Here are five planned features in the upcoming operating system that could be useful for IT:

1. Secure boot — Windows 8 will make use of UEFI (Unified Extensible Firmware Interface), the replacement for the age-old BIOS system. In addition to allowing more extensive management options for IT, UEFI will allow Windows 8 to authenticate boot components and prevent malware from infecting the machine before the operating system starts.

2. Reset and Refresh — Windows 8 will simplify the process for returning a machine to its default install (Reset) and restore factory settings but keep data and applications (Refresh). IT will also be able to control which of those options users have access to.

3. Windows to Go — Cloud services and remote desktop clients give users a way to access their work desktops from wherever they are, but some companies have security concerns about those methods. For them, Windows to Go is a new feature that will allow IT to load a copy of user’s local Windows 8 install onto a thumb drive where it can be accessed on any machine.

4. Enhanced Task Manager and Windows Assessment Console — Windows 8′s Task Manager will show a lot more information than previous versions, along with a simplified display. Also, the Windows Assessment Console will allow IT to run benchmark tests for things like battery use, energy efficiency, boot times and hardware performance.

5. Virtualization — Windows 8 installations will include Hyper-V, Microsoft’s virtualization client, so users can run other operating systems on the same machine, making it easier to support legacy applications and other software that won’t run on Windows 8. The Hyper-V client will have more configuration options for IT compared to Windows 7′s Virtual PC feature.

Many iPad owners are using the device in a business context, according to a recent global survey of iPad-using business and IT decision makers conducted by IDG Connect.

Among those people, 51% say they “always” use their iPad at work. Another 40% use the device at work “sometimes.”

Those decision makers also plan on sticking with the iPad — just 17% of respondents said they’d consider buying a different tablet next time.

Despite the use of the iPad for work purposes, just 13% of respondents said their device was supplied by an employer.

However, that might change soon, as some experts say IT won’t be able to stop users from bringing the device of their choice into the office and will instead decide to buy them so users can at least work on more secure corporate-owned and IT-controlled devices.

Does anyone in your organization use the iPad at work? Does the company provide them to users? Let us know in the comments section below.

The majority (84%) of IT managers say their businesses are using at least one cloud application, according to a recent survey from CDW. However, just one-third called their organizations “cloud users,” or regular adopters of the technology.

That’s despite the fact that 84% of cloud users said they reduced the cost of applications when they moved them to the cloud. Those costs were reduced by an average of 21%.

What’s holding the others back? Despite the benefits, cloud computing must be approached with care or organizations may not reap the cost-saving or administrative benefits – or worse, they can put data sent to the cloud at risk of a security breach.

Here are the top pitfalls that keep businesses from getting the most out of cloud computing:

1. The company’s own security practices

Security is the number-one concern organizations have about cloud computing, according to the CDW survey and other research. However, many companies using the cloud could be doing more on their part to protect their data and applications.

For example, just 54% encrypt data while it’s transmitted, according to CDW’s survey. Also, only half say they manage employee access to cloud applications, and just 44% require password changes every 90 days. Cloud security measures in many ways must be the same as with a traditional IT environment, but those results show many organizations are taking cloud security for granted or relying too heavily on vendors to protect data.

2. Vendors’ security

Of course, cloud vendors can be blamed for security problems also. Any time data is put in the hands of another organization, IT must make sure it’s going to be protected.

Here are some steps experts recommend to keep data secure when it’s held by a cloud vendor:

1. Verify security practices – Know what steps third parties take to protect their clients’ data. That includes what technical controls are in place, as well as how the company vets its employees and enforces security policies.
2. Establish liability – Contracts should lay out what happens if your data is compromised while on the third party’s network.
3. Validate – The contract should also give your company a way of validating that proper security measures are in place, such as the ability to conduct audits or site visits.

3. Hidden costs

One of the main reasons businesses turn to cloud computing is to save money. However, many find there are hidden costs associated with the cloud that they didn’t take into account while planning.

Those costs can include upload and download fees, one-time charges for moving data onto a cloud server, on-going storage costs, and set-up fees. In most cases, those won’t be a deterrent to using a cloud service, but it’s important to be aware of the total costs of the service while planning.

4. Failing to make sure there are backups

Once a service is put in another organization’s control, it’s easy to assume that the vendor will take care of back-ups and redundancies. But that’s not necessarily the case, as a recent outage of Amazon’s cloud storage service showed.

When setting up a cloud service, it’s up to IT to find out what back-up plans are included in the service and make other arrangements if those aren’t sufficient.

5. Bandwidth issues

Some organizations find that bandwidth issues hurt the performance of cloud applications and create costly inefficiencies.

Some cloud services have huge bandwidth needs, and it’s important to make sure both the cloud vendor’s network and the organization’s own network can handle it.

6. Putting the wrong applications in the cloud

One thing companies must understand is that when they use a cloud service, they may lose control over how much attention an IT problem receives. When a critical in-house application goes down, the whole IT department can drop everything to fix it. That’s not the case in the cloud.

That, along with security concerns, is why experts often recommend organizations keep those critical applications in-house.

7. Lack of planning

Despite the number of companies using at least one cloud application, just 38% of organizations have an overall strategic cloud computing plan in place. If any of the others plan to make further use of the cloud, it’s important to have an overall plan that’s incorporated into the company’s overall IT strategy.

That’s the message in a report recently released by the Constitution Project think tank. While the government may have good intentions, the group says, people should be wary of current proposals that would require federal agencies to protect the information security of private organizations that provide “critical infrastructure,” such as the health care, finance and communication industries.

Unless privacy safeguards are put in place, the privacy of people who work for or communicate with those companies could be put at risk, according to the report, which warns that the government “runs the risk of establishing a program akin to wiretapping all network users’ communications.”

Concerns such as those are one reason Congress has yet to pass comprehensive information security legislation, despite several proposals in recent years. That includes one bill up for a vote in the Senate that some opponents say would give the Department of Homeland Security too much control over networks owned by private companies and cloud providers, The Hill reports.

We’ll keep you posted on that bill and other proposed information security laws.

Learn how you can integrate iPad into your company’s existing infrastructure, thanks to the iPad’s built-in support for key industry-standard business technologies. Get secure access to email, calendar, and contacts via Exchange ActiveSync or open standards like IMAP, CalDAV and CardDAV. You’ll even see how easy it can be to use a remote wipe command to clear all data and settings in the event an iPad is lost or stolen.

Click here to learn more!   

For example, one recent study found that out of a random selection of 50 USB thumb drives, two-thirds of them contained malware.

Companies can also lose data if an unencrypted portable drive is misplaced by an employee or stolen. Or, a malicious insider could use a thumb drive to secretly take confidential data out of the organization.

To prevent USB drives from creating those security problems, here are some steps IT can take:

1. Offer encrypted drives to some users

Most IT managers can probably assume some users in their companies are going to use USB thumb drives to carry data, no matter what IT’s policies say. So it might make sense for IT to invest in secure, encrypted drives to provide for users who deal with sensitive data.

2. Block USB ports on some machines

In some cases, companies will need to make sure an employee isn’t carrying data around on any portable device, whether it’s secure or not. For those situations, IT can disable USB ports on users’ computers.

3. Disable autorun and keep antivirus software up to date

Many portable drives, especially the free ones that are given out at trade shows and other events, contain malware that can infect a user’s computer. IT can prevent that by keeping antivirus software up to date and making sure AutoRun is disabled on Windows machines. USB malware often exploits that feature to launch a virus without requiring any action from the user other than plugging the drive in.

4. Monitor and manage devices

Device management software can help IT keep track of what drives are being connected to users’ machines, so policies can be enforced accordingly.

5. Train users

One reason USB thumb drives cause problems is that the devices are so small and inexpensive, many users might be careless with them. But IT can train users to understand that while the drives may be cheap, the data contained on them may have a big price tag.

Virtualization and server consolidation are the top priorities this year for 40% of IT managers, according to a survey conducted by IDC. That was the top choice, followed by:

1. Cloud computing
2. Collaboration tools
3. Business analytics, and
4. Consolidation of application portfolios.

The top two choices, virtualization and cloud computing, show most IT organizations are concerned with reducing IT complexity, according to IDC’s analysis. The research firm also predicts organizations will invest more in tools to help deal with “big data,” the huge sets of information businesses must now store and process.

Businesses will use the money saved by virtualizing servers and switching to cloud services to invest in data analytics, as well as mobile technology and social networking for business, according to IDC.

What are your organization’s IT priorities for 2012? Let us know in the comments section below.

That’s the message from a survey conducted by Dimensional Research and sponsored by security vendor Check Point.

No surprise here: The use of personal devices on the corporate network is growing rapidly, with 78% of respondents saying there are more than twice as many personal gadgets connecting to their networks now than there were two years ago. That includes 36% who say the use of personal devices has increased five-fold.

And it’s causing big problems — 71% of 768 IT pros surveyed said personal devices have contributed to increased security incidents. That’s mainly because of how users behave with those gadgets, as 72% say careless employees have been a greater security threat than hackers.

Specifically, the top factors IT pros blamed for weak security of mobile devices were:

1. Lack of employee awareness about security policies (62%)
2. Insecure web browsing (61%)
3. Insecure Wi-Fi- connectivity (59%)
4. Lost or stolen mobile devices with corporate data (58%)
5. Installation of corrupt apps (57%), and
6. Lack of security patches from service providers (53%).

Click here to read the free whitepaper!   

The South African Postbank recently had $5.2 million easily stolen by cybercriminals over a 72-hour period.

No masks, handguns or stick-ups were required for this heist. The robbers merely opened accounts at the bank, then hacked into an employee’s computer and used stolen credentials to transfer millions to the new accounts, MSNBC reports.

After the transfers were made, they just went to ATMs across the country — over the three-day holiday weekend when they had a lower chance of being noticed —  and withdrew the cash.

Criticism is being directed at the bank’s poor IT and its lack of security protections. While it’s not yet clear exactly how the criminals stole the credentials to infiltrate the bank’s network, some observers have suggested the problem may have started with giving low-level employees greater access privileges than were needed.