow use of their Apple MacBooks, iPads, Android tablets or home PC’s while working on corporate applications and data. Citrix are hanging their hat squarely on being the only real vendor with the ability to deliver this whilst maintaining a great user experience and best of breed security in the data centre. Advances in the primary Citrix client, known as “Receiver”, bring yet more versatility with new abilities to deliver a full high-definition user experience on a Mac, application access directly from the ChromeOS browser and integration with cloud storage services such as Dropbox.

Synergy also heralded the acquisition of Kaviza, delivering simple all-in-one VDI for small and medium enterprises. This product takes away the complexity of enterprise desktop virtualisation whilst maintaining the HDX user experience Citrix pride themselves on.

Great leaps have also been taken in the further development of NetScaler and Branch Repeater as Citrix continue to build on their networking strategy with new releases and editions expected this quarter.

This year’s Citrix Synergy proved to be a very inspiring and impressive event, showcasing not only their strength of vision but also the quality of their delivery. The big question that I’ve been left with is whether enterprise IT can keep up with increasing consumer capability. So will you continue to fight it, or are you ready to embrace consumer devices on your corporate network? Maybe not today, maybe not tomorrow, but soon and for the rest of your life!

Bring it on.

Thomas Duryea Consulting in conjunction with Citrix will be hosting a luncheon ‘The i-Volution of IT: Embracing employee devices’ this August. To register your interest in this luncheon please fill in your details here.

For more information on how Citrix technology is meeting the demand for personal and non-traditional devices at work – visit http://web.citrix.com/Dilbert/index.html

Australian and New Zealand businesses have recently been plagued by a number of high-profile security attacks. But it’s not just happening in Australia and New Zealand. You only need to pick up a newspaper to realise that data breaches are making big headlines worldwide while damaging the brands and reputations of everyone involved.

Security attacks against businesses speak volumes about the size of the threat we face, and the determination of criminals to steal valuable information.

The Symantec Internet Security Threat Report is one of the most comprehensive sources of Internet threat data in the world. It provides a year-long overview and analysis of Internet threat activity. Volume 16, covers the period from January to December 2010. We compiled the report using more than 240,000 sensors in more than 200 countries, and intelligence gathered from over 133 million Symantec client, server, and gateway systems that have deployed our antivirus products around the globe.

The report revealed significant changes to the threat landscape in 2010. The volume and sophistication of threat activity increased substantially, with Symantec identifying more than 286 million new threats last year while web attacks rose by 93 percent. We also uncovered 14 zero day threats and 6,253 new vulnerabilities. In the underground economy we saw credit card numbers being sold for as little as seven US cents.

2010: the Year of the Targeted Attack

Last year revealed that targeted attacks such as Hydraq and Stuxnet pose a serious challenge to businesses. The scale of these attacks range from publicly traded, multinational corporations and government organisations to smaller companies and individual computer users. The victims had one thing in common – they were specifically targeted and compromised, even though many had robust security measures.

While the high profile, targeted attacks that received the bulk of the media attention in 2010 attempted to steal intellectual property or cause physical damage, many of these attacks prey on individuals for their personal information. For example, in 2010 data breaches caused by hacking resulted in an average of more than 260,000 exposed identities, far more than the second leading cause, which was theft/loss, which accounted for an average of just over 67,000 exposed identities.

More and more zero day vulnerabilities are being leverage in targeted attacks. In 2010, Symantec observed 14 new zero-day vulnerabilities, an increase from 12 in 2009. Stuxnet, which infiltrated Iranian nuclear control systems, alone used an unprecedented four of these zero-day vulnerabilities. Hydraq, which targeted large multinational companies, used one of the three zero-day vulnerabilities in Internet Explorer.

Social Networks: A Fertile Ground for Cybercriminals

Perhaps the most disturbing trend of all was the prevalence of attacks that start with social networking. Social networks continue to be a security concern for organisations as companies and government agencies struggle to find a satisfactory compromise, leveraging the advantages of social networking while limiting the dangers posed by the increased exposure of potentially sensitive and exploitable information.

A chief concern is the popularity of shortened URLs. Attackers capitalise on these services because their victims are unable to quickly determine where shortened URLs will direct them, frequently leading to a phishing scam or malware infection.

A favourite method used to spread an attack is from a compromised social networking profile. The profile is used to post links to malicious websites so that the links appear in the news feeds of the victim’s friends.

In 2010 Symantec observed 65 percent of malicious links in news feeds used shortened URLs. During a four month period Symantec monitored shortened URLs leading to malicious websites; 73 percent were clicked 11 times or more, with 33 percent receiving between 11 and 50 clicks.

Mobile Threat Landscape Comes Into View

More users are downloading and installing third-party applications for mobile devices and the possibility of installing malicious applications is increasing. Most malicious codes are now designed to generate revenue and as people increasingly use mobile devices for sensitive transactions such as online shopping and banking we can expect more threats to be created for these devices. Trojans that steal data from mobile devices and phishing attacks will likely be some of the first threats to arrive.

Currently, most malicious code for mobile devices are Trojans that pose as legitimate applications. These applications are uploaded to mobile app marketplaces where users download and install them. In some cases, attackers may take a popular legitimate application and add malicious code to it. This happened in the case of the Pjapps Trojan.

In a sign that the mobile space is starting to garner more attention from both security researchers and cybercriminals, there was a 42 percent increase in the number of reported new mobile operating system vulnerabilities, from 115 in 2009 to 163 in 2010.

How can you fight back?

The first step is to recognise the risks we face. Criminal attacks are prevalent, potent and expensive to clean up. That reality will change the way organisations defend themselves.

The second step is to review the use of social networks within your organisation. Symantec has had positive experiences using social networks in the workplace and is enjoying some latent cost savings. But we all need to be aware that our employees use social networks at home and at work and then consider how that usage pattern impacts business security.

Understand the age of innocence has ended for mobile devices: your smartphone is set in the sights of criminals. Mobile behaviour must change to avoid risky practices.

Organisations need to recognise that cyber attacks are getting more sophisticated every year, and to repel attacks you will need to become more sophisticated in your response.

• The most important protective measure is to employ defence-in-depth, which emphasises multiple overlapping and mutually supportive defensive systems to guard against single-point failures in any specific technology or protection method. For consumers, this means using an Internet security solution that combines antivirus, firewall, intrusion detection and vulnerability management.
• Consumers and businesses should ensure that security patches are up-to-date and applied to all vulnerable applications when possible.
• Businesses and consumers should have emergency response procedures in place, including having a backup and restore solution.

To remain protected against today’s threats, Symantec encourages consumers and enterprises to employ defence-in-depth, keep systems patched and up-to-date and apply best practices for backup and recovery.

Melbourne, AUSTRALIA – 7 June 2011: Thomas Duryea Consulting today announced that it has achieved Symantec Specialisation membership in the areas of Archiving & eDiscovery; Data Loss Prevention; Endpoint Management; and Data Protection.

One of the first companies across Australia to hold specialisations as a Platinum Partner, Thomas Duryea Consulting has experienced strong growth in the past year, with a sales increase of 3,000 percent. This growth has been spearheaded by the company’s Symantec Specialisation achievements.
Last year, Thomas Duryea Consulting was recognised as a Symantec Enterprise Value Partner and achieved Platinum Partner status and in 2009 the company won the Growth Partner of the Year Award. The company is also a specialised SMB partner.

Symantec Archiving & eDiscovery; Data Loss Prevention; Endpoint Management; and Data Protection Specialisations recognise partners with a proven expertise in technologies such as Enterprise Vault, NetBackup, Backup Exec, Symantec Endpoint Protection, Data Loss Prevention and the Altiris IT Management suite.

“Symantec Specialisations and accreditations differentiate us from other partners in the ecosystem, adding value to our business across all areas,” says Andrew Thomas, CEO, Thomas Duryea Consulting.

“Symantec has a comprehensive set of solutions that complement our product offering and the services we provide our customers. Being a Symantec Platinum Partner helps Thomas Duryea Consulting deliver value and relevance to our customers and we’re pleased to be one of the first partners in Australia that has transitioned to the enhanced Symantec Partner Program.”

With these Specialisations, Thomas Duryea Consulting will be able to better meet the needs of its customers by delivering high-value solutions to better protect and manage their information.

“The Specialisations Program is designed to recognise partners’ investment in Symantec and reward their expertise. The program provides partners with the skills and knowledge required to deliver differentiated service to their customers,” says Craig Scroggie, Vice President and Managing Director, Pacific region, Symantec.

“Thomas Duryea Consulting has demonstrated a deep investment in Symantec and an expertise in delivering solutions and services that protect customers’ most critical information.”

Symantec partners achieve Specialisation by meeting certain requirements that deepen their knowledge and proficiency in a solution family while receiving exclusive benefits as a result of their investment. With revenue last year of AUD $50 million and a team of 100 across Melbourne and Sydney, Thomas Duryea Consulting is well positioned to continue supporting Symantec deployments of all sizes.

For further information on how Thomas Duryea Consulting can support Symantec rollouts, please contact us.