The "High-Tech Olympics," Security Holes, IT Job Dissatisfaction and More

This issue of Trendlines from the 8/01/08 issue of CIO magazine covers the latest technology news including why Endpoint security holes are problem, charitable opportunities for IT workers, advancement in PC data theft and the push for Broadband across the U.S.

Beijing Prepares for "High-Tech Olympics"

All over Beijing, Olympic countdown clocks tick off the seconds until Aug. 8, 2008, at 8:00 p.m., when the opening ceremonies of the Beijing Olympic Games begin.

But for China, the most important competition began in 2000, when Beijing was awarded the right to host the 2008 Olympic Games. Like firing a starter's pistol, the award began the race to build the IT infrastructure to stage and support one of the world's largest sporting events. Producing a "high-tech Olympics" was one of the Beijing Organizing Committee's (BOCOG) objectives. With a published operating budget of $2 billion, BOCOG estimates the technology portion of the budget at more than $400 million.

Preparing for the Olympics is like no other feat of project management. Leading the charge is Jeremy Hore, chief integrator of the 2008 Olympics. Hore spent six months with his company, Atos Origin, working on the Athens Games, and another six weeks on the 2006 Winter Games in Turin, Italy. "The most difficult thing is that the deadline is fixed," he says. "On other projects, you can delay if you need to, even if it has a bad impact." There are also limitations on which vendors' equipment and services may be used. "You don't have much control over choices because of sponsorships and partnerships," says Hore.

IT planning for the Games began in 2003. Forty percent to 50 percent of systems planning is carried over from the last Olympics and adapted to local conditions. In 2004, Hore and his team began designing the fully redundant systems, determining their requirements and testing needs. The following year they concentrated on building the systems and testing facilities to fit in the two years of trials required by the Olympics committees. Just as athletes train for years for the Games, IT people hold 200,000 hours of trials in total. Atos dedicated about 100 people to conduct tests. Some systems, such as those for managing accommodations for athletes and Games personnel, had to be operational three years in advance.

One new technology getting a limited run-out during the Olympics is IPv6 (Internet Protocol version 6). It does a better job of supporting applications like videoconferencing and high-definition television than its predecessor, IPv4, and offers opportunities for lower-cost construction of security networks and monitoring devices. IPv6 may help security forces watch the millions of spectators, but it is doubtful it will help spectators watch the Games. Fang Meiqin, senior consultant at technology consultancy and research firm BDA, says, "I don't think the ordinary consumer will notice [IPv6 is in use]. It's mainly for the organizers' and government usage."

So in terms of technology advances enjoyed by visitors, the Beijing Olympics may fall short. Case in point: China is offering 3G services but only for BOCOG affiliates who received one of 15,000 handsets provided by Games sponsor Samsung. Customers from other nations, such as Japan, Korea and the U.K., will not be able to use their 3G phones in Beijing.

-Steven Schwankert

Endpoint Security Holes an Open Door for Attackers

Everyone knows that there's no such thing as 100 percent security, but it's unlikely that most businesses realize how insecure they really are. Now, new research on endpoint security exposes their vulnerability.

Eighty-one percent of corporate endpoints probed by IT security and control product vendor Sophos failed basic security tests, either by lacking Microsoft security patches, having disabled client firewalls or missing endpoint software updates.

For 40 days, Sophos ran its Endpoint Assessment Test, a free, online scanning service that checks for endpoint security vulnerabilities. The test was performed against 583 corporate endpoints from around the world. Test results showed that 63 percent were missing at least one Microsoft security patch; more than half had their client firewalls disabled; and 15 percent had out-of-date or disabled endpoint security software.

"Ultimately, machines that fail such a test represent 'low-hanging fruit' for cybercriminals and a real danger to their corporate networks," Bill Emerick, vice president of product management for Network Access Control, said in a statement. Sophos says 39 percent of those tested were part of an organization with fewer than 100 employees; 36 percent had between 100 and 1,000 employees; and 25 percent were from organizations with more than 1,000 employees.

-Shawna McAlearney

IT Leaders Can't Get No Job Satisfaction

Among all functional executives, IT leaders have the lowest level of job satisfaction, according to a survey conducted by executive career and recruiting network ExecuNet. Just over half (53 percent) of the 286 IT executives who responded to the survey say they're satisfied with their current jobs.

Finance executives expressed the greatest job satisfaction, with 68 percent claiming contentment, followed by HR (65 percent), marketing (63 percent), general management (61 percent), sales (54 percent) and bringing up the rear, IT.

Dave Opton, founder and CEO of ExecuNet, thinks IT leaders are the least satisfied executives for a variety of reasons. Chief among them: They're not doing work that truly excites them because of weak economic conditions and companies' general reluctance to adopt leading-edge technologies.

"The people who migrated to IT careers are motivated and stimulated by being able to work with things that are state of the art," says Opton. "The number of companies that are prepared to keep their organization state of the art are not as profuse."

The other major reason Opton says IT executives are unhappy is due to the thankless nature of their role. "IT, in many cases, doesn't get the respect that some of the other, more traditional functions, such as marketing and finance, get," he says.

The results of the ExecuNet survey, which was conducted online from last November to January, differ from research Harvey Nash Executive Search released earlier this year on CIO job satisfaction. The Harvey Nash study found that 79 percent of IT leaders found their jobs fulfilling while reporting a 9 percent decrease in IT leaders' job satisfaction from 2007 to 2008.

-Meridith Levinson

Flex Your I.T. skills to Fight Poverty

Volunteering If you ever regretted not joining the Peace Corps, now's your chance to lend your time and skills to a developing nation.

Finca International, a nonprofit that provides financial services to the low-income entrepreneurs in Africa, Latin America and Eurasia, is seeking volunteers with IT skills to help expand its mission of fighting poverty.

Finca CIO Jiten Patel says as countries transform into regulated financial entities, the lender is replacing the home-grown applications each country has used to manage its operations with off-the-shelf community banking software. The new software will allow Finca to expand the services it provides to its customers, more 70 percent of whom are women. It should also help streamline processes and lower operating costs so better interest rates can be offered to customers.

The organization needs project managers, business analysts, architects, software quality assurance experts, Oracle DBAs and Sybase DBAs to help with the implementations in each region. It also needs creative LAN and WAN experts.

While the work is unpaid, Finca offers airfare, room and board. Most volunteers are needed for three months to six months. Patel says volunteers benefit from a range of cultural experiences and get to improve their soft skills. Interested parties can contact Patel at jpatel@villagebanking.org.

-Meridith Levinson

Researchers Find New Ways to Spy on PCs

Data Theft Researchers have developed two new techniques—which seem ripped from the pages of spy novels—for stealing data from a computer.

Researchers at Saarland University in Saarbrucken, Germany, read computer screens from their tiny reflections on glasses, teapots and other objects. A team at the University of California, Santa Barbara, found a way to analyze a video of hands typing on a keyboard to guess what was being written.

Computer security research tends to focus on the software and hardware inside the PC, but this kind of "side-channel" research looks at the physical environment. Much of this work has been top secret. But side-channel hacking has been in the public eye too.

In fact, if you've seen the movie Sneakers, then the University of California's work will have a familiar ring. A minor plot point in this 1992 Robert Redford film about security geeks was the inspiration for its work. Redford's character tries to steal a password by watching video of his victim entering it into a computer. Redford's character never gets the password, but the UC researchers' ClearShot tool might have, says Marco Cova, a graduate student at the school.

ClearShot analyzes video of hand movements on a keyboard and transcribes them into text. The software, which uses a webcam, is accurate about 40 percent of the time.

The Saarland University team trained telescopes on targets that might catch a computer monitor's reflection: teapots, glasses, bottles and spoons. They got some amazingly clear pictures. All it took was a $500 telescope trained on a reflective object in front of the monitor. Michael Backes, a professor at Saarland's computer science department, says he's already demoed his work for a government agency, one that he declined to name. "It was convincing to these people," he says.

The Saarland researchers are working out new image-analysis algorithms and are training astronomical cameras on their subjects in hopes of getting better images from even more difficult surfaces, such as the human eye.

-Robert McMillan

Operation Broadband U.S.A.

A group including FCC member Jonathan Adelstein as well as several high-profile technology executives and industry advocates have launched an initiative to make broadband access a national priority.

Called InternetforEveryone.org, the initiative aims to foster public dialogue on how to set a national broadband policy. Industry luminaries supporting the effort include Stanford University law professor Larry Lessig and Google Chief Technology Evangelist Vint Cerf, one of TCP/IP's developers.

Broadband advocates have complained that the U.S. government has not made widespread broadband adoption a priority and, according to the Information Technology and Innovation Foundation, lags behind several nations in purchasing broadband access.

Adelstein says a lack of a national policy directly contributes to its citizens trailing other countries in the adoption of broadband and potentially in other social, educational and economic endeavors. "The [U.S.] government has had a policy of benign neglect, and we're falling faster and faster behind," he says.

Lessig, an outspoken critic of government Internet policies, says lawmakers have allowed a "Neanderthal policy" to govern access to broadband for the past eight years. While he says the private business sector has a central role in ensuring that people have access to broadband, the Internet touches so many parts of American life that the government can no longer take a backseat to creating policy that fosters adoption among its citizens. Some of the key problems surrounding giving everyone in the U.S. access to broadband are the price and lack of access in rural areas.

-Elizabeth Montalbano

Big-Picture CIOs Moving Up and Out

On the move CIOs continue to grow into executive-level positions outside of IT.

Medical products manufacturer Vital Signs promoted its CIO, Alex Chanin, to COO and Joe Bayern, a one-time CIO of Snapple, was named president of energy-drink maker Boo Koo Holdings. Barbara Desoer, who most recently served as Bank of America's chief operations and technology executive, was appointed president of the company's consumer real estate business. And last June, Mike Kistner was promoted from COO of travel services provider Pegasus Solutions to CEO.

Kistner, who began his career as a programmer, attributes his rise to two main factors: his ability to solve business problems and the mentoring he received from Harvey Jewett, former CEO of Super 8 Motels.

While with Super 8, Kistner was able to move into business operations by demonstrating an ability to apply the analytical skills he honed as a software developer to leading the hotel chain to run its call center, corporate travel department and other functions more efficiently.

When Kistner became Super 8's EVP of operations, he says he expressed concern over his understanding of the functions he was managing. Jewett's advice? "Determine objectives and put together plans to execute and be successful."

Kistner recommends that IT managers who aspire to move outside of IT "look at the big picture" and understand their company's real business objectives today. Business problems don't always need to be solved with technology. "Focus on what it takes to drive business forward as opposed to what it takes to drive IT forward," he says. "They aren't necessarily one and the same."

-Meridith Levinson

Copyright © 2008 IDG Communications, Inc.

7 secrets of successful remote IT teams