Retailers should resist the urge to have employees use their own smartphones or tablets as point of sales terminals for credit card transactions
Mobile malware has a fast growth trajectory, and retailers are a prime target for cybercrime
Here’s a really terrible idea: retailers allowing employees to use their personal smartphones or tablets to process credit card transactions on behalf of their employers. This caught my eye recently after the PCI Security Standards Council released its “PCI Mobile Payment Acceptance Security Guidelines for Merchants as End-Users” document, which does not recommend that activity as a best practice. Now there’s an understatement. Just because there’s an app for that doesn’t mean it’s a good idea to allow just any smartphone or tablet to act as a point of sale (POS) device in the retail world. The PCI Security Standards Council rightly pointed out to merchants that they have an end-to-end responsibility for the mobile app employed to process payments, the back-end processes and the security of a device that in this case they would not own. Continue reading “BYOD and Smartphones as POS Terminals Don’t Mix!”→
There are no real technical differences between cloud connectivity portfolios and traditional data connectivity
Public, private and hybrid cloud solutions are supported by different connectivity options from shared to dedicated infrastructure
Connectivity is largely provided on-net from operators, but other players such as collocation houses may offer a range of options through third party relations
When considering how to connect your business to cloud solutions, including IaaS, PaaS, and SaaS, there are a wide variety of options. If the services can be supported by best-effort, then public Internet with IPSec can suffice with the benefit of a low-cost base. However, a private cloud will give more security and resilience and can be provisioned by your service provider via a break out from a corporate IP/MPLS VPN solution to the carrier’s MPLS network and over an NNI to the cloud provider. That’s assuming of course that a corporate IP VPN solution is already in place, because building one from scratch is not a low-cost route. Continue reading “Connecting to Your Cloud Provider – Internet, Direct Connect or Use the IP VPN?”→
Thanks to the dominance of the cloud and mobile devices, the collaboration marketplace is beginning to see faster, more transparent software update cycles for desktop software.
The result is software that is always up-to-date and users constantly in need of education and training.
Like many in the IT industry, I’m a bit of a technophile. I relish the experience of discovering new things, new devices, new operating systems, and of course new software. That makes me a dangerously early adopter who’d rather suffer through software and hardware glitches right now rather than wait for time to sort things out. That time, after all, is all it takes for the next version of whatever I’m waiting on to reach my laptop or mobile device. So why wait? Continue reading “Putting Software Updates Out of Our Misery”→
Last year, the major enterprise mobility themes at MWC could be divided into two broad categories: how to cope (and even thrive) in a BYOD world and how to make money out of M2M devices and services.
It is no real surprise, but to a great extent, these are still going to be key themes at this year’s show. How have the enterprise mobility and M2M ecosystems evolved in the interim?
MWC is coming soon and the mobile ecosystem once again gets to show off its shiny new wares. Aside from mobile devices, infrastructure enhancements, and new apps, even the enterprise mobility vendors and service providers get to show off new software capabilities and services. These are generally focused on enabling companies to leverage the power of mobility more productively (and with less angst). While last year’s show focused on the tablet revolution, BYOD, and the rise of MDM, vendors are now going to the next step, offering a broader ‘enterprise mobility management’ portfolio instead, which may encompass MDM, MAM, mobile security, identity management, virtualization, containerization, dual persona solutions, enterprise app stores, mobile content management, application enablement and delivery, and app-level security. They are making these options available via the cloud or on-premises to offer diverse business models. As no vendor wants to remain only a niche player, many are offering features beyond their original set of capabilities, either by partnering, acquiring, or developing their own solutions. MWC is going to include a lot of portfolio repositioning by vendors and their carrier and IT service provider channel partners to encompass all of these diverse capabilities. The questions remain: Should they all try to offer the same elements (and if so, where will differentiation be established)? Can they all pull it off? Continue reading “Dreams of Spain: Predictions for MWC 2013”→
Treating business continuity and disaster recovery services as ‘must-haves’ can obscure value and cost
Cloud-based business continuity and disaster recovery services can adjust to variable values over time
The best businesses (buyers and service providers) develop effective business continuity and disaster recovery (BCDR) strategies well in advance of natural and man-made catastrophes. AT&T’s investment and development of physical solutions to help customers recover from major outages is a good example. Some other organizations become focused later, and may survive (through good fortune). This can result in BCDR services later being assumed and treated as ‘must-haves’. They may then be bundled with underlying services, which can obscure the true value and cost of BCDR to service provider and customer alike. BCDR teams: does your organization value your service highly enough, or do colleagues see ‘must-have’ BCDR as a cost weighing on underlying service? Continue reading “Undervaluing Disaster Recovery in Data Center Services”→
Microsoft and Symantec disclosed that they have successfully (they believe) shut down the Bamital botnet, which was netting at least $1 million a year for the perpetrators.
The companies went beyond the usual legal and technical responses, employing the botnet’s own mechanisms to inform targeted users that their systems had been infected to carry out so-called ‘click fraud.’
Where there is a will, there always seems to be a way when it comes to hackers using new techniques and variations on old methods to breach systems for their own gain. This is what makes the IT security discipline as relentlessly frustrating as it is endlessly challenging. No matter how innovative IT security technologies become and practices evolve, determined cybercriminals seem to be finding new ways to penetrate even the best enterprise defenses. Continue reading “The Bamital Botnet Bust Takes an Interesting Turn”→
• Claims of network providers entering flux as telecom boom’s IRUs expire are important for wholesale; enterprise services should be unaffected.
• The telecom boom’s national fiber builds are now well over a decade old: The fiber’s transport characteristics remain serviceable today.
Starting anytime now, and through the end of the decade, we just might see network operators’ national footprints widely thrown into disarray, as the host of IRU agreements signed during the telecom boom of the 1990s begin to expire (the standard length of an IRU being 20 years, though they can vary). Some observers speculate that, just like the baby boom set the stage for a next-generation ‘baby boomlet’, expiring IRUs will spur a fresh round of telecom negotiations and deal-making. These new deals would buoy transport, network and infrastructure providers. Personally, I expect the freeing up of IRUs to be a relatively minor event. But on the other hand, there still appears to be room for strategic fiber investment.There are two important background points to understand when discussing the telecom industry’s IRUs: Continue reading “Uncertainty as the Telecom Boom’s Fiber IRU Flurry Closes in on the 20-year Mark”→
OpenFlow networking will require significant changes to your network operations and management. Without a killer app, why change?
Ethernet is good enough for most companies and enhancements can improve its efficacy. OpenFlow competes with a ‘good enough’ technology that is less painful than switching.
OpenFlow can be an effective alternative to Ethernet when it is backed by a strong software or application-defined network (SDN and ADN, respectively). The resulting strategy opens up a world of opportunities to do networking better than we have seen in the last 20 years, but ultimately, OpenFlow desperately needs a killer app because plain old Ethernet is good enough. Continue reading “‘Good Enough’ Ethernet Is OpenFlow’s Biggest Competition”→
An in-depth understanding of the customer, on the part of the enterprise, has the potential to provide a superior customer service experience and establish the groundwork for a high level of customer satisfaction, loyalty and longevity, assuming the enterprise makes appropriate use of the information.
Many customers are still reluctant to share personal information with a customer service provider because there remains a strong distrust regarding whether or not the information will be used appropriately and contained within the boundaries of the enterprise to which it was entrusted.
Last week I had the opportunity to attend the ITEXPO Conference in Miami Beach and act as moderator for two breakout panel sessions focused on the topics of “customer personalization” and “creating a consistent and quality customer experience” during customer service interactions. The three panelists on the stage with me at each session represented companies that develop, sell or use technologies designed to improve customer service interactions. The companies included InAppCare, Nuance/VirtuOz, Phone.com, TSG Global and VHT. Oddly enough, both sessions gravitated to an audience-prompted discussion regarding trading private and personal information for the potential of getting better service from the enterprise. While many argued that they thought customer care solutions were far from successful in meeting their expectations and needed improvement, it was implied that they were not willing to trade their privacy to improve the situation, at least not yet. Continue reading “The Superior Customer Service/Personalization Trade-Off: A Decision Based on Trust”→