This is for the tireless enterprise security folks out there, working every day to protect the computing environment.  Do you feel you are making progress in climbing the mountain towards security nirvana or just spinning in the hamster wheel?  The corporate security strategy is the plan which determines your fate.

 

Does your enterprise have a security strategy and is it leveraging the security organization in an efficient and effective way?  Here is a quick slide-deck to challenge your security strategy.  It is based on a recent blog, 5 Questions to Prove a Cyber Strategy, but includes more insights, supporting data links, and frankly, it just looks much better.

 

 

Verify Your Cyber Threat Strategy
View more presentations from IT@Intel

A key value of enterprise social platforms is the ability for serendipitous discovery. You might be looking for a piece of information. You may not know where to look for it. You may not know the creators of that content. Yet your enterprise social platform can help you get to it in a few easy steps. The best part is - apart from the 'content' that you were looking for, you might gain insights into public sentiment on that content, debates and perspectives, and better still - the ability to spot experts on that topic. What better way to break down silos of information, and share knowledge across the enterprise, and with posterity!

 

Yet, there are times when this unique value is lost. And that is when information is 'locked down' in spaces set up with exclusive permissions for members of a project team, or a closed community. Here are some thoughts to help you avoid this pitfall.

 

Some seemingly 'closed' use cases aren't. For example - A project team working on the next generation product should be super-private, right? Think again. They may have the opportunity to collaborate with another team working on a similar idea, or might get inputs from a field sales person who has insights into what the market really needs.

 

Tip 1. Evaluate the need for closed communities. If a community must be private, determine what information about the community can be exposed and made searchable. Enable non-members to "ask to join" and access more secured portions of the community's workspace.

 

Yes, there are times when the information is sensitive and ought to be available to only those who have a need to know, particularly when the work is in progress. However, when it is time to unclassify this information, community owners should be able to make the information public in an easy manner.

 

Tip 2: Create awareness about the value of sharing enterprise social content, and make it easy to reclassify information.

 

Now for some good news. Capabilities in the area of enterprise social analytics have evolved considerably, enabling you to extract summary information without making the core content public. For example - A forum post on the latest breakthrough in semiconductor materials might be locked down, but analytics will help you determine that the author of the post is an expert in material science. So when someone is searching for an expert - they can get to the author, without having access to the private forum.

 

Tip 3: Invest in social analytics. It is powerful, and will help you see your organization in a totally new light.

 

Do share your perspectives on this topic.

The density of our data centers has increased since 2004 as we expanded our rate of virtualization, proactively refreshed our servers and storage with the latest generation of Xeon processors, and consolidated the number of data centers.  As a result we had to innovate and optimize the efficiency and reliability of our data center facilities to accommodate the increasing cabinet sizes from 15kW to 22.5kW and to 30kW currently.  We focused on 4 key areas to optimize: Air and Thermal management, Architecture, Electrical, and Harvesting Stranded Capacity.  Read this data center facilities paper to learn and see (in 3D color) how our facilities changed as we increased the density of our data centers.

 

For low-density cabinets up to 15kW, we use traditional computer room air conditioning (CRAC) units in the return airstream without any air segragation as illustrated below:

Fac Fig1.JPG

For 22.5 kW cabinets, we use hot aisle enclosure (HAE) with the CRAC unit in the return airstream as illustrated below:

HAE Fig2.JPG

For 30 kW cabinets, we use flooded supply air design and passive chimneys as well as HAEs as shown below:

RAP Fig3.JPG

For some facilities with a raised metal floor (RMF) we still use a flooded air design by raising the room air handlers' supply path above the RMF as shown below:

RMF Fig4.JPG

Follow me on twitter at @ajayc47.

Sometimes it takes the absurd to realize common sense has left the building.Hoop Security.jpg

I saw this today while wandering the halls of the office and had to take a picture.  

Here is an example of a security control, which cost money  to purchase, time to store, manage, and implement, and causes users a delay of access for a resource which is likely not desirable by imminent threats.   It runs the risk of permanent denial of the asset if the key is lost and a temporary lack of immediate access as the key-holder is not readily known.  The most important aspect of this situation is the overall cost of the security control is more than the value of what it is protecting.   Security gone awry. 

I am no expert on the street value of these toroidal entertainment objects or if there is a rash of hula-hoop theft in the office, but I suspect neither is real or meaningful enough to warrant padlocking in a secure building with vetted employees.  The office is full of expensive equipment, Intellectual Property, and other valuable sundries which would seem to be more likely targets for appropriation.  Yet, someone decided to go out of their way to secure these with a padlock.  

Can we apply this bit of afternoon silliness to our world of information security?  You bet.  How often do we look at the cost and impact of security controls in relation to the value of what is being protected?  It is easy to automatically lock everything up and think security has justly been instituted.  But as this example shows, that is a disservice to the underpinning concepts and true value of security. 

As practitioners and beneficiaries of security, we must effort rational decisions to insure we achieve the right balance.  We should support the application of security where it is needed and challenge superfluous bureaucracy, spending, and unnecessary controls.  

As painful as it may be, it is okay for security experts to conclude 'more security does not make sense or add any value here'.  We don’t always need to add more.  Sometimes less security is the right answer.    

Since May 2011, I’ve had the honor of having an adjunct responsibility as the IT PMO PMI (Project Management Institute) Credential Mentor in Intel IT.  To date I’ve advised over 80 PM’s on their best approach to obtaining a PMI credential (PMP, PgMP, PMI-ACP, PMI-SP, and PMI-ACP). I’ve also had dozens of enquires from PM’s that have their PMP as to obtaining PDU’s.  The most typical scenario is that their PMP renewal is due this year and/or in a relatively short time and they are far short of having the documented minimal 60 PDU’s (Professional Development Units) required in a 3 year cycle to apply for renewal.  As Intel I’ve noticed IT has close to 400 PMP’s, I thought it would be helpful to document what I advise for everyone’s benefit.  I am now sharing it also in this community and hope more people can benefit from them.

 

The first task you should do after reading this article is to go to the PMI website,  log in, got to Certifications – Maintain Your Credential - Report PDU’s , and check your renewal date and the number of PDU’s you currently have.  Putting it in project terms then your simple scope is to, ‘Obtain at least XX PDU’s by XX date to be able to renew my PMP credential’.

The most typical situation I get is within a year left to three year deadline and needing 40 to 50 PDU’s.   Most PM’s assume it is all education based and concerned they have to attend classes, will their manager approve it, they need to take time off from their project that has a deadline, etc. -  I’ve heard all the concerns.  

 

The second task is to be aware that there are six options for obtaining PDU’s as shown in the table below and consider your viable options.

 

Focus

Area

PMI

Category

Approach

or Method

Options

to Consider

PDU Limits

(3 year)

A

(REP) Registered Educational Provider

PMI Component Chapter

PMI Annual Symposium

-          Take a vendor class in a PM subject

-          Attend the local PMI chapter meeting

-          Attend the Annual PMI Symposium

-          Prep course for another credential

None

Educational

B

Continuing Education

-          Attend a PM college course

-          Attend a Webinar (on PM subject)

-          Attend an IU (Intel) PM class

-          Attend Intel PM CoP, PM Forum, etc.

None

C

Self-Directed Learning

-          Reading a PM book

-          Being mentored/coached on PM

30

D

Creating new PM knowledge

-          Author/co-author a book

-          Get your PM article published

-          Create and teach a PM course

-          Be a speaker, moderator, SME participant for PM panel discussion

45

Giving Back To The Profession

E

Volunteer Service

-          Volunteer with your local PMI chapter at least 3 months

-          Volunteer for a specific PMI chapter event (Symposium)

45

F

Work as a Practitioner

-          Work full time as a PM equals 5 PDU’s per year

15

 

The third task is to make a plan and get started in earnest o meet your deadline.  I’m going to list suggestions and tips/tricks from my experience in assisting others in priority of what might be the easiest to obtain.

 

Potential Benefit

What it is

What to do

Suggested Practice

Reference

Up to 15 PDU’s/ 3 years

Most PM’s do not realize they get PDU’s for working full time as a PM.

You can go and document the prior years and current year.

Make an Outlook calendar in mind January reminder add the 5 PDU’s on the PMI website for the prior year

Cat: F

Undetermined but good possibility of something

Review your Outlook calendar and Intel U records for past classes

Make a spreadsheet with class, hours, date column

Update your PDU’s on the PMI Website immediately upon successful class completion

Cat: B

Possibly 10-20 per year?

The monthly Intel IT PM Forum, PM CoP, etc.

Budget time to register /attend these meetings

Update your PDU’s on the PMI Website immediately upon successful class completion

Cat: B

Up to 12 PDU’s /yr. @ 1 PDU per monthly meeting

The local PMI Chapter monthly PDM (Professional Development Meeting).  They are relatively inexpensive and feature a PM subject speaker

Check out the local PMI chapter webpage, contact a chapter officer, join the chapter, and attend their monthly meetings.

Attendees usually receive a paper confirming their attendance with the event #.  When updating PDU’s, inputting this # will auto populate the information for you.

Cat: A

Undetermined

PM classes sponsored by the local PMI chapter – professional development dept.

Check the local PMI Chapter’s monthly calendar for class offerings.

These non PMP prep classes are usually 4 to 8 hours on a Saturday and discount priced for Chapter members

Cat: A

Up to 30 PDU’’s / 3 yrs

Self-directed learning

If you maintain your PMI membership, you will receive PM Network, the PMIs monthly magazine – read the articles

Claim your self-directed PDUs in in 0.25 hour increments.

Cat: C

UP to 20 PDU’s/yr.

Volunteer with the local PMI Chapter

Check the local PMI Chapter volunteer link for open positions

Try something different on an area are you’d like to learn about.  Ensure you are clear on the time requirements and expectations.

Cat D, E

 

Before continuing let me offer additional practical advice that you also may find helpful.

-          Documenting PDU’s:  If a PMI event or REP (PMI Registered Education Provider) you receive an XXXX-XXXXXX code that when typed into the PMI website auto populate the information.  If not then certain then be specific with the information placed in the PMI website.  Also I can’t emphasize enough to document the class in the PMI website immediately after obtaining the class or receiving the certificate.  Don’t wait!

-          Partial Credit:  A class does no have to be titled or directly be a PM class.  Training for Six Sigma, ITIL, or a Process may qualify for some number of PDU’s.   You need to estimate the direct PM content hours and then document it accordingly.  A 2 day, 16 hour class may have only 4 hours of PM related training but you can count it.  Keep in mind you did agree to an ethics agreement with PMI and they can ask for additional documentation before approval so be fair and accurate.  If in doubt ask the class instructor for their assessment of project management content and go with that.

-          Volunteering:  Helping in some manner with your PMI chapter is a wonderful thing and great experience however let me offer some caution before engaging with a PMI chapter representative.   A volunteer in a ‘Team Member’ role can earn 5 PDU’s up to a Chapter President that can get 20 PDU’s per year.  However a team member may require a few hours per month while a Chapter VP or President requires 5 to 10 hours per week or more.  If interested and regardless of your capabilities start with a team position and learn the chapter first.  Chapter Officers sever a two year term with a 50% changeover each year so positions do open up and you can be elected. It’s a great experience but you will work a lot of hours for those PDU’s.

-          Volunteering Caveats:

  • PMI Chapters hold annual Symposiums or PDD’s (Professional Development Day) events and volunteering to support that event only often earns you 5 PDU’s for a day’s time plus you most likely get to attend the event for free and even attend class or two if you get free time or a speaker sponsor / aid. 
  • If you are an SME (Subject Matter Expert) you might be a PDM or PDD speaker for the Chapter which you typically get 10 PDU’s for developing and presenting a class (Cat D).  The chapter provides you a confirming PDU letter to use.
  • PMI Chapters also have monthly or quarterly newsletters distributed to their members through their communications volunteer group.  Usually they are in need of good PM subject article content and  if published it’s typically worth 10 PDU’s. The chapter provides you a confirming PDU letter to use.
  • Annual PMI Symposiums also put out request for forum speakers which are typically a 75 minute class.  You have to apply, be approved, attend the event, and speak.  Requesting 10 PDU’s for the prep and speaking time should be approved by PMI.

-          If Your 3 Years Run Out and You Don’t Have The Minimum 60 PDU’s: Life goes on and things do happen. If you do not renew your credential in the 3 year cycle requirements, it goes into probation for up to one year.  During that time if you get your 60 PDU’s then you can review your PMP credential and your next 3 year cycle period starts.  If you past the year then you lose your PMP standing and have to start over with the application,  possible audit, exam, etc.

-          If You Obtain Greater Than 60 PDU’s In Your 3 Year Cycle: PM will allow you to carry over up to 20 PDU’s toward your next 3 year cycle.  The flexibility here is that if you want/need to take a class now you can apply up to 20 PDU’s later so don’t limit yourself.  This is especially useful if you are considering another PMI credential as the exam prep training for a new credential can be applied towards your PMP renewal (PM subject training in any capacity is accruable).  Keep in mind that 60 PDU’s every 3 year cycle is the ‘minimum’ and although 60 are counted some PM’s obtain hundreds through their work, training, and volunteer activities in keeping their progressive career.

-          Rules of Thumb:

  • A PDU obtained by training through a PMI REP training entity will most likely cost between $25 to $100 per hour USD and not including travel if not local.  This includes the fee to attend a PMI Chapter PDM for the one hour speaker series that yields one PDU.
  • A PDU obtained by volunteering your time through having a chapter position, speaking, supporting an event, and/or writing an article will most likely require five to twenty (5 to 20) hours of your time per PDU.

In summary:

-          There are many options to obtain the minimal 60 PDU’s over a three year renewal cycle keep you PMP credential current.   Any PDU’s obtained through various activities should be documented as soon as possible in the PMI website for accurate tracking.  If the activity is in question then the PMP should check with the class instructor or enquire with PMI directly to ensure the activity is recordable.  PMP’s should not necessarily limit their training and experience activities as up to 20 PDU’s can be carried over and accrued towards the next three year renewal cycle.

 

-          With today’s surplus of information and the availability of low cost events by PMI chapters and REP organizations across the globe, it is not difficult to accumulate the required number of PDUs for renewal of your credentials.  Read the journals, attend chapter meetings, get out and enjoy and embrace our profession.  Make a resolution to create a process for yourself of logging your self-directed PDUs immediately following reading the works. Not only will you earn PDUs, but networking and learning, common success factors we employ in our day to day roles as PM professionals, can return benefits tenfold. 

A couple months ago, Matt Rosenquist posted a really interesting blog with a lot of great information on how a company can use "Verify Your Cyber Threat Strategy"

 

We decide to take this topic a bit further. We developed a presentation with the same questions but with links to resources. These resources provide ideas on how to develop a cyber threat strategy if your company doesn't have one, or if your answer is no to one or more of the questions.

 

Verify Your Cyber Threat Strategy
View more presentations from IT@Intel

 

As always, share with other security professionals and IT managers if you find this presentation useful.

 

Thanks, Elaine

IntelITsme

Like many of our enterprise IT peers, we are being challenged with rapid growth in storage demand.  In 2011 alone, we faced a 53% increase in storage capacity to 38.2 PB from 2010 and the continued build out of our private cloud could further increase demand.  Clearly we could not increase costs linearly with demand.  Through a variety of techniques described in this data storage solutions paper including: thin provisioning, tiering, storage refresh, using SSDs, and increasing utilization, we have been able to support significant capacity and performance improvements while saving $9.2M.

 

These techniques combined with deploying new Intel® Xeon® processor based storage technologies allow us to meet steep storage demand growth in a cost-efficient manner while not compromising on quality of service in our virtualized and multi-tenant computing environment.

 

@ajayc47

Filter Blog

By author:
By date:
By tag: