Bluenog’s Information Management team will be led by Chuck Lewis who has been appointed head of the new practice. Mr. Lewis will be responsible for services in five areas comprised of: Analytics, Business Intelligence, Data Warehousing, Database Management and Administration, Data Modeling, Data Governance, Extract-Transform-Load (ETL) technologies, Integration of Data Sources and Master Data Management.

“Bluenog already delivers superior technical solutions and measurable business outcomes to Fortune 1000 companies nationally and internationally,” said Sastry Taruvai, President, Bluenog Corporation. “Chuck will contribute to our management team’s expertise, further enhance the needs required in today’s digital business and deliver the most comprehensive and relevant Information Management solution to our clients.”

About Bluenog Corporation
Bluenog Corp. is an enterprise services and software company that specializes in delivering practical solutions to meet our customers’ needs for security, SOA, business intelligence and Enterprise 2.0. Leading organizations rely on Bluenog Corp. to deliver enterprise solutions based on leading software technologies. Bluenog maintains deep technology expertise and broad implementation skills; provides end-to-end consulting capabilities from architecture, best practices and strategy to post implementation needs and keeps all this simple to deliver real business value as quickly and seamlessly as possible. Headquartered in Piscataway, N.J., Bluenog is an Oracle Platinum Partner and Reseller. For more information, please visit www.bluenog.com.

Contact:
Bluenog Corporation
53 Knightsbridge Rd., 2nd Floor
Piscataway, NJ 08854
Phone: 732.584.2378
Email: info@bluenog.com

The Philadelphia Flyers vs. Florida Panthers game will be held on February 21st. We hope to see you there!

Date: 2/21
Time: 7:00pm
Place: Wells Fargo Center
Section: Mid Level Suite #68

But there are two more fundamental reasons for this increase in data theft, reasons are magnified due to the changing technology landscape:  companies do not value their data as a top business asset, and they focus on securing the technology, not the data itself.  Stealing your customer and company information is becoming much easier to do.  Companies spend millions on security technology rather than thousands on risk assessments and process (governance) improvements in information management.  Companies almost never have a full accounting of all data they create, transact and store, but they have detailed inventories of the servers on which that data resides.  If you’re not paying attention to the data itself, you don’t value that data enough to effectively protect it from the bad guys who value it more than you do.

Addressing this increasingly urgent problem is not easy.  It requires a fundamental change in the way you think about your data.  Believe it or not, you probably already have a pretty good idea of what that new mindset is.  Consider the security you employ in your personal life.  You lock the doors and windows to your house when you leave, but it doesn’t stop someone from breaking in and stealing your television, which you consider an acceptable risk.  But maybe you do lock up your more treasured valuables, such as jewelry, in a fireproof box and hide that in your closet.  And maybe you lock up your most treasured items, such as family heirlooms, in a bank’s safety deposit box.  The same holds for your data.  Here is a simplified version of the steps we perform with our clients in protecting their data:

1. Perform an information inventory of all of the data you create, transact and store.  Inventory representatives of different levels from every department and record what data they deal with daily to conduct the company’s business.  Then go out and perform a full risk assessment of all of that data and verify where the data resides.

1. Classify all data according to industry standards and create a framework in which the data will be protected commensurate with its classification level.  Account for how the data will be stored, copied, transmitted and destroyed, as well as investigation and reporting processes in case the data is stolen or mishandled.

1. Assign roles and responsibilities for the protection of data to all employees and third-parties who may use the data.  Include this information in your company information security policy.

1. Create an information management policy that specifies how the data protection framework will be carried out, and implement that framework in the IT environment.

1. Now you can purchase the security technology you need to enforce compliance.

In today’s world of acquisitions, mergers and consistently changing business needs, the ability for an IT organization to respond to these changes in a quick and timely fashion is quite vital. While businesses recognize the need for enterprise integration and SOA based solutions, many organizations tend to embark on the SOA journey without proper planning and therefore lack a strong execution strategy. More often than not customers are eager to get to the “implementation” phase by picking a toolset and getting down to business without the due diligence that is necessary before arriving at such a decision.

The goal with a SOA based solution is to bring business and IT closer. Increasingly, one of the biggest pain points for Business owners is the lack of understanding exhibited by their IT in relating to requirements which always translates into a significant gap in the end product from the target state.  The key is to get the Business owners and IT on the same page in order to deliver a quality solution that can scale and expand as the company evolves. Typically, this is accomplished with a team of Enterprise Architect(s), Business Users and IT leadership often referred as the “SOA Advisory Board” that can understand the Business needs and goals and put together a strategy to address current problems and lay a strong foundation for the future. The Enterprise Architects at Bluenog have been very successful in helping our customers develop this very SOA strategy and define a roadmap for a successful SOA implementation.

Tool selection is a critical step in the SOA adoption process. There are plenty of choices for both enterprise commercial vendors as well as open source based solutions. Oracle, IBM, Tibco, Microsoft are of the prime commercial vendors and JBoss, Fuse, Sonic, Apache Mix etc with their open source based offerings.  Once a SOA strategy is ironed out, the next step is to identify a platform for SOA. Although Web Services are a huge part of any SOA based solution, SOA is not all Web Services and one size does not fit all. Every environment is different and every solution is unique in its own way. Most organizations have some form of IT systems and applications in their environment. Platform selection should also factor in the type of systems and applications that are deployed in the environment. For example, if the organization runs Java based applications then it makes sense to build a solution with a Java based platform instead of .Net and vice versa. With that said, due to the nature of IT today, organizations tend to have a combination of Java, .Net and other technologies. The SOA platform must be able to handle integration across heterogeneous systems with standards based implementation as supposed to proprietary frameworks. Most SOA platforms today are built on open standards so how do we decide on one?

1. Ease of development – Toolset and skills of the IT team. For e.g. a Java based IT team will benefit from a SOA platform with Java background. Although there will be a learning curve, it will be a smaller one. Toolset should be efficient, intuitive and easy to use for development and testing.
2. Standards based – Standards based implementation and integration frameworks/adapters for pertinent applications (e.g. SAP, PeopleSoft, MQ, Mainframes etc).
3. Monitoring & Maintenance – Often overlooked in tool selection. Any SOA solution deployed should provide insight into the infrastructure. A good toolset will provide visibility with various troubleshooting and monitoring features to monitor and notify on failures. Increasingly, organizations are mandating four 9’s or even five 9’s uptime. Having an enterprise monitoring tool for end-to-end visibility enables operations to be proactive in identifying problems.

SOA implementation is a multi-phase, multi-year initiative and the costs are higher for the initial services. However, the TCO for a SOA platform reduces considerably as more (reusable) services are deployed over time. Bluenog can assist with the SOA adoption process starting with laying out a strategy and going through the implementation and deployment. A governance process is key for a successful SOA adoption and just as important as having a SOA strategy. Governance is a topic by itself and I will be dedicating my next blog solely to discuss the importance of governance.

Add more usability into your projects and get better results. Here are a few resources to help you show your teams what usability is and why it matters:

1. Usability 101: Introduction to Usability
2. What is usability?
3. Usability Basics
4. UX Design Defined
5. Enterprise software: Why usability matters
6. Why UX? Why now?
7. Why usability is important to you
8. eCommerce ROI: Why Usability ALWAYS Beats Advertising

Four 73 Gb Solid-State disks (SSDs) provide extremely fast access to the Oracle redo logs. Also, this appliance supports both Oracle RAC and Oracle Rac One Node for “active-active” or “active-passive” failover of the database. As a matter of fact, the only issue I see with the ODA, is that (currently) you MUST triple mirror and hence get only 4 TB of usable storage. Supporting both OLTP and DW applications, ODA could fit in a number of deployments. Every deployment? Probably not, although IT IS A very versatile tool in our toolbox.

Bluenog specializes in building applications based on the Oracle Middleware, SOA, and Identity Management stacks. Most of these components do have minor database needs by themselves, but If we were building an application that had large storage needs of its own, then it may be considered. Another possibility would be a situation where the data needed to remain isolated for, say, compliance reasons. In this situation, it may not be acceptable to keep the data on the same large storage array used by other facets of the company.

We also have a very active Engineered Systems practice that is currently involved in a number of Exadata and Exalogic systems; also game changing products. In a situation where the customer didn’t need the capacity of an Exadata, ODA could fit very nicely.

The problem is so widespread that it is the underlying reason for the most talked-about “hacks” in the news. The theft of credit cards, intellectual property (IP), health records and other sensitive information can be attributed in large part (even more so than SQL injection attacks) because of a poorly protected user or system account that were penetrated. From my experience the reason why this issue is so prevalent is because companies do not have the resources – people and time – to properly administer their user accounts and access to their networks and systems. Companies are also increasingly outsourcing their IT operations to third party service providers who sometimes don’t do any better at securing user accounts. As IT staff has shrunk over the past four years, the effective security of user accounts and access has diminished. It is becoming more and more evident that automating the management of user accounts and passwords, or identity and access in the security vernacular, is the key to addressing this problem.

According to Wikipedia, identity and access management (sometimes abbreviated as IDM or IAM) “describes the management of individual identities, their authentication, authorization, and privileges/permissions within or across systems and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks.” In other words, an IDM product suite, such as Oracle Identity Management 11g, provides a centralized capability to manage and secure user accounts and access including ensuring that user accounts are valid, users have only the access to what they have a valid business need for, passwords are secure and consistently applied to all systems and applications according to company security policy, and that the company can monitor and audit user activities to ensure that access is not abused. These products can also provide additional benefits such as single sign-on and reporting for compliance purposes. With these kinds of protections in place my job of penetrating your systems and stealing your sensitive data is that much more difficult, and that’s a good thing.