CCH Tax Day ReportThe IRS has finalized previously issued temporary regulations (T.D. 9669, I.R.B. 2014-28, 103) that permit the full participation in a summons interview of persons with whom the IRS or the Office of Chief Counsel contracts for services under Code Sec. 6103(n). The IRS officers and employees remain responsible for issuing summonses and developing and conduction examinations.Full participation includes receiving, examining and using summoned books, papers, records, or other data. The temporary regulations had used the term, review instead of examine in describing full participation. This revision also clarifies that the regulations do not permit contractors to direct examinations of a taxpayer’s return. Contractors may be present during summons interviews, question the person providing testimony under oath and may ask a summoned person’s representative to clarify an objection or an assertion of privilege.All inherently governmental functions, such as deciding whether to issue a summons, deciding whom to summon, what information must be produced or who will be required to testify, and issuing the summons will be performed by an IRS officer or employee. Further, any contractor that the IRS authorizes to ask questions of summoned witnesses testifying under oath must do so in the presence and under the guidance of an IRS officer or employee.T.D. 9778, 2016FED ¶47,036T.D. 9778, FINH ¶43,154Other References:Code Sec. 7602CCH Reference – 2016FED ¶42,822CCH Reference – FINH ¶22,640Tax Research ConsultantCCH Reference – TRC IRS: 21,056
CCH Tax Day ReportSales of computer systems and licenses of computer software applications in exchange for one-time prepaid software license fees and related monthly license and support fees are exempt from Illinois sales tax. A license of software is not a taxable retail sale if (A) It is evidenced by a written agreement signed by the licensor and the customer; (B) It restricts the customer’s duplication and use of the software; (C) It prohibits the customer from licensing, sublicensing or transferring the software to a third party (except to a related party) without the permission and continued control of the licensor; (D) The licensor has a policy of providing another copy at minimal or no charge if the customer loses or damages the software, or permitting the licensee to make and keep an archival copy, and such policy is either stated in the license agreement, supported by the licensor’s books and records, or supported by a notarized statement made under penalties of perjury by the licensor; and (E) The customer must destroy or return all copies of the software to the licensor at the end of the license period. This provision is deemed to be met, in the case of perpetual license, without being set forth in the license agreement. The licenses granted by a company to its customers are evidenced by a written agreement or Master Service Agreement (MSA). The MSAs qualify as exempt because they meet each of the criteria of a nontaxable software license. Specifically, for example, the MSAs state that customers may make backup copies of the software licensed. Because the software license fees are nontaxable, the related support fees are also nontaxable. The taxability of repair or maintenance agreements was also discussed.Private Letter Ruling, ST 16-0003-PLR, Illinois Department of Revenue, March 23, 2016, released August 2016, ¶403-117
Congress remains on recess. Lawmakers are scheduled to return to Washington after Labor Day. The Treasury Inspector General for Tax Administration (TIGTA) released a number of audit reports with one report finding that the IRS needs to improve its processes for assisting victims of employment-related identity theft. The IRS issued hardship relief for victims of recent storms and flooding in Louisiana. The IRS also issued final regulations that provide clarifying definitions for real property as it relates to real estate investment trust (REIT) provisions, as well as regulations that define terms related to marital status.TreasuryIRS Personnel Direct Contact. The Treasury Inspector General for Tax Administration (TIGTA) has released its review of restrictions on IRS personnel directly contacting taxpayers (Ref. No. 2016-30-067; TAXDAY, 2016/09/01, T.2). TIGTA is required to annually report on the IRS’s compliance with the legal addressing the direct contact of taxpayers and their representatives to help ensure that taxpayers are afforded the right to designate an authorized representative to act on their behalf in dealing with IRS personnel.Identity Theft. TIGTA has found that the IRS needs to improve its processes for assisting victims of employment-related identity theft (Ref. No. 2016-40-065; TAXDAY, 2016/09/01, T.1). Following its report, TIGTA recommended that the IRS develop procedures to notify all individuals identified as victims of employment-related identity theft.Collections. In addition, TIGTA reviewed the IRS’s process related to the disclosure of joint-filer collections activities (Ref. No. 216-30-060; TAXDAY, 2016/09/02, T.2). TIGTA reported that IRS management information systems did not separately record or monitor joint filer requests and found that IRS employees may not be providing information guaranteed under Code Sec. 6103(e)(8) or Code Sec. 6103(e)(7) because not all IRS Automated Collection System employees were trained to know that taxpayers were entitled to this information.Internal Controls. TIGTA also found that the IRS had made progress in addressing certain aspects of its internal control weaknesses that affect its financial reporting (Ref. No. 2016-10-063; TAXDAY, 2016/09/02, T.1). However, the report noted that the IRS did not properly document all of the Government Accountability Office (GAO) recommendations within its FY 2015 remediation plan.IRSDisaster Relief. The IRS announced relief for victims of recent storms and flooding in Louisiana that began on August 11, 2016, IR-2016-115; Ann. 2016-30; TAXDAY, 2016/08/31, I.2). The relief will allow loans and distributions from employer-sponsored retirement plans to employees and certain members of their families who live or work in the disaster area.REITs. The IRS issued final regulations that clarify the definition of real property for purposes of the real estate investment trust (REIT) provisions of Code Sec. 856 through 859 (T.D. 9784; TAXDAY, 2016/08/31, I.1).Marital Status. The IRS released final regulations providing that the terms “spouse,” “husband” and “wife” mean an individual lawfully married to another individual, and the term “husband and wife” means two individuals lawfully married to each other (T.D. 9785; TAXDAY, 2016/09/01, I.3).Geological and Geophysical Expenses. In a Field Attorney Advice, the IRS determined that the common parent of a consolidated group that was a major integrated oil company under Code Sec. 167(h)(5)(B) could not include the remaining amount of amortizable geological and geophysical expenses (G&G) in its calculation of gain or loss on the disposition of the properties (FAA 20163501F; TAXDAY, 2016/09/02, I.1).Withholding The IRS has encouraged taxpayers to do a midyear assessment of their tax withholding (IR-2016-117; TAXDAY, 2016/09/01, I.1). The Service cautioned that provisions in the Protecting Americans from Tax Hikes Act of 2015 (PATH Act) (P.L. 114-113) may impact tax year 2017 refunds.Asset/Liability Percentages. The IRS has provided the domestic asset/liability percentages and domestic investment yields needed by foreign life insurance companies and foreign property and liability insurance companies. These percentages and investment yields are used to compute minimum effectively connected net investment income under Code Sec. 842(b) for tax years beginning after December 31, 2014.Statistics of Income. The IRS announced that it the Statistics of Income–2014 Individual Income Tax Returns Complete Report (Publication 1304) is now available to the public (IR-2016-118; TAXDAY, 2016/09/01 I.2). According to the report, U.S. taxpayers filed almost 148.6-million individual income tax returns for tax year 2014, up 1.9 percent from 2013.Cybercrime. The IRS released a new YouTube video urging tax professionals to take the needed steps in guarding their data and protecting their clients from identity theft (IR-2016-116; TAXDAY, 2016/08/31, I.3). The video spotlights the “Protect Your Clients; Protect Yourself” campaign recently launched by the IRS Security Summit. The IRS also cautioned tax professionals to be alert for cyberattacks (IR-2016-119; TAXDAY, 2016/09/06, I.2.By Jessica Jeane and Jalisa Mathis, Wolters Kluwer News Staff
CCH Tax Day ReportFor corporate income tax purposes, the Kansas Department of Revenue has issued a private letter ruling discussing how to end a two-factor apportionment method election prior to the expiration of the 10-year period. The department stated that there are no specific requirements that must be met prior to the Secretary of Revenue considering such a request. Instead, each request is considered based on its facts and circumstances and decisions are made on a case-by-case basis.Private Letter Ruling No. P-2016-011, Kansas Department of Revenue, August 15, 2016, ¶201-877Other References:Explanations at ¶11-520
North Carolina provided guidance on IRC §965 income reporting for corporate and individual income taxpayers. The guidance provides details on how to report the income on 2017 North Carolina:C corporation tax returns (Form CD-405);S corporation tax returns (Form CD-401S);partnership income tax returns (Form D-403);estate and trust income tax returns (Form D-407); and individual income tax returns (Form D-400).What Is IRC §965 Income?The Tax Cuts and Jobs Act of 2017 (TCJA) enacted IRC §965. It requires taxpayers to include untaxed foreign earnings and profits (E&P) from post-1986 tax years in their Subpart F income. It also allows a deduction for part of the earnings that reduces the tax rate.Taxpayers must report the entire amount of IRC §965 on their 2017 federal income tax return. A taxpayer can elect to pay tax on the income in installments over several years.What if a Taxpayer Already Filed a 2017 Return?Taxpayers that already filed a 2017 North Carolina income tax return and owe tax on IRC §965 income must file an amended return. A taxpayer can avoid penalties by paying the tax with the amended return.Interest accrues on any unpaid tax. A taxpayer can request a waiver of penalties.Can Taxpayers Make Installment Payments?The election to pay in installments does not apply to North Carolina taxpayers. Taxpayers must pay North Carolina tax on IRC §965 income when they file their tax return.Taxpayers who owe North Carolina income tax can request a monthly installment agreement. But, interest continues to accrue on any unpaid tax until paid in full.IRC Section 965 Repatriation Guidance, North Carolina Department of Revenue, August 21, 2018, ¶202-803Login to read more tax news on CCH® AnswerConnect or CCH® Intelliconnect®.Not a subscriber? Sign up for a free trial or contact us for a representative.
Beginning January 1, 2019, the King County Convention and Trade Center tax has been expanded to lodging businesses in King County, Washington with less than 60 lodging units.Lodging Businesses ImpactedThe tax will be imposed on the following lodging businesses:– vacation rentals,– short-term rentals, or– any other lodging.A lodging business within Seattle will charge 7% while a business in any other King County location will charge 2.8%.ExclusionsThe following lodging businesses are excluded from the tax:– lodging businesses located in a town with a population of less than 300,– hostels,– lodging businesses operated by a university health care system exclusively used for family members of patients, and– businesses offering temporary housing for (i) individuals treated for trauma, injury, or disease and their families; and (ii) operated by an organization or governmental entity registered as a charitable organization with the Washington Secretary of State or classified as a charity or private foundation by the Internal Revenue Service.Special Notice, Washington Department of Revenue, September 27, 2018, ¶204-403Login to read more tax news on CCH® AnswerConnect or CCH® Intelliconnect®.Not a subscriber? Sign up for a free trial or contact us for a representative.
(Missourinet) A Twitter post by President Donald Trump says the U.S. will soon control 100% of ISIS territory in Syria. U.S. Senator Roy Blunt, R-Missouri, tells Missourinet he has “real concern” with the president’s plan to withdraw troops from Syria and Afghanistan.“Even if you theoretically control territory you haven’t eliminated the ISIS threat,” he says. “There’s no discussion that ISIS has been eliminated or other organizations like that that use Syria and Afghanistan as havens for their efforts as they hurt us and our friends. It’s easier to stay in than it is to go back in if your staying in there has made a difference. Clearly, in Syria, Syria is in a much better place than it was with the previous administration’s attitude toward Syria.”Blunt goes on to say it’s not a good time to leave Syria and it’s not a good time to turn Syria over to Russia or Turkey.“I wouldn’t want to see that happen and Americans shouldn’t want to see that happen. This is a critical, central focal point of a lot of the world and a lot of damage can be done from there,” Blunt says.Blunt says the U.S. has worked since World War II to keep Russia, Turkey and Iran from having undue influence in middle eastern countries like Syria.
A Fulton man will serve seven years in prison for shooting a big gun while having a bunch of weed.Anson Robinson pleaded guilty to shooting an AR-15 along with two other men at the Carrington Pits Recreation Area last September. He also had more than 80 grams of marijuana that he was planning to sell, digital scales, and more than $800 in cash.The 18-year-old was already on probation for burglary when he was arrested again.
(AP) — Special counsel Robert Mueller said Wednesday he believed he was constitutionally barred from charging President Donald Trump with a crime but pointedly emphasized that his report did not exonerate the president. He cautioned lawmakers who have been negotiating for his public testimony that he would not go beyond his report in the event he appears before Congress.The comments were Mueller’s first public statements since his appointment as special counsel two years ago.“If we had had confidence that the president clearly did not commit a crime, we would have said so,” Mueller said. “We did not however make a determination as to whether the president did commit a crime.”Trump, who has repeatedly and falsely claimed that Mueller’s report cleared him of obstruction of justice, modified that contention somewhat shortly after the special counsel’s remarks. He tweeted, “There was insufficient evidence and therefore, in our Country, a person is innocent. The case is closed!”Mueller’s statement came amid demands for Mueller to testify on Capitol Hill about his findings and tension with Attorney General William Barr.Barr has said he was surprised Mueller did not reach a conclusion on whether the president had criminally obstructed justice, though Mueller in his report and again in his public statement Wednesday said that he had no choice because of a Justice Department legal opinion that says a sitting president cannot be indicted.Mueller, for his part, complained privately to Barr that he believed a four-page letter from the attorney general summarizing his main conclusions did not adequately represent his findings.
Charges came down on Monday for people tied to a shooting and a stabbing in Jefferson City on Sunday afternoon.Police say a man has severe injuries after he was shot in the stomach during a fight on East Miller Street. They’ve arrested Tyler McClinton, 18, over that.Alexus Munson, 21, is accused of stabbing her estranged husband on Cherry Street at about the same time Sunday. She claims she was acting in self-defense. The Tipton woman is accused of second degree domestic assault. Police say that husband lost a lot of blood, and had to go to a Columbia hospital.(This story was last updated at 9:01 a.m. Tuesday.)
(AP) The Trump administration says revoking an Obama-era rule on waters and wetlands would provide “much-needed regulatory certainty” for farmers, homebuilders and landowners.Writing in the Des Moines Register on Thursday, Environmental Protection Agency Administrator Andrew Wheeler and Assistant Secretary of the Army for Civil Works R.D. James call the Obama rule “an egregious power grab” that led to even isolated ponds being subjected to federal regulation.Wheeler and James say their proposed rule would clearly define “where federal jurisdiction begins and ends.” They say a new definition would be finalized in the winter.Environmentalists say the Trump administration move would leave millions of Americans with less safe drinking water.
Republican and Democratic lawmakers ripped President Trump’s decision to pull American troops out of northern Syria. Missouri U.S. Senator Josh Hawley was not one of them.The Republican said on 93.9 The Eagle’s This Morning with Gordon Deal on Wednesday that strong international sanctions can keep Turkey from slaughtering Kurds.“We can walk and chew gum. We can hold the Turks accountable, while also reducing our overall troop presence in the region and getting focused on the threats that are really pressing to us, which are counter-terrorism and ultimately China.”Turkey agreed this week to permanently stop fighting Kurdish forces in Syria.
Last week I was able to get a few minutes with Gregory Bryant (Code Name: GB) & asked him a few PRO questions that I think we all want to know about PRO. Here’s the first question about what makes him proud of the PRO journey ~ meaning why does it matter to him?nClick To Play
tI think what is awesome to know about GB is that he was an IT guy, living in the trenches & now his organization is making our Lives Easier.. If you liked this video, the next two questions are really good as well. Josh
Choosing the right method to measure security value is important but not necessarily intuitive.Some years ago, at the prodding of our department training expert, I developed a class teaching how to think critically while calculating information security value. The benefits of the course are twofold. The class helps security practitioners in creating more justifiable value assessments for their programs. Additionally, it assists audiences of such assessments to question the validity and identify weak justifications.I offered to teach the class once a year, internally to Intel, and figured the audience would dry up after the first class. For some odd reason people continued to sign up year after year. I honestly figured not many people would willingly choose to spend their time on such a dry subject. In the first year, mostly information security professionals attended. In subsequent years, to my surprise, a slew of people from finance, manufacturing, marketing, and product development have taken the course. Sitting in my Inbox is my annual notification for instructing the class, with a list of students from multiple countries already signed up. Curse you Bruce (training expert)!With such a diverse audience, I figured I would share some of the materials with the broader community. This is just a snippet, but one of the key chapters. Feel free to comment (all comments will be forwarded to Bruce)This section of the class touches on recommended methods to show value. This is not an all encompassing list, but probably the most common to information security programs. These are archetypes of measurement techniques, not specific questions or audits. Most techniques in use today can be classified into one of these archetypes. Each has a set of common characteristics with strengths, weaknesses, and applicability considerations. Knowing these characteristics is to understand how best to validate or challenge the metric.Information Security Metrics Archetypes#1 Metric Type: Standards-Based Gap AnalysisMethod: Compare the current state against a provided listMeasurement Scale: NominalPro’s: Shows gaps against defined standards. Can be very fast to accomplish, compared to other methodsCon’s: Does not show actual value, only alignment to a defined stateApplicability: Compliance to regulations, alignment to best-known-methodsOutput: Scorecard to expected compliance, gap list of non-compliant areasNotes: The value of compliance to a predefined standard resides in the applicability and comprehensiveness of the standard itself. Typically, it is also specific to a particular area of risk. Interpretation also can skew measures, if the standard is vague.#2 Metric Type: Raw Gap AnalysisMethod: Brainstorm from knowledgeable persons on what they think needs fixingMeasurement Scale: NominalPro’s: Identifies the most apparent issues to correct. May be as simple or complex as the organizer desires.Con’s: Reliant on expertise of teams doing the analysis. Not tied to any quantifiable savings.Applicability: Response to incidents which already occurred, to prevent recurrenceOutput: List of issues to correctNotes: The value resides in the knowledge of the people conducting the analysis. A mix of technologists as well as security is best, otherwise the output may lack real benefits#3 Metric Type: Project Progress TrackingMethod: Metrics which track the start-to-finish progress of a security projectMeasurement Scale: IntervalPro’s: Shows advancement and progress of a projectCon’s: Does not tie the project to any savings or benefitsApplicability: Project management effectivenessOutput: Performance against schedule/budget metricsNotes: This class of metric is often misused. Progress of project completion is largely independent of what value it provides once instituted. This can be used when a security project is a critical path item to another initiative where value is defined.#4 Metric Type: Qualitative Risk AssessmentMethod: Organized collection of concerns from knowledgeable persons on what they believe needs fixing and an explanation statement of the severity of the problemsMeasurement Scale: OrdinalPro’s: Generates a list of areas to address with prioritized descriptionsCon’s: Reliant on the expertise of teams doing the analysis. Not tied to any quantifiable savings. Can be time consuming. May not be comprehensive. May be skewed to only areas evaluated. Personalities of the team may significantly alter the priority descriptions of items.Applicability: Basic state of security gap analysis, scalable to an entire organization.Output: Description of prioritized line-item gapsNotes: This is one step above the Raw Gap Analysis method. Best use is to identify and describe the priority of the most severe issues. Rarely is this method comprehensive.#5 Metric Type: Qualitative to Quantitative Risk AssessmentMethod: Formal severity ranking, typically on a scale, of problems gathered from a Qualitative Risk exerciseMeasurement Scale: Ordinal to IntervalPro’s: Generates a prioritized list of areas to address, with relative values for comparison. Can track over time to show incremental changes.Con’s: Reliant on expertise of teams doing the analysis. Relative values are not tied to any quantifiable savings. Time consuming, requires tools for scalability. Expect +/- 40% accuracyApplicability: Advanced state of security gap analysis, scalable to an entire organization.Output: Ranked descriptions of line-item gapsNotes: This is one step more advanced from the Qualitative Risk assessment, giving numerical values to priority aspects (example: threat, vulnerability, consequences, etc.)#6 Metric Type: Vulnerability AnalysisMethod: Thorough inspection which documents all vulnerabilitiesMeasurement Scale: IntervalPro’s: Identifies a list of vulnerabilities which existCon’s: Existence of vulnerabilities is not tied to losses. Output can be overwhelming and underscores only a snap-shot in time of a rapidly changing environment. Can be very time consuming, requires tools and interpretation.Applicability: Applied to specific hardening initiatives or fed into a risk assessmentOutput: Descriptions of potential vulnerabilities, may be ranked on severity or overall exposureNotes: Vulnerability analysis poorly correlates to losses. Just because a vulnerability exists, does not mean it will be exploited. If exploited, it does not necessarily equate to a meaningful loss. Question any vulnerability analysis, which claims specific dollar savings!#7 Metric Type: Against Previous Performance/Operational EfficiencyMethod: Statistical comparison against historical data, known costs, and trends (example: actuary tables)Measurement Scale: Interval to RatioPro’s: Uses actual data to derive the measurement. Can show the value of a program. Can be used to both predict value as well as derive sustaining value after project landing.Con’s: Accuracy may suffer as historical patterns change. Significant work to accomplish this metric. Accuracy may be outdated quickly as the environment changes quickly.Applicability: Before and after comparison of effects for value measurements.Output: Historical performance and trend graphs showing relative positions. Net Present Value (NPV) for operational spending. Forecasts of high-level changes to risk. Can provide a ‘value’ in terms of dollars.Notes: Depending upon the historical data, it may not tie to actual security value. Data trends in the security field tend to be incomplete, limited, and can be manipulated. Operations costs may not reflect the benefit of security. Best when used to compare data prior and after landing a security program.#8 Metric Type: Value Calculation for a Return on Security InvestmentMethod: Financial model quantifying the dollar benefits of a security programMeasurement Scale: Interval to RatioPro’s: Uses actual data to derive the measurement, based upon trends and control groups. Potential to generate dollar values derived for both losses and loss prevented. May comprehend defense-in-depth solutions, showing the individual as well as cumulative value. Statistical predictions quantify accuracyCon’s: Extremely difficult to produce. Must have significant amounts of accurate data and understanding of the security environment. Must use complex calculations and factor in unknowns. Very difficult to scale. Tools and processes are not well defined or mature in the industry.Applicability: When sufficient historical data is available, an intuitive understanding of the security environment is present, and business values can be measured. For use when justifiable estimates of dollar value of a security program is needed.Output: Incident reduction metrics, estimated losses, and loss prevented metrics. Single Loss Expectancy (SLE), incident and loss predictions. Derived dollar value of individual security projects as well the value for multiple overlapping/complementary security systems.Notes: Not for the faint of heart. These types of analysis are ugly monsters to produce and validate. All assumptions, calculations, and data sources must be documented. Complete raw data sets must be provided. May include limited aspects of other measurement archetypes to fill in gaps, thereby affecting accuracy.Lastly, there is another choice which can be made: the decision to not measure the value of a security program. I think this option is pursued more often than not and done for the entirely wrong reasons. Measuring value is not easy. It consumes time, resources, requires expertise, and once it is published the author may be under the spotlight to answer and justify the analysis for years to come. But for all the sweat, tears, and pain, having a good understanding of the value, has merit for security programs of significant investment.On the other hand, the simple reality is that in many cases a full blown analysis does not make sense. For example, when a program is required to meet regulatory requirements or when the security investment is very small. I would not do a comprehensive value assessment for justification to purchase a $10 cable lock. Let common sense prevail. If the value must be understood to compare to other options, articulate security posture, or justify spending, then do an assessment. Otherwise, ask yourself if it is really needed.
Download Intel® SCS todayFollow us @IntelvPro or learn more at intel.com/go/scs Discover. Configure. Manage.Intel® Setup and Configuration Software: A modular cross-platform experience for securely discovering, enabling, and managing Intel features in business. We’re pleased to announce the latest version of Intel® Setup and Configuration Software (Intel® SCS). For years, this software has brought ease to the IT shop in assisting them to discover and turn-on key features of Intel® Active Management Technology (Intel® AMT) in the enterprise. A secure connection from the management console to the enterprise environment is now extending beyond AMT alone. Configure policies for IT manageability with the security and flexibility you need. In addition, the modular design supports 3rd-party solutions; so you choose the features you need! It is also compatible with MS System Center ConfigMgr (versions ’07 & ’12) via an add-on. Intel® SCS is even available in two additional languages: Simplified & Traditional Chinese. With the latest version of Intel® SCS you can discover even more Intel® capabilities on Intel® platforms in your environment such as:Intel® AMTIntel® SSD Pro 1500 SeriesIntel® Smart Connect TechnologyIntel® Small Business Advantage
The folks over at Legitreviews have an excellent how-to for improving graphics performance on the Haswell i5 NUC (doesn’t work for the i3). I walked through what they suggest and in theory it should boost performance. I decided not to try this on my i5 partly because it’s doing just fine as is for all the games my daughter plays on it, and partly because I don’t like to tempt fate. The method in the article would work but it would also increase the temperature of the CPU, especially when under load…you know, like when you’re playing a graphics-intensive game. With no way to improve/increase cooling in the NUC it would make me nervous to run it hot. It would probably be fine to run your system like this, but just as with overclocking a CPU you should proceed with caution. I’ve never been a huge overclocker because I like my stuff to last as long as possible and in the world of computers heat is the enemy.Still, if you want to squeeze every last drop of performance out of your i5 NUC, if you’re an overclock-aholic, and if you like being a little “dangerous” you can find their article here. One bit of (hopefully obvious) advice; read the WHOLE article. Don’t just read the first part and then dive in…know what you’re doing before you proceed.Good luck!Jason
Security can introduce new risks. A disturbing research report Opens in a new windowemerged exposing serious weaknesses in mainstream Anti-Virus (AV) applications. Software which is protecting millions of computers from malware, is itself vulnerable to attack and compromise. We all place trust and faith in our AV solutions to protect our devices, data, and experiences. Predominately client based software, they are at risk of containing vulnerabilities in their programing, just as any other application. Proper development, coding, and quality assurance testing are key to keeping all types of software free from bugs and potential exploitation. The very tools we rely upon for security may be turned against us. An attacker could exploit one of these weaknesses and compromise the device. This is not acceptable. Security technologists must drive to earn trust. It begins with the components they use, designs they create, software they write, and the manufacturing process to pull it all together. The tech industry as a whole has the growing responsibility to produce secure software, hardware, and services. The software sector already struggles with a dreadful number of flaws as they race to release new versions. Security software must be held to a higher standard, as they have built their customer bases with the expectation of providing additional protection against lesser software.The good news is two-fold. First, this research came to light by upstanding researchers who made the information publicOpens in a new window, been working with some of the vendors directly, and strongly advocates all security vendors go back and thoroughly test their products. The alternative, only malicious groups knowing of these vulnerabilities, could spell disaster for many. Secondly, most of the AV vendors quickly responded with fixes and likely have taken this bruising experience as motivation to further enact more robust development and testing as part of their release process.As for the security industry as a whole, we must all learn from this experience. No matter your role, we are all responsible for good processes, ethical practices, and to foster growing trust with every user of technology.Twitter: @Matt_Rosenquist IT Peer Network: My Previous Posts LinkedIn: http://linkedin.com/in/matthewrosenquistMy Blog: Information Security Strategy
Our experts at Data Center Resources have been dedicated to providing data center infrastructure solutions for more than 12 years. During this time we have worked hard to build and maintain relationships with leading manufacturers within the data center space, as well as having developed our own unique products. Contact us today to find out how we can help you make your data center greener. Implement remote power management – this will allow your data center to automatically turn off network hardware that is not being used, so you only need to power up your internal servers as and when they are needed. Not only does this save on your energy bill, but it will also reduce your cooling costs. If you use a remote power manager it can be preprogrammed to start up or shut down at fixed times.Use a liquid cooling system – most data centers are cooled by hot and cold aisles or raised-floor systems, but these are not the greenest or most cost-efficient means of cooling. A liquid cooling source utilizes much less energy yet will still maintain the same cool temperatures as an air cooling system.Update network cabling – if you’re serious about greening your data center, you should consider replacing your current cables with fiber optic cabling. Though this may be more expensive at the outset, it will pay for itself over time. Fiber cables cover a greater distance which eliminates switches grounding and HVAC.Use Energy-efficient Ethernet devices – each type you upgrade your equipment, bring in energy-efficient devices. By doing this alone, you can cut your company’s power use by more than 50 percent.Implement smart lighting – you don’t need the lights in your data center running 24/7. Install sensor lighting so that you will only be using lighting as and when needed, and you won’t have to worry about forgetting to turn it off. Whatever your industry it’s a smart move to reduce your carbon footprint in whatever way you can. Making your data center greener is a good way to go and it’s not as difficult or as costly as you may imagine. Here are some tips for making your data center more environmentally-friendly.
Me: Can you tell me a bit about the STEM programme you’re getting involved with? Shoubna: We don’t get many girls on the game design course but when we do get them, they really excel, but there are relatively few women working in the gaming industry. Because I’m a female teacher on the course I’d like to encourage girls to follow that path, particularly because the ratio of women to men gamers is about 49 to 51 – so roughly half and half. It makes sense that more females should go into the profession. Me: And how did you go from a gamer to someone who’s organising game design courses? Shoubna: I did a degree in media and communication and we covered some game design –from a societal perspective – which grew my interest. I actually came to the college to be a media teacher but found myself teaching games and eventually took over the role of course organiser. At the launch of the innovation hub at City College Coventry last month, I met teacher Shoubna Naika-Patel. She’s the organiser of the college’s game design course, where students cover all aspects of the industry from designing characters and scenery to narrative structure to marketing. Shoubna is also a STEM Ambassador for the college. This new programme hopes to encourage female students to pursue career paths in science, technology, engineering and maths, a subject close to our hearts. Last week I spoke to her about her course, the changing role of women in gaming and why girls excel on her course. Me: You mentioned to me that you have about 25 per cent girls in your second year and about 15 per cent in first year. Why do you think fewer women come out of school and into courses like this? Shoubna: I think that when students pick their GCSEs they either go into IT or pick an art-related subject. When students aren’t being taught IT at GCSE, they think “well, I can’t go and do an IT course at college, because they don’t have that background.” In addition, I don’t think people are aware of how much women are involved in the games industry, so the perception is that it’s a male hobby and a male industry. Me: What kind of male to female split would you like to see on your course? Shoubna: I’d ideally like to see a 50:50 split but obviously that’s going to take time. I think the key is getting schools involved, going in to talk to them, and encouraging girls to consider it. Me: Are there any female role models in the industry? Shoubna: There are women, but they tend to be hidden. Sometimes they might be at executive level, or they could be designers or modellers. It would be good to see their names out there so girls can recognise them. Me: Is there a difference between the types of games that girls and boys come up with on the course? Shoubna: The girls’ games tend to be quite narrative-driven. They often think outside the box so we see stories that are new to the industry. Last year I had a student who developed a story where you play as a girl who’s about to be forced into marriage and the whole gameplay element is about her sneaking around, avoiding her family and her future in laws. Themes that can be quite hard-hitting but which are very real for some people. Me: And finally, why do you think that when you do get girls, that they excel? Shoubna: I think they’re driven to do well. It might be that they want to prove a point; to say “yes I’m female but I can do this.” Do you teach any female gamers? Have any of your former female students gone into the games industry? We’d love to hear your feedback. Let us know in the comments below, or via our Twitter or Facebook page. • Subscribe to our newsletter for more updates • Discover more at our UK education homepage