End of Support: Windows Server 2003

05-CIOpanel

The End of Support for the Windows Server 2003 family of products is July 14, 2015. On that date, all support for Windows Server 2003, including R2, will cease. In light of that, now is the time to make your plans for your migration to Windows Server 2012 R2 Datacenter, Microsoft Azure, as well as Microsoft Cloud Services like Office 365.As a part of normal product lifecycles and to accommodate the shift towards modern technology and mobility, Microsoft will completely end support for Windows Server 2003 on July 14, 2015. Security patches and updates will no longer be available after that date. This Alert from the Department of Homeland Security indicates the seriousness of this event, and Microsoft encourages all businesses to carefully evaluate a migration plan:

“Research from IDC confirms that businesses should thoughtfully consider using this moment as a starting point for the shift toward modern technology. We think customers should take advantage of this deadline and see it as an opportunity not only to move forward to a newer version of Windows but also to modernize and prepare for the next generation of computers. Hybrid and public clouds are important components of next-generation IT.”
Source…

End of support means:

  • No updates
    37 critical updates were released in 2013 for Windows Server 2003/R2 under Extended Support. No updates will be developed or released after the end of support.
  • No compliance
    Lack of compliance with various standards and regulations can be devastating. This may include various regulatory and industry standards for which compliance can no longer be achieved. For example, lack of compliance with the Payment Card Industry (PCI) Data Security Standards might mean companies such as Visa and MasterCard may no longer do business with you. Or, the new cost of doing business may include paying catastrophic penalties or astronomically high transaction fees.
  • No safe haven
    Both virtualized and physical instances of Windows Server 2003 are vulnerable and may not pass a compliance audit. Microsoft Small Business Server (SBS) 2003 servers are also affected. Staying put will likely cost more in the end. Maintenance costs for aging hardware will also increase. Added costs will be incurred for intrusion detection systems, more advanced firewalls, network segmentation, and so on—simply to isolate Windows Server 2003 servers.

Many applications will also cease to be supported, once the operating system they are running on is unsupported. This includes all Microsoft applications.

Consequently, now is the time to act. You must start planning migration now. Servers may still be running Windows Server 2003/R2 for a number of reasons. You can use these reasons as discussion points regarding:

  • Perceived challenges of upgrading applications
  • Presence of custom and legacy applications
  • Budget and resource constraints

Among other possible resources, you may take steps to safeguard your business and make migration a priority with these helpful links:

Leveraging 802.11ac Wireless for a University Deployment

05-CIOpanel

From submitting a quiz on their laptop, streaming the latest episode of a hit television program on their mobile phone, or using their tablet to participate in an in-class activity, college students rely on the wireless internet. These days, everything is utilizing the internet for collaboration and communication. Students are carrying several devices and expecting them to be constantly connected.

The explosion of personal wireless devices has created challenges for campus wireless networks around the country, and The University of Texas at San Antonio (UTSA) is not immune. UTSA, a large 4-year public institution, is now experiencing similar issues as the number of wireless network devices utilized by students has dramatically increased. Students, along with faculty and staff, are increasing and expanding their wireless use on campus, engaging in research for projects and streaming content for entertainment. An intense demand for instant access to information for academic and personal use requires solutions to remain innovative and up-to-date.

A Growing Mobile Culture

Wireless usage for student devices such as laptops, tablets, and cellphones has tripled over the past three years. In a growing mobile culture, improving wireless performance is a task that benefits the entire university community. Having these resources available is important for universities competing for students, financial resources, and recognition as top tier institutions. In order to deliver exceptional technology services for the community, UTSA researched a strategy for implementation of a new 802.11ac wireless solution.

Students had previously complained about poor wireless performance in high-user traffic areas (such as the library), as well as difficulty accessing resources over the internet due to the growing use of the network. With 750 802.11n access points and a maximum concurrent usage on the wireless network user range around 17,000, UTSA recognized that the existing wireless network architecture and hardware were no longer able to provide adequate support for students, faculty, and staff in areas of high user density. Advanced system features were required for the desired functionality.

As with many institutions of higher education, consideration of the allotted budget to avoid increasing tuition for UTSA students or decreasing services was essential to finding a solution that could be maintained by the university. In an effort to resolve these issues, the Office of Information Technology (OIT) at UTSA evaluated alternative wireless solutions from multiple wireless vendors to identify one that would provide superior performance without the need to exponentially scale the number of access points installed on campus.

UTSA’s Approach

UTSA’s approach to upgrading the wireless network was through an on-premise controller 802.11ac-based solution. While controller-based solutions have been the status quo, UTSA has found them to be superior to cloud-hosted wireless solutions. From the limited group defined, the list of vendors was narrowed to two (a cloud-based and a controller-based offering), and a proof of concept deployment was done in the area of highest density on campus – the John Peace Library (JPL). During these tests, each vendor solution was evaluated based upon performance and product features. Although performance data can be subjective, it is beneficial to have. Along with other facts, this information led to the selection of a vendor. A vendor with a clear technology roadmap is important in wireless solutions as the technology changes so quickly.

The use of a controller-based system was proven to provide UTSA with the most flexibility in design and performance. Aruba provides powerful system management services and performance tuning and reporting, which has given UTSA the tools it needs to create a robust wireless environment. This allows the university to continue to research in other areas to improve the student experience with technology resources at UTSA.

Simplified design of the system, enhanced ease of use, and advanced security features including firewall and IDS will help protect the network from viruses, malicious actors, and unauthorized access. UTSA has seen a vast improvement in client metrics and performance management with the new system.

With the new wireless solution in full operation, OIT has seen a reduction in complaints from students. The university doubled the access points available to students to 1,500. Increased bandwidth utilization demonstrates the improved performance of the wireless network throughout the UTSA campus. The systems enhance the ability to identify, filter, and manage user traffic to ensure better performance for network-delivered curriculum, and they ensure that the new wireless solution will continue to adapt and serve the university as it continues to transform on its journey to Tier One recognition.

IT Certifications

05-CIOpanel

In today’s business world, information has become the valued asset on which business decisions are made. Information Technology (IT) is crucial in business, especially in regard to customers. IT systems like a patient web portal for retrieving medical records or a customer-facing ordering website are vital to an organization. IT leaders and CIOs must ensure their systems are maintained, secured, and available to meet the customer and business needs of the organization. The critical systems must be supported by well-educated and trained staff with proven abilities like IT certifications.

Certifications

IT staff can demonstrate their skills and knowledge of critical systems by becoming certified in such areas as Microsoft, VMware, Cisco, EMC, NetApp, and many more. As shown in the list of companies, certifications mainly focus on becoming qualified on a company’s product (Microsoft = Microsoft Certified Systems Engineer) instead of a particular job. However, due to the popularity of certifications, many positions are focused on IT jobs for specific certifications. Certifications in IT usually require an exam, while other more extensive certifications will add simulation in which the student will perform administrative tasks associated with the relevant product.

Microsoft originally established engineering certifications, such as Microsoft Certified Systems Engineer, that were focused on specific platforms like server, desktop, and exchange (Aranda, 2006). This has since been replaced and expanded to multiple Microsoft certifications that focus in the areas of infrastructure, developer, and database. An example below shows a pictorial graph of Microsoft certifications:

05-ITcert-pic1

Another great certification program is from Cisco. The Cisco certification program focuses on networking systems technology for their gear. In 1993, the company established the Cisco Academies and soon after created benchmarked standards for network technicians (Aranda, 2007). Like other certifications, the company felt that other educational institutions were not qualified in preparing students for such specified exams. Cisco has many certification tracks, such as Routing and Switching, Content Networking, Unified Communications, Optical Networking, Network Management, Cisco Security, Cisco Unified Wireless, Network Infrastructure, and Cisco Storage Networking (Aranda, 2007).

IT security is very big today due to the recent high profile data losses of Target, Sony, and Home Depot. Therefore, there is a great need to have security personnel who are certified. In 1989, a non-profit organization, (ISC)2, was established to create a global informational security certification process for professionals. Five years later, the first security professional credential was established, CISSP (isc2.org, n.d.). Security certifications have grown to over six tracks and many levels, as shown below:

05-ITcert-pic2

VMware Certification Program

One of the top certifications on the market today is from VMware. According to data provided by Foote Partners, “VMware cloud certifications are all pretty hot right now according to data” (VMware, n.d.). Those individuals who have pursued a career in virtualization have seen a significant increase in pay over the last year. As an example, pay for VCDX certification has increased 28.6 percent, and VCP-Cloud certification positions have shown an increase in pay of 12.5 percent (VMware, n.d.). While there hasn’t been significant growth over the last year, recipients of the VCAP-CID certification, according to Foote Partners data, are receiving 8-13 percent of base pay salary as a “skills pay” premium from employers (Hein 2014). VMware has many certification or solution tracks and different levels of certifications that range from Associate to Expert. Below is a list of the tracks and levels (VMware, n.d.):

05-ITcert-pic3

Besides pay, VMware certification has several benefits such as (VMware, n.d.):

  • Recognition of your technical knowledge and skills
  • Greater opportunities for career advancement
  • Complimentary VMware Workstation license (for new VCP5-DCV certifications)
  • Press release support (for VCDX level certifications)
  • Bio featured in the VCDX Directory (for VCDX level certifications)

05-ITcert-pic4

Since information is such a valued asset on which business decisions are made, IT is crucial for businesses to become industry leaders. Business and IT leaders must ensure their systems are maintained, secured, and available to meet ever increasing customer and business demands. One of the best ways to meet those demands is to employ well-educated and well-trained IT staff with appropriate IT certifications from companies like Microsoft, Cisco, (ISC)², and VMware.

REFERENCES

Aranda, N. (2006). The History of Microsoft Certifications – Now and Then. Retrieved from…

Aranda, N. (2007). A Brief History of Cisco Certification Training. Retrieved from…

Hein, R. (2014). 2014’s Hottest IT Certification. Retrieved from…

isc2.org (n.d.). History of (ISC)². Retrieved from…

VMware (n.d.). Industry Leading Certification Programs To Demonstrate Your Expertise. Retrieved from…

Wyrostek, W. (). Top 10 Problems with IT Certification. Retrieved from…

The Takedown Boomerang

05-CIOpanel

So you’re happily shopping on Amazon.com (not during work hours, of course), and all of a sudden you come across an e-book that looks awfully familiar. You take a closer look…hmmm. “Wait a minute,” you mutter, “that can’t be right. That’s the book that I wrote! It’s only supposed to be available on my site! And my price is much higher than Amazon’s!” You check your site, and – sure enough – traffic is down, and you’re losing sales.

You call your trusty IP lawyer, who sends a takedown letter to Amazon.com. Amazon.com removes the offending e-book, no counter-notice is issued, and you soon see an uptick in e-book sales. That’s the way it’s supposed to work, right? Pretty easy solution – no lawsuit, no long process?

I won’t address some of the intricacies of how the process can play out, but yes, that’s often how it does work under Section 512 of the Digital Millenium Copyright Act (DMCA 512), and it has worked fairly well for the last fifteen or so years. Google gets a staggering number of takedown requests – so far over 34 million requests in the past month alone.

However, the simplicity of the process has resulted in abuse, as well. DMCA 512 is not an all-purpose tool for shutting down whatever offends you online. And if you use it improperly, you could face a real publicity nightmare. Many sites now contain some version of a hall of shame – places where tales of DMCA overreach can live forever.

Don’t assume that the target of your takedown notice cannot or will not fight back. Organizations such as the Electronic Frontier Foundation (EFF), Digital Media Law Project, Chilling Effects Clearinghouse, and others stand ready to help targets push back on overreach. Many popular blogging platforms, such as WordPress.com, have also taken steps to protect their users against abuse.

When Diebold tried to use the DMCA to force students to take down Diebold’s leaked internal emails about voting machine flaws, the EFF stepped in to help – and won. In a turnabout, Diebold had to pay damages for filing frivolous takedown notices. That’s right – the DMCA allows targets to turn the tables if you send a false notice.

Online criticism is a fact of online life. If you’re the target, the DMCA may not be your best option for dealing with it. You may end up amplifying the criticism. When an organization called Straight Pride U.K. tried to squelch an apparently unfavorable email interview posted by a student journalist Oliver Hotham by using the DMCA to force takedown of his article, Automattic (which runs WordPress.com) filed a lawsuit in defense of the journalist, and won. That DMCA notice set off a wave of articles and a lawsuit – which had the unintended effect of broadcasting the organization’s views.

Bottom line: think through the possible ramifications before firing off a DMCA notice. The DMCA is a powerful tool when used properly, but if you misuse it, your efforts might boomerang on you with unintended consequences.

CIO Panel: Harnessing Digital – Mobile/Cloud/Data

05-CIOpanelOn Thursday, April 9th, I attended the 2015 San Antonio North Chamber CIO Panel, presented in conjunction with InnoTech. The sellout event at the San Antonio Convention Center was attended by over 300 representatives from San Antonio’s leading business and government organizations. After opening remarks by Gary Britton, New Horizons Learning Centers and San Antonio North Chamber Technology Chair, the session turned to recognizing the winners of the annual and lifetime technology leadership awards. Bill Phillips, Senior VP/CIO of the University Health System received the IT Executive of the Year. His accomplishments included leadership in major facilities and technology upgrades. David Monroe was given the first Lifetime Achievement Award for his many accomplishments starting with his leading role at Datapoint, San Antonio’s first breakout technology company.

In keeping with the theme Harnessing Digital – Mobile/Cloud/Data, Todd Chudd, Practice Director, Mobile & Modern Web at Randstad, presented his thoughts on how success can be achieved in the coming digital environment. As context for his comments, he pointed out that the typical American now spends 10% of their time using some mobile device. In his view, the successful future enterprise must continuously measure, adapt, and change again. For retailers, he felt they must move from the customer loyalty program as a source of data for macro marketing and sales strategy to one that creates the basis for one-on-one customer relationships.

CIO Panel Discussion

After that presentation, the session shifted to its main business, the CIO Panel Discussion. The panel included four of San Antonio’s most prominent technology leaders: Chris Cox, USAA, Head of Digital Delivery; Apollo Gonzalez, Catapult Systems, Chief Technology Officer; Greg Sarich, CPS Energy, Senior Vice President Enterprise Support & CIO; and Doug Skiba, Frost Bank, Executive Vice President IT Architecture & Strategy.

The first topic tackled by the panel was mobile strategy and measurement. All of the panelists advocated a customer driven strategy. Highlights on measurement included Frost Bank’s reliance on Google Play and Apple’s App Store customer ratings, CPS Energy’s goal of shortening walk-up lines with particular attention paid to the walk-up customer who spends the entire wait on a digital device, and USAA’s focus on adoption and utilization.

Next up was a discussion of the impact of 24/7 mobile access on support. Again the group generally agreed that support must match customer access, including adding support modes for chat, voice, and video. Catapult sees the explosive jump in user access driving a move to the cloud to assure availability and to reduce the risk of excessive down time. CPS sees the access to multiple mobile applications driving an ever increasing demand for service and new capabilities.

The third topic for discussion was the impact of the “Internet of Things.” Of note was USAA’s moving from an episodic relationship with customers to a continuous relationship based on input provided by the customers’ “things.” CPS is particularly impacted as meters move from being the trigger for billing read monthly to an energy management device for both the customer and the company read every 15 minutes. Catapult sees the major impact being the mountains of data generated by everything from vehicles, to thermostats, to refrigeration units.

The final topic was the impact and application of the “cloud.” As a group, the panelists were relatively conservative on the use of public or third party cloud applications and storage because of security concerns. Generally, common administrative and support systems like email were considered the best candidates for the cloud. The one exception to that thinking was CPS Energy’s use of a California-based provider that collects and processes all of their meter data.

My sense as the crowd exited the room was general agreement of time well spent and a value added event. I’ll certainly Save the Date for 2016!