Hunting for Big Data in Cloud Services: Customers Need a Better Security Standards Map

B. Ostergaard

B. Ostergaard

Summary Bullets:       

  • The lack of cloud security standards and the expanding range of cloud providers complicate RFPs.
  • The Current Analysis Cloud Security Study shows IT SPs ahead of carriers and the U.S. ahead of Europe.

The decision to migrate to the cloud is complicated by the expanding number and variety of cloud service providers (typically carriers, IT SPs, vendors, or dedicated cloud SPs), each with its own legacy of strengths and weaknesses, coupled with a dearth of specific cloud security standards to put into a request for proposal (RFP).  Apart from PCI DSS in the retail sector and FedRAMP for the delivery of cloud services to the U.S. government, security standards pertaining to cloud services are related to general business process quality (ISO9000), data center management processes (ISO27001-5), auditing (SSAE 16), and a slew of more vertical industry-specific requirements around handling of sensitive personal data.  Corporate customers are still relying on best-practice guidelines from standards bodies such as NIST in the U.S. and ENISA in Europe, as well as the user/industry forums such as the Cloud Security Alliance with its Cloud Matrix tool.  Still, what does the cloud security playing field look like from the service provider side?  How can they assess their service offerings to amorphous customer requirements, as well as the other providers in the market? Read more of this post

Live from the Sprint Analyst Event

K. Weldon

K. Weldon

Summary Bullets:

  • Sprint’s morale is up, with discussions of its financial turnaround, excellent customer satisfaction, and positive net adds at the heart of its messages to the analyst community
  • While consumer topics took up more air time, Sprint also remains focused on its sweet spots in the SMB and mid-market business segments, looking towards a resurgence in PTT and continued momentum in M2M

The annual Sprint analyst event at the carrier’s headquarters in Kansas was upbeat, as Sprint views that it now has hard proof of its turnaround (beyond third-party customer service accolades) and is looking forward to a future in which net adds continue to grow across all user segments. While it still has a ways to go (and a few years of serious capital expenses to bear) as it continues to build out LTE, Sprint is certainly faring better than it has in recent years. While a good portion of its customer additions are coming from the prepaid segment, it still has a solid core of business customers and prospects, especially among the SMB and mid-market segments. While other carriers have increasingly separate business and consumer sales, marketing and product development organizations, Sprint has now consolidated many of these groups to reach across segments; therefore there was something for everyone at the event. Read more of this post

Cisco Becomes First Enterprise WLAN Vendor to Commit to 802.11ac Support

M. Spanbauer

M. Spanbauer

Summary Bullets:

  • Customers have been apprehensive about continued significant investment in 802.11n with the 802.11ac technology on the horizon.
  • Cisco’s 802.11ac guarantee, via a simple tool-less module available in 2013, will provide forward compatibility with 11ac with a capable, enterprise-class 802.11n access point today.

I have had several conversations that started with the question of whether continued investment in 802.11n platforms was wise given the pending standardization of 802.11ac and the benefits which it will bring (in late 2012/early 2013).  Since the standard is not yet fully ratified and endorsed, there has been no  guarantee that the fully ratified specification will be supported by an enterprise vendor… until now.  Cisco had announced that the Aironet 3600 access point would be eligible for a tool-less module upgrade (which simply snaps in and is secured with two thumbscrews on the back) in early 2013 (release date: TBD) that would allow customers to take advantage of the 802.11n features the AP possesses today while ensuring investment protection for a forward-looking upgrade to 802.11ac.  Now, this module is not free of course, and as of the time of this writing, it had a suggested retail around $500 (potentially subject to change); however, given the access point’s suggested retail of around $1,500 and the module SRP of $500, each access point would have a CapEx of $2,000 (list) and provide for a simple evolution from 11n to 11ac. Read more of this post

Beyond the Cloud: Top Data Center Providers Emphasize Flexibility, Security

A. DeCarlo

A. DeCarlo

Summary Bullets:       

  • Cloud solutions rule long-range enterprise IT planning sessions, but today’s corporate data center requirements are much more nuanced and complex.
  • Top providers deliver a range of capabilities, including the transition support organizations need as they consolidate servers and plot future cloud migrations. 

IT organizations today cannot risk being without a clear cloud strategy for the future.  However, the focus in the data center now is on near-term needs.  Even in the midst of the cascading cloud computing wave, on-demand computing solutions still constitute a relatively small percentage of the revenues of most of the leading data center services providers today.  Frankly, most organizations are too busy (grappling with myriad tactical challenges) to address longer-term, strategic issues, through cloud technology or any other data center solution. Read more of this post

Closing Security Gaps: Introducing the Pressure Incentive

A. DeCarlo

A. DeCarlo

Summary Bullets:

  • For all the talk about sophisticated security strategies, too many breaches can be avoided by making sure the basics are under control, starting with adequate data security policies.
  • The recent breaches of Global Payments and LinkedIn’s data cast a harsh light on the lack of care those organizations took to applying appropriate protections such as multi-factor authentication and encryption to safeguard customer data.

One unfortunately consistent truth about data security is how often some of the most egregious data breaches could have been stopped if adequate care was taken to ensure the most fundamental elements of security were in place, starting with the appropriate policies regarding the handling of crucial customer data.  We have seen this recently with attacks such as the theft of hundreds of thousands of patient records from Utah’s Medicaid health system in March (see “Anatomy of a Breach: What We All Can Learn from the Utah Medicaid Records Theft,” May 18, 2012), where a cascading series of clear missteps in policy and execution made the breach relatively easy for hackers. Read more of this post

UEFA Euro 2012: Key ICT Partners Stay Close to the Pitch

S. O'Boyle

S. O’Boyle

Summary Bullets:       

  • Being local and having staff available to UEFA at its key sites is as critical to the organization as the ability to be a good partner that can support its ICT system.  What’s often overlooked as we get caught up in technology is that the human touch and ability to anticipate and solve problems quickly counts for a lot with customers when it comes to contract renewal time.
  • With full ownership and control of its network, Interoute offers customers high-performance services, fast provisioning times and competitive pricing.  Interoute has significant network assets spanning 100 European cities and featuring 21 MANs across Europe, as well as PoPs in Eastern Europe, which is a key requirement for UEFA.  Ownership of eight data centres and strength in hosting services has evolved into an expanded cloud services portfolio.

It’s showtime for UEFA (Union of European Football Associations), as Euro 2012 is now underway in Poland and Ukraine.  The two Eastern European countries will play host to 16 teams and an expected 1.4 million football fans over the course of the competition which happens just once every four years.  The total predicted global TV audience for Euro 2012 (including qualifiers) is 4.3 billion, and it’s not just football on the pitch, as so much work goes on behind the scenes at the big stadiums, including security, emergency services, catering to journalists and broadcasting networks and the supporting technology and communications. The International Broadcasting Center (IBC) in Warsaw is the temporary home to all the key broadcasting and press outlets covering the event as well as UEFA’s ICT team.  This is a live event where no downtime can be tolerated.  UEFA does not take chances, even with the power grid, relying on diesel generators instead to power its ICT during the event. Read more of this post

The Smartphone and the Tablet: Catalysts of Change in Mobile Customer Care

K. Landoline

K. Landoline

Summary Bullets:

  • Today, there are more mobile phones in service in the U.S. than there are people.  It is estimated that 40% of these phones are smartphones, and this percentage will likely double in the next four to five years.
  • Smartphones and tablets offer a broad range of functionality that will improve the mobile customer service offerings of enterprise contact centers.  To date, contact center application providers have only scratched the surface of the many possibilities.

In my December 22, 2011 blog entry, “Step Two in Mobilizing Your Contact Center: Create a Continuous and Seamless Customer Experience,” I discussed the importance of providing a smooth transition from self-service to live agent assistance on the mobile phone.  Since that blog was published, no fewer than four contact center software providers (Genesys, Interactive Intelligence, NICE Systems, and Virtual Hold Technology) have announced or introduced such functionality to take advantage of the advanced capabilities available on increasingly ubiquitous smartphones and tablets.  While this is very encouraging, I see it only as an initial step in capitalizing on the capabilities of these devices. Read more of this post

The Battle for the Desktop Just Went Airborne

B. Shimmin

B. Shimmin

Summary Bullets:

  • With enterprise users taking their documents on the road, Microsoft’s longstanding desktop productivity dominance has never looked so promising and so vulnerable.
  • Google’s acquisition of mobile-savvy productivity tools vendor QuickOffice promises to put the company on a much closer competitive trajectory opposite its primary collaboration rival, Microsoft.

Google’s surprise acquisition this week of productivity vendor QuickOffice has restored my faith in the company’s ability and desire to do combat with Microsoft on its home turf: the desktop.  That is, the desktop as we are beginning to understand it as a highly mobile, cloud-savvy, social platform.  For those still wondering what that might be, here is a hint.  The desktop of the near future is a tablet device like the Apple iPad and the Samsung Galaxy Tab.  The trouble for Google, of course, is that the Web search powerhouse has heretofore maintained steadfast devotion to what I’m sure its engineers would refer to as ‘the pure Web experience,’ a platform where everything lives in the cloud.  That vision is best exemplified in the company’s recently reinvigorated smart terminal project (Chromebooks and Chromeboxes), which promises a utopian situation for IT professionals by hoisting everything, even the desktop itself, into the cloud. Read more of this post

Online Banking for SMBs: Like Playing Russian Roulette

P. Musich

P. Musich

Summary Bullets:                

  • Before enabling online banking for payroll or other payments, SMB IT personnel should carefully review the bank’s security procedures and understand what guarantees the bank offers for securing funds against cyber losses.
  • SMB IT managers should take special pains to educate the payroll manager on the risks and safe online behavior, and encourage hyper-vigilance in conducting company business online.  If possible, a system should be dedicated to online banking, and blocked from accessing any other web sites or email.

Past studies have indicated that small and medium-sized businesses (SMBs) and non-profits are a target for cyber criminals because they don’t have the same level of protection that larger companies do.  That is especially true for small and medium-sized banks, because they don’t have the same sophisticated online banking cyber-fraud controls that large banks have.  That could be why the SMB/non-profit market has become so attractive to security vendors such as McAfee, which in the last year has made a concerted push to improve its presence and offerings for that market segment.  In fact, security for SMBs is pegged to be about a $5.1 billion opportunity.  Besides that bull’s eye they’re sporting on their backs, there’s another reason for SMBs and non-profits to be hyper vigilant about protecting their finances:  should cyber thieves manage to gain access to their online bank accounts and steal their money, they are legally held responsible for the loss – not the bank.  A Tennessee construction company found that out the hard way, according to security blogger Brian Krebs.  Cyber thieves using the widely available Zeus Trojan toolkit managed to steal an employee’s user credentials as the user logged on to the firm’s online banking site, redirect the employee to a fake web page that claimed the bank’s site was under maintenance, and hijacked the employee’s online banking session to put through multiple fake payroll payments to a series of money mules.  For some unknown reason, the bank failed to call the company for approval before it processed the automated clearing house payments, even though it had done so on a regular basis before the breach.   Despite that lapse on the part of the bank, the construction company was left holding the bag. Read more of this post

Live from the Axeda M2M Conference

K. Weldon

K. Weldon

  • Axeda offers a cloud-based platform that helps customers develop and manage M2M applications across many vertical industries, and has been in the business for many years
  • At its annual event, enthusiasm for M2M continues to mount, and customer case stories show advancement in the maturity of deployments

The annual Axeda Connexion M2M event (held in Cambridge, MA this week) was subtitled: “Get Serious about M2M”. The implication is that we are now at (or close to) the stage where M2M can be transformational to businesses.

To drive the point home, Axeda referred to its Connected Product Maturity Model, a growth curve that depicts six levels of maturity for the industry, against which each company deploying M2M solutions can measure itself. The levels range from Unconnected to Connected to Serviceable to Intelligent to Optimized to Innovative. Most of the customers describing their deployments seem to be somewhere in the middle, where M2M connectivity has begun to not only enhance their existing products and services with productivity benefits and cost reductions, but is beginning to leverage the kind of intelligence that can create even greater organizational impact. Read more of this post