Back to Shadow IT

Through some of the work that I do for my Clients, I’ve helped to identify and reduce Shadow IT as a part of better aligning IT delivery with strategic business goals.  It has been sort of a mantra, that Shadow IT is a bad thing and must be eliminated.  Over the past couple of years though, I’ve increasingly found myself second guessing that mantra.


While governance and security are even more important now than in times past, the characteristics of IT services have changed around us.  Take end user devices for example.

No Thanks to DR Planning Software (so far)

I was having a drink with an old friend of mine, who is a very prominent and globally sought after risk management professional, and we got around to talking about Disaster Recovery Planning Software.  I asked him, “have you ever found one of those that you like?”  His response was not positive.

Quite often, I am called by a potential Client needing help with DR planning, and who is at the make/break point of a relationship with a DR planning tool vendor.  The conversation often goes something like this:

Smart Phone Wars

I really don’t know why several of my most recent posts are about smartphones.  This forum is about data center and IS security.  However, I am a mobile consultant, and smartphones are a key weapon in the consultant’s utility belt. With that disclaimer, I was reading an article today in Gigaom about smartphone market share. …

Apple iPhone vs. Google Android, and the “App War”: What are we fighting about?

In restaurants, airports, and public transportation I often hear debates over iPhone versus Droid.  These are discussions between owners of these devices, and often times with potential owners trying to decide which phone to invest in next.  By the way, I use the term “invest” very specifically, because these devices require more than writing a check.  They require an ergonomic lifestyle change, which for many users comes at the price of weeks or months of “friend-making” with their new phone.

One of the topics that comes up in most of these conversations has to do with the number of applications ( “Apps” ) that are available for the phone.

A friend of mine, Adam Somer, brought my attention to an article in Business Insider that contained the following chart:

The point of this chart, and the text in the associated article, is that the number of apps available for the Android is quickly catching up to the number of apps available for the iPhone.  This is nice to know, I suppose.

It’s Hip to be Flat

For the past year or so, pundits in the industry have prophesied about the coming of the “flattened data center network.”  What exactly are we talking about here when we say “flattened network?”

There are a number of drivers that favor moving away from the common three and four-tier data center networks with Layer 2 and Layer 3 switching, toward a network based on Layer 2 with just edge and core switches (Get it?… ‘See what we mean by “flat?”).

Drivers for Flat Networks

One of the primary drivers for this change is virtualization.  Virtualized environments, and clouds, benefit from the fluidity with which virtual machines can move across the network (and across data centers).  Some common virtualization technologies are limited though, to Layer 2 environments within a common VLAN.  The presence of a Layer 3 hop ads a great deal of complexity in this regard.

One reason we’ve come to know and love the three and four tier networks common in data centers is that we were forced into this architecture by product capabilities, namely port speed and port density.  We’ve learned to build a hierarchy of switching because of the building blocks we had in terms of core switches, access switches, TOR switches, et. al.  We must admit though, that driving packets up and down these trees of switches comes with complexity and cost.

Privacy and Content Governance – Increasing Challenges for Content Providers

In a recent article published by Scott & Scott, LLP, has been sued in the U.S. District Court by a group of individuals seeking class-action certification.  The plaintiffs allege breach of contract and negligent misrepresentation against  They are claiming that the website contains thousands of fake profiles, and that these profiles are placed there by third parties for illegitimate and unlawful reasons.  Furthermore, they are claiming that makes little or no effort to vet new profiles posted, nor takes action against these fake profiles.