ComputerWorld has come out with its set of predictions for security related incidents likely to make headlines in 2004. Especially telling is their statement that "Many will begin to understand that the problem isn't with the technology, it's with the people!", something us technology people have been trying to get across for years. What makes anyone think 2004 will be any different?

Both USB ports and free access to each and every IM service do nothing to remind employees that the computing resources and data they manipulate on a daily basis belong to the company, not them. Yes, it is a people problem when these tools are used to carry confidential data into the wrong hands, but how do you reinforce this message and how do you remove temptation?
On the IM front we might see companies use internal messaging systems such Jabber and Sametime. USB ports are not so easy to control especially since these USB drives are so small and easily hidden. Perhaps some vendor will come up with a way to control allowable devices by vendor id and product code? For example, this could easily be part of the TrustedCore efforts put forth by Phoenix Technologies' cME project. (Unfortunately this project's design appears to be extremely Windows-centric and it is not clear whether any OSS can make effective use of it.)

And so, as usual, efforts are already underway to come up with technology-based solutions for what ComputerWorld so accurately pointed out, are really people problems...
Some things just don't change!

Much has been written on this subject already yet it continues to be a topic fraught with pitfalls and mired in confusion. Perhaps by describing the way NetBackup's tape writing (as implemented in bptm process) operates some of this veil can be lifted and tape drives can be made to hum more efficiently.

For each NetBackup job stream writing to tape, a bptm process is launched. Part of its launch information packet includes a description of the source of its data, i.e. the client machine, the NetBackup policy and schedule, etc. However, the first bptm process does not directly concern itself with contacting the client, instead, it forks off a child process to start listening on a predetermined TCP/IP socket for the client to contact it. The parent process meanwhile proceeds to allocate, open and otherwise prepare a tape and a tape drive to start writing the eagerly anticipated client data.
Next comes the description of how to the two pass this client data between eachother.

Anyone with more than one backup tape volume will have a need to apply labels to keep them straight. If nothing else because that is how all backup software refers to the tapes it writes and, hopefully, reads.