CXO

Topics to have on your radar.

I just finished a bit of a whirlwind trip, during which I

was chased out of Miami by Ernesto, and thought I would share with you the

potpourri of ideas that came out of some of my recent discussions with

colleagues.

The topic I first wanted to bring to your attention came to

me as I was lifting off from Miami one day ahead of what—at the time—was a

possible category 1 hurricane. I’m sure you are thinking that I am about to

lecture on disaster recovery and preparedness, but I’m not. Well, maybe in a

sideways kind of way. I want to talk to you about insurance. LOL…that sounds

like I want to sell you some, but in

fact, many government entities are "self insured."

If those words don’t give you the heebee jeebies, they

should. Have you added up the cost of equipment in your data center lately? If

you haven’t, you should. More importantly, have you gone through the exercise

of determining what it would cost you to replace everything in your data center

at today’s prices? That is another exercise that you should perform. Then take

both of those numbers to your CFO, or Risk Manager, and ask if they are

prepared to fork out those kinds of dollars, in addition to consulting services,

to get your organization back up and running. Remind them that at the same time

you will be asking for these funds, every other department in your government

organization is most likely going to be asking for money at the same time.

And if you think FEMA is going to bail you out of the above

predicament, you better think again. Getting money FAST and FEMA usually don’t

go together in the same sentence.

I bring this up because there are local and even state

governments out there whose cash reserves, often known as “rainy day” funds, are

woefully under funded. Thus, they would not be prepared to handle your whopping

bill up front. This leads me to suggest creating a leasing agreement with a large

vendor such as HP, IBM, or GE Capital that would provide the hardware and help

to re-create a data center in the event of a catastrophe. Anyway, it's something

for you to think about as part of your disaster planning.

On a different topic, let’s talk about CALEA. Oh you know,

the Communications Assistance for Law Enforcement Act – everyone’s favorite

subject. I say this partly with tongue in cheek, because I think that some

local and state governments wrongly believe that they are not required to

comply with the recent FCC rulings regarding CALEA compliance. However, there

are a growing number of state and local governments who are dipping their toes

into the provision of Internet access to the general public, either through

wireless, broadband, dial up, or providing use through shared facilities.

If your organization falls in this category, you are more

than likely going to have to be CALEA compliant, particularly if you are

providing unauthenticated access to the Internet.

Now what does it mean to be CALEA compliant? Well, by the

FCC’s definition, that is clear as mud. The FCC has not clearly stated what it

means to be compliant – they just set a date by which you have to BE compliant.

Don’t you just love it?

Many of the CIO’s that I know are sitting down with their

legal counsel now, looking at the FCC’s rulings on CALEA, and attempting to

decide if they probably will need to comply or probably won’t. If they decide

that they probably will—they are letting their CFO and administration know that

they are probably going to need a hundred thousand dollars or so to become

compliant. That way, no one gets blind sided come compliance time, which by the

way, is MAY 14, 2007.

Changing subjects again, I can’t seem to get the disaster

that happened at Bluegrass Field in Kentucky out of my mind. Having flown out

of there on COMAIR flights myself on occasion I feel lucky not to have been on

that particular flight and my prayers go out to the families of those who lost

loved ones in the crash. However, doesn’t this whole scenario sound like it

could have been prevented if the right technological solution had been in

place? You would think that with all the position finding equipment that is

available these days, that there would be a way to ensure that these types of human

errors could be avoided. Given that the FAA is strapped for controllers, one

would turn to technology as a way of making up for the shortfall in people,

don’t you think?

Lastly, I heard on the radio this morning that AT&T had

their online store hacked and people who purchased DSL equipment had their

customer information stolen, including credit card information. If this proves

to be true, I can only shake my head and mutter, “encryption, encryption, and

encryption.”

Editor's Picks

Free Newsletters, In your Inbox