Database and ERP audit plans and best practices at www.checklist20.com
-
Difference between Oracle’s Exadata and Exalogic
Posted on May 10th, 2012 No commentsOracle Exadata (Oracle Exadata Database Machine) is strictly a data processing solution offered by Oracle. Initially conceived and promoted as a solution for mainly large data warehouse data load processing, Oracle now boldly proclaims that Exadata is suitable for high concurrency OLTP applications as well. It’s important to understand that Exadata isn’t something you use in addition to your current Oracle databases – rather, it comes with its own prepackaged Linux based Oracle database. Exadata is a prepackaged box that consists of the Oracle Exadata Storage Server software , Oracle Database 11g software, in addition to Sun branded hardware (RAM and CPUs) and Infiniband network technology software. Oracle’s claims of ultra fast data processing with Exadata are well supported by actual field experience of several companies, making this a really big success for Oracle Corporation. In addition to enabling fast processing of heavy amounts of data, Exadata also helps you consolidate multiple Oracle databases into a single easily manageable system. It’s important to note that the Exadata package (servers, software, network and storage) is completely preoptimized and preconfigured by Oracle.
If you’re running high volume, mission critical OLTP applications, or if you are having problems making sure that your current Oracle databases can crunch through heavy loads of warehouse data, it’s time to take a close look at Exadata – it’s more than likely that you’ll be surprised at the ease with which you can transition to Exadata from your current Oracle database based applications. Oracle claims that you’ll need fewer CPUs to run Exadata as compared to a non-Exadata solution. Exadata is configured in a balanced format, in units of “Racks” that are similar to standard data center rack configurations – you can purchase a quarter, half or a full rack and you can easily upgrade to more processing power by ordering additional Exadata racks.
Oracle Exalogic (Oracle Exadata Elastic Cloud) is also an “engineered system” and is similar to Exadata in the sense that it’s also a prepackaged hardware plus software solution, designed to be managed and monitored as a single stack. However, the main purpose of Exalogic isn’t data crunching – it’s an engineered system designed to provide high performance for Oracle middleware using custom Java EE applications, Oracle Applications and similar enterprise level applications.
Both Exadata and Exalogic are part of Oracle’s new paradigm of “purpose built systems” that provide pretested and preconfigured standardized sets of hardware, smart storage, and network and software components. The key goals are easy implementation, high speed processing and easy scalability on demand. The fundamental idea behind Oracle’s engineered systems – that standardizing and optimizing al the components will provide a higher performance through the exploitation of the synergies among the various components seems to be borne by the experience of users..
-
Security Alert for CVE-2012-1675 Released
Posted on April 30th, 2012 No commentsHi, this is Eric Maurice.
Oracle just released Security Alert CVE-2012-1675 to address the “TNS Listener Poison Attack” in the Oracle Database. With a CVSS Base Score of 7.5, this vulnerability is remotely exploitable without authentication, and if successfully exploited, can result in a full compromise of the targeted Database.
In the April 2012 Critical Patch Update, Oracle provided Security-in-Depth recognition to Joxean Koret. As stated in the Critical Patch Update advisories, “People are recognized for Security-In-Depth contributions if they provide information, observations or suggestions pertaining to security vulnerability issues that result in significant modification of Oracle code or documentation in future releases, but are not of such a critical nature that they are distributed in Critical Patch Updates.”
As stated in previous blog entries, Oracle fixes vulnerability first in the main code line, and then tries to backport fixes through the Critical Patch Update program for exploitable vulnerabilities that were externally reported. In certain instances, such backporting is very difficult or impossible because of the amount of code change required, or because the fix would create significant regressions, or because there is no reasonable way to automate the application of the fix (for example when user interaction is required to change configuration parameters).
Shortly after the release of the Critical Patch Update, mistakenly assuming that the issue had been backported through the CPU, Joxean Koret, the initial reporter of this vulnerability, fully disclosed its details, initially stating that it had been fixed by Oracle, then after realizing that it had not been fixed in current releases, reported the vulnerability as a “0-day.”
As a result of this disclosure, Oracle has issued Security Alert CVE-2012-1675 to provide customers with a number of technical measures to provide effective defense against this vulnerability in all deployment scenarios.
Customers on single-node configurations (i.e., non Real Application Cluster (RAC) customers) should refer to the My Oracle Support Note titled “Using Class of Secure Transport (COST) to Restrict Instance Registration” (Doc ID 1453883.1) to limit registration to the local node and the IPC protocol through the COST (Class Of Secure Transport) feature in the listener.
RAC and Exadata customers should refer to the My Oracle Support Note “Using Class of Secure Transport (COST) to Restrict Instance Registration in Oracle RAC” (Doc ID 1340831.1) to implement similar COST restrictions.
Note that implementing COST restrictions in RAC environments require the use of SSL/TLS encryption. Such network encryption features were previously only available to customers who were licensed for Oracle Advanced Security. However, RAC customers who were previously not licensed for Oracle Advanced Security need not be concerned about a licensing restriction as Oracle has updated its licensing to allow these customers the use of these features (namely SSL and TLS) to protect themselves against vulnerability CVE-2012-1675. In other words, Oracle has added Oracle Advanced Security SSL/TLS to the Enterprise Edition Real Application Clusters (Oracle RAC) and RAC One Node options, and added Oracle Advanced Security SSL/TLS to the Oracle Database Standard Edition license when used with the Real Application Clusters.
Considering that the technical details of vulnerability CVE-2012-1675 have now widely been distributed, Oracle highly recommends that customers make the configuration changes documented in the above mentioned My Oracle Support Notes as soon as possible. Customers should also feel free to contact Oracle Support if they have questions or concerns.
For More Information:
- The Advisory for Security Alert CVE-2012-1675 is located at http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html
- The My Oracle Support Note titled “Using Class of Secure Transport (COST) to Restrict Instance Registration” (Doc ID 1453883.1) is located at http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1453883.1
- The My Oracle Support Note titled “Using Class of Secure Transport (COST) to Restrict Instance Registration with SCAN listeners” (Doc ID 1340831.1) is located at http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1340831.1
- Oracle’s security fixing policies are published on the Oracle Software Security Assurance web site located at http://www.oracle.com/us/support/assurance/index.html
-
April 2012 Critical Patch Update Released
Posted on April 17th, 2012 No commentsHi, this is Eric Maurice.
Oracle has just released the April 2012 Critical Patch Update. This Critical Patch Update provides 88 new security fixes across the following product families: Oracle Database Server, Oracle Fusion Middleware, Oracle Enterprise Manager Grid Control, Oracle E-Business Suite, Oracle Supply Chain Products Suite, Oracle PeopleSoft Enterprise, Oracle FLEXCUBE, Oracle Siebel Clinical Trial Management System, Oracle Primavera, Oracle Sun products suite, and Oracle MySQL.
Of the 88 new vulnerabilities, 6 directly affect Oracle Database Server. The highest CVSS Base Score for these Database Server vulnerabilities is 9.0. This Base Score affects the Oracle Spatial component on Windows platforms (on non-Windows platforms, i.e., Linux, Unix, the CVSS Base Score is 6.5). In addition, 6 Enterprise Manager Grid Control fixes may be relevant to Database Server deployments. The highest CVSS Base Score for the Enterprise Manager Grid Control vulnerabilities is 5.8; but 4 of the 6 vulnerabilities can be remotely exploitable without authentication. Therefore, Oracle highly recommends that these fixes be applied as soon as possible.
This Critical patch Update also includes 11 new security fixes for Oracle Fusion Middleware. The highest CVSS Base Score for these Fusion Middleware vulnerabilities is 10.0 (for vulnerability CVE-2012-1695). This score affects a series of vulnerabilities in the Java Runtime Environment that are applicable to JRockit. Starting again with this Critical Patch Update, JRockit fixes will no longer be provided with the Critical Patch Update for Java SE, but be provided in “the normal” Critical Patch Update along with other Oracle Fusion Middleware fixes.
This Critical Patch Update provides the following application security fixes: 4 for Oracle E-Business Suite, 5 for Oracle Supply Chain Products Suite, 15 for Oracle PeopleSoft Enterprise, 2 for Siebel Clinical Trial Management System, 17 for Oracle FLEXCUBE, and 1 for Oracle Primavera Enterprise Project Management.
Finally, this Critical Patch Update provides 15 new security fixes for the Oracle Sun Products Suite (including Oracle Grid Engine, Oracle Glassfish Enterprise Server, Oracle Solaris, etc.) and 6 new security fixes for Oracle MySQL.
While a great amount of caution is required when analyzing the content of the Critical Patch Updates in an attempt to identify potential trends; I believe the content of this Critical Patch Update is consistent with the views expressed in previous blog entries: Oracle Software Security Assurance activities tend to result in lowering the number of exploitable security bugs in most mature product lines (that is the product lines who have implemented Oracle secure development practices for the longest time), and as a result we see a downward trend in the number of fixes for these product lines. On the other hand, newly acquired product lines often experience relatively large number of security fixes in the Critical Patch Updates. This is due in part to the increased visibility these products may get as a result of their acquisition by Oracle, as well as development’s access to an extended toolset (e.g., security scanning tools) and increased executive attention around security matters as a result of joining Oracle.
For More Information:
The April 2012 Critical Patch Update Advisory is located at http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
More information about Oracle Software Security Assurance is located at http://www.oracle.com/us/support/assurance/index.html
-
Security Alert for CVE-2011-5035 Updated
Posted on March 29th, 2012 No commentsHi, this is Eric Maurice again.
Oracle has just updated the Security Alert for CVE-2011-5035 to announce the availability of additional fixes for products that were affected by this vulnerability through their use of the WebLogic Server and Oracle Container for J2EE components. As explained in a previous blog entry, a number of programming language implementations and web servers were found vulnerable to hash table collision attacks. This vulnerability is typically remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. If successfully exploited, malicious attackers can use this vulnerability to create denial of service conditions against the targeted system.
A complete list of affected products and their versions, as well as instructions on how to obtain the fixes, are listed on the Security Alert Advisory. Oracle highly recommends that customers apply these fixes as soon as possible.
-
Upcoming Webinar: Out of the Fire – Adding Layers of Protection when Deploying Oracle E-Business Suite to the Internet
Posted on March 5th, 2012 No commentsOut of the Fire - Adding Layers of Protection when Deploying Oracle E-Business Suite to the Internet
Thursday, March 8, 2:00pm - 3:00pm EST
When you externally deploy Oracle E-Business Suite Internet enabled modules such as iSupplier, iRecruitment, or iStore, you have potentially opened your entire environment to the Internet including all your financial and HR data. There are specific risks and inherent weaknesses in an Oracle E-Business Suite external deployment that must be properly addressed to prevent data loss or malicious use.
This education webinar follows our previous webinar "Into the Fire" (available upon request) and will discuss additional steps required for a secure implementation beyond the Oracle recommended configuration including deploying a web application firewall, a reverse proxy, and encryption.
Click here to register for the Oracle E-Business Suite webinar. -
Decide Whether To Build Or Source Your Customer Service Operations
Posted on February 28th, 2012 No commentsThis report outlines the building versus sourcing part of Forrester's solution for application development and delivery (AD&D) executives looking to build, buy, or outsource a customer service solution. This report is designed to help AD&D execs understand how best to build their organization's customer service solution. Customers demand superior service and support as the price of their ongoing loyalty and patronage. One way to standardize and optimize customer service operations is to outsource your contact center technology and/or customer service agents. There are many outsourcers that offer a range of services in many languages and geographic locations and specializing in various industry verticals. This report describes how to recognize which contact center is the right choice for you company, spotlights the capabilities of eight leading outsourcing vendors, and offers actionable recommendations for how to successfully partner with an outsourcer. -
Online Customer Service Functionality Benchmark: US Airlines
Posted on February 28th, 2012 No commentsForrester evaluated the online customer service offerings of the four largest US airlines: Delta Air Lines, United Airlines, Southwest Airlines, and American Airlines. Our analysis uncovered a few strengths, such as Southwest's intuitive contact us page and American's and Delta's speedy customer service responses on Twitter. However, overall the airlines we evaluated were plagued by issues including a lack of contextual help, limited online self-service functionality, and usability issues. To improve online customer service, airline eBusiness professionals should focus on improving self-service content and consider extending online customer service technologies to include virtual agents and proactive live help. -
Teleconference: Predictions 2012: What Will Happen In Market Research
Posted on February 28th, 2012 No commentsIn 2011, we saw Market Insights Professionals take their first steps on the path to adding social to their research mix, measuring their contribution to the organization, fostering internal collaboration, and building influence. -
Market Overview: Mobility Services
Posted on February 27th, 2012 No commentsThe emerging mobility services market creates choices for buyers. Leading organizations are scrambling to create mobile experiences for employees, partners, and customers — both applications and mobile web experiences. But the hodgepodge of devices and operating systems makes this task challenging — and the proliferation of both makes developing apps a moving target. Many firms turn to third-party experts to gain speed and experience on design best practices and technology know-how. But whom should they work with? The market is crowded with agencies, technology boutiques, multinational consultancies, offshore specialists, telecommunications companies, and other options. This report reviews key player segments of the mobility services market and the tradeoffs between the services each segment provides. -
Case Study: Vanguard Uses Social Media To Learn From Its Clients
Posted on February 24th, 2012 No commentsAdoption of social media among investors is relatively high, but many investment firms have been slow to embrace the medium. The Vanguard Group has had success by using social media to engage with and learn from its clients and now feels that it has a better sense of what clients want to hear from Vanguard. In the past five months, its Facebook and Twitter audience has nearly tripled. By using the people, objectives, strategy, and technology (POST) methodology, other investment firms could enjoy similar success. -
Solution Architecture Tool Kit: Overview
Posted on February 24th, 2012 No commentsThis tool kit discusses the role and importance of solution architects, the solution architecture process, templates for solution architecture deliverables, and solution architecture best practices. -
Market Overview: Data Center Networking Solutions, Q1 2012
Posted on February 24th, 2012 No commentsOver the past year, infrastructure and operations (I&O) professionals have focused their enterprise networking efforts on readying network infrastructure to support virtualization, consolidation, and enabling a private cloud. The networking industry initially missed the virtualization train and has been playing catch-up ever since. Vendors have raced to release products and solutions geared toward helping the networking teams catch up to the virtualization revolution. This report focuses on critical selection criteria for evaluating the data center networking vendors and the ways in which your maturity with server virtualization should influence vendor choice. -
The Forrester Wave(tm): Global Commerce Service Providers, Q1 2012
Posted on February 24th, 2012 No commentsIn Forrester's 72-criteria evaluation of the top 12 global commerce service providers (GCSPs), we found that SapientNitro, Deloitte, and IBM Global Business Services (GBS) led the pack with their comprehensive suite of services, global reach, customer base, and focus on multichannel commerce. Accenture, Acquity Group, Rosetta, Razorfish, HCL, Infosys, and arvato Systems represent strong providers with varying strengths and differentiators. Wipro and Valtech represent effective providers, but with limitations. With this report, we evaluate these firms to help eBusiness, channel strategy, and technology leaders determine the best service providers for their company to work with as they embark on programs to transform their company in the era of agile commerce. -
Case Study: Philips Uses eLearning To Communicate The Benefits Of Net Promoter
Posted on February 23rd, 2012 No commentsOne of the challenges that market insights professionals struggle with is the communication of research results across the organization. The Customer Experience and NPS team at Philips was tasked with promoting Net Promoter Score (NPS) to the global organization. After looking into a number of options, the team decided to opt for eLearning with a twist — using humor as a way to communicate and train. Philips developed a short, interactive quiz with Jellyvision Lab that explains the basics of NPS and delivers a "sticky message." Within six months, more than 16,000 employees had taken the training, with very positive results. Next steps include adding more interactivity to the module and launching new promotion activities. -
Determine Your Workforce Computing Hardware Budgets For 2012
Posted on February 23rd, 2012 No commentsIT infrastructure and operations (I&O) leaders spend nearly 25% of their IT hardware budget on workforce computing hardware. However, Forrester finds that these priorities and budgets favor security and efficiency that don't align with the expectations of empowered employees for improved choice and user experience. It's imperative that I&O budget holders get this right in 2012 as heightening user frustrations with the corporate PC coincide with new PC and tablet hardware architectures, client virtualization, bring-your-own-PC programs, and Windows 7 rollouts. This report provides guidance for I&O executives looking to set their workforce computing hardware budgets for the remainder of 2012. It's designed to help I&O execs understand what's changing that will affect budgets and make better trade-offs to preserve flexibility and choice for their internal customers. -
Gone Shopping: US Auto And Home Insurance Buyers Will Test eBusiness Strategies In 2012
Posted on February 23rd, 2012 No commentsAfter a record year for claims, a continued poor investment climate, and an economy mired in the doldrums, rates in the US for auto and especially homeowners insurance have no place to go but up. With six quarters of rising premiums being served up by insurers now, consumers are going online to shop for the best insurance deals. It comes as no surprise that price is the primary impetus for switching insurers. But it is surprising that an insurer's newest customers — ones who've been customers for less than a year — are the ones most likely to elope with the competition, sometimes resulting in relationships more fleeting than Kim Kardashian's marriage. This report examines which customers are more likely to be shopping and why, and it outlines five strategies that insurance eBusiness teams can employ to capture and keep customers' attention to prevent them from defecting to the competition. -
Case Study: Designing Humana’s Mobile Suite
Posted on February 23rd, 2012 No commentsMobile is quickly becoming a key touchpoint for consumers across industries, and health insurers are no exception. Insurers are jumping on the mobile bandwagon, but many are still unsure of how to drive strategic value from their mobile investments. This report looks at how Humana organized and invested to ensure that its mobile platform enhanced and complimented its multichannel experience, rather than simply adding one more touchpoint to the fray. -
Teleconference: The CISO’s Guide To Virtualization Security
Posted on February 23rd, 2012 No commentsThe benefits of virtualization are well known and enterprises have embraced the technology. As organizations seek to increase virtual server utilization and navigate a complex compliance landscape, it is critical that Security & Risk Professionals take a new approach to virtualization security. In this webinar, Forrester discusses the risks associated with virtualization and provides guidance to ensure that your virtualization security strategy has a solid foundation. -
Africa’s ICT Forecast Looks Increasingly Cloudy
Posted on February 22nd, 2012 No commentsAfter years of stagnant enterprise spending on information and communications technology (ICT), Africa is gearing up for a new period of growth. As political stability across the continent gradually improves, a middle class with disposable income will drive consumer spending — and the increasing availability of high-bandwidth networks will offer tech vendors new growth opportunities related to cloud computing. But Africa is far from a homogeneous whole — so vendor strategies will have to reflect the specific regional and vertical aspects of each distinct market. This document outlines the key drivers for cloud computing in Africa, defines the target segments with the best chances for sustainable growth, and provides a view on the best practices for local go-to-market strategies. -
Case Study: Ameriprise Uses LinkedIn To Help Consumers Find Advisors
Posted on February 22nd, 2012 No commentsSocial media will have an outsized impact on relationship-based businesses like investment firms, life insurers, and private banks. Some of these wealth management firms are piloting programs that enable their advisors and agents to participate in social networks. Ameriprise Financial has gone a step further, empowering consumers to use LinkedIn to find connections who can provide referrals on prospective advisors. Smart eBusiness and channel strategy professionals at other wealth management firms should follow the company's lead in order to improve their firms' ability to acquire clients and recruit agents and advisors. -
Case Study: Pizza Pizza Cooks Up A Successful Mobile App
Posted on February 22nd, 2012 No commentsOne of Canada's largest pizza chains wanted to be the first to market with a mobile experience that offered greater convenience to its customers. The company partnered with mobile agency Plastic Mobile, and together the two firms engaged in a customer-centric design process that resulted in a mobile app that exceeded their expectations. Firms new to mobile and even those that are planning second- or third-generation mobile offerings can learn from Pizza Pizza's example. -
The Marketing Of Market Insights: How To Build Internal Relationships And Influence
Posted on February 22nd, 2012 No commentsMarket insights professionals often face challenges in building awareness and influence within their companies. To better understand how market insights can overcome these issues, Forrester spoke with five companies with empowered market insights organizations, as well as one CMO, for an executive view of what market insights should do. This report contains their stories and guidance on overcoming roadblocks to success, optimizing internal relationships ("making friends"), and learning how to deliver high-impact insights to build influence, in some cases all the way up to the executive level. -
The State Of Online Testing 2011
Posted on February 22nd, 2012 No commentsIn Q4 2011, Forrester surveyed 71 online testing practitioners about their online testing practices. Online testing has broad appeal for addressing a variety of challenges on websites of all sizes, but adoption is uneven because users skew toward directly monetized websites targeted primarily at consumers. Survey respondents indicate that experience, process, and resource constraints throttle their efforts to scale up online testing programs. While testing delivers measureable benefits across a range of success metrics, firms must commit to investing in online testing programs to achieve scale and long-term success. -
Empowered BT Redefines The Traditional IT Archetypes
Posted on February 21st, 2012 No commentsThe empowered era has transformed the role of IT within the enterprise. Five years ago, we identified three archetypes for the IT organization: Solid Utility, Trusted Supplier, and Partner Player. But in the emerging world of empowered business technology (BT), the IT org's traditional role as an order taker is long gone, and few IT shops continue to operate as Solid Utilities. As a result, two archetypes exist for the IT group today: aligned IT and empowered BT. Many IT groups continue to operate as the aligned IT archetype — service providers to the enterprise, for which the distinction between a utility and a supplier has essentially disappeared. But the empowered BT archetype plays a much more strategic role, operating as a technology-savvy partner to the rest of the corporation. By understanding their archetype, CIOs can better articulate their group's strategy, dictate tradeoffs, and achieve their goal of running IT more like a business. Executive management's expectations continue to dictate which archetype the CIO has to deliver, but CIOs can drive toward the empowered BT archetype by focusing on business value delivered through the overall maturity of their organization's strategy, governance, structure, and innovation. -
EA Skills Development Tool Kit
Posted on February 21st, 2012 No commentsThis tool kit will help address how to develop the skills needed to prime the EA team for success. We provide a variety of proven and tested architecture skills development techniques suggested by our clients. It will help you put together either a structured, formal skills development program or a more opportunistic approach, depending on which tactic better suits your organization's individual culture. -
With Vast Government Cloud Opportunities In Asia Pacific, Vendors Need To Know Where To Look
Posted on February 21st, 2012 No commentsEconomic, technological, and behavioral changes are driving a fundamental transformation in how governments deliver services. Asia Pacific governments will leverage cloud computing to create more robust, cost-effective delivery platforms to save costs, improve collaboration and efficiency, and bring transparency to the entire government system. Also, cloud holds a strong potential for providing a shared and secured infrastructure for consolidation of data, services, and applications for governments to better manage citizen- and business-centric requirements. Forrester predicts that governments across Asia Pacific will gradually move from a department-centric model to a more mature, integrated, and collaborative virtual private cloud approach, which Forrester defines as government cloud (g-cloud). This report describes how the g-cloud market will evolve over the next decade and outlines the steps that will help vendor strategists take advantage of this transformation. In particular, we describe key opportunities that will emerge for cloud vendors as governments accelerate their investments in g-cloud initiatives. -
Teleconference: Your Enterprise Data Virtualization Strategy 2012
Posted on February 21st, 2012 No commentsGrowing volumes of increasingly complex structured/unstructured data delivered in real time, combined with the need for greater agility to support new business initiatives, are driving the need for a new data integration layer. Traditional data integration approaches can't address these new requirements. How can you quickly integrate many sources to deliver trusted data to enable business decisions? How can you exploit the wealth of information hiding in your databases that is too complex for business users to use in real time? Data virtualization delivers the next-generation data integration platform to deliver trusted, real-time and near-real-time data across your enterprise. This webinar explores why data virtualization has become a valued solution approach for all enterprises. We examine current data virtualization adoption, use cases, and futures and review the recent Forrester Wave&trade on data virtualization to highlight key vendors. -
B2B Marketing Trends And Predictions For 2012
Posted on February 21st, 2012 No commentsLast year, B2B CMOs were challenged with increasing marketing's impact on revenue, adapting to rapidly changing buyer behaviors, and delivering exceptional customer experiences. In 2012, they will go from experimenting with new tools, devices, and channels to applying them to deliver real customer value. Read this report to better understand the trends you need to be tracking and how they will affect your strategic decisions this year. -
Managing An IBM Software Audit
Posted on February 21st, 2012 No commentsAn unexpected IBM software audit can sow the seeds of partner discontent in a good supplier relationship. With the official arrival of an IBM software audit letter, your IT organization must immediately take on the process of identifying all the licenses that your company bought and deployed. If you're like many companies, IBM licenses can grow unabated and lead to an audit that serves as shock therapy, forcing you to correct any incompliance and leaving you to ponder the enormity and complexity of your IBM infrastructure. However, a software audit doesn't have to turn out that way. Preempt a rift in your IBM relationship by understanding the steps in the audit process. -
Using Facebook Login To Your Advantage
Posted on February 17th, 2012 No commentsEveryone remembers Microsoft's Passport service, positioned to be a ubiquitous sign-on protocol across the Web and at one time adopted by web giants including eBay, Expedia, and Monster. However, the service never caught on with consumers or online privacy advocates and was subsequently rebranded as a solution central to Microsoft's own online services. In 2012, however, eBusiness professionals at leading media companies, travel firms, and retailers are re-opening the history books and allowing their customers to register online using third-party identity profiles from Facebook, Twitter, Google, and, yes, Microsoft. eBusiness professionals are primarily integrating social login to drive an increase in online conversions and retention; however, some eBusiness pros are looking beyond the tactical benefits to long-term strategic opportunities. In this report, we explore the pros, cons, how-to's, and best practices of integrating social login into your online and mobile sites.