Beruflich Dokumente
Kultur Dokumente
10
CYBERTREND.COM
INTEL
INTRODUCES
THE FUTURE
ITS FAST NEW CHIPS
STAND TO BOOST THE PC
MARKET & POWER A NEW
GENERATION OF DEVICES
18
PROTECT YOUR
MOBILE ASSETS
4 NEWS
Business technology news and research
24 DATA
Methods for leveraging data and analytics
8 COVER STORY
Intel and its new 6th generation processors
28 ENERGY
Energy efficiency and the environment
12 BUSINESS
Tech strategies for smart business
31 IT
IT and data center concerns
14 CLOUD
Cloud computing and cloud-based services
40 NETWORKING
Wired and wireless networking
18 MOBILITY
Mobile tech for doing business anywhere
46 SECURITY
Solutions and best practices for security
22 COMMUNICATIONS
Communication and collaboration
54 ELECTRONICS
High-end consumer electronics
66 PROCESSOR
Special advertising and content from our
Processor partners
56 TIPS
Advice for mobile professionals
Special Section For PC Enthusiasts
CONTACT US
P.O. Box 82545
Lincoln, NE 68501
or
120 W. Harvest Drive
Lincoln, NE 68521
Copyright 2015 by Sandhills Publishing Company. CyberTrend is a registered trademark of Sandhills Publishing Company. All rights reserved.
Reproduction of material appearing in CyberTrend is strictly prohibited without written permission.
As organizations discover the increasing importance and value of data, there comes a
more defined focus on getting the most relevant and usable information from that data,
managing data practices so resources arent wasted on low-value data, and using data
with less risk and strict adherence to regulations. Along with this focus, there is increased
interest in the role of the CDO. For its new study, The Chief Data Officer, Experian
surveyed more than 250 CIOs and CDOs working for large organizations to get their take
on these trends. Businesses need evangelists for data and individuals with the intelligence
to not only ensure information assets are governed, accurate, accessible and complete, but
also promote the use of data for good across the business, says Thomas Schutz, senior
vice president and general manager of Experian Data Quality. The rise of the CDO puts
that concept front and center. Below are some of the studys key findings:
Among the many things the Pew Research Center tracks is how we use our
mobile gadgets. According to its latest
report on etiquette in the digital age, for
which 3,217 adults on the research centers
American Trends Panel were surveyed,
Pew says 89% reported having used their
smartphones the last time they took part in
a social gathering. If youve ever suspected
that someone is using a phone to disengage, you could be right; 16% of survey
respondents said they used their phone
because they werent interested in what the
group was doing, and 10% wanted to avoid
participation. On the bright side, respondents more typically used their phones to
participate with the group; 41%, for example, used their phones to share something relevant to the gathering.
71
71
72
15
21
28
31
13
17
26
28
20
In its Wireless Charging: Opportunities, Applications & Standards 20152020 report, Juniper Research says it
expects about 40% of U.S. households and
20% in Europe will use wireless charging
technologies within five years. Wireless
charging will ultimately be about more
than the power and speed of charge, says
James Moar, research analyst and report
author. The ability to pinpoint device location through data exchange enables all
kinds of location-based activation functions around the home, the car and in the
leisure industry.
22
28
25
YEAR
2012
67
16
2013
18
23
23
2014
2015
Emerging markets can make for volatile investments, but a recent Gartner
study found that emerging markets
were a key driver of worldwide smartphone sales in the first quarter of this
year. In total, worldwide sales were up
19.3%, led by markets in Asia/Pacific
(excluding China), Eastern Europe, the
Middle East, and North Africa. These
emerging markets had a 40% increase
in sales in the first quarter of 2015. The
Gartner report also examined the top
mobile platforms, and iOS is chipping
away at Androids worldwide lead.
STARTUPS
Startup Receives Investment
For Cloud-Based HCM
Impressions (and often results) of 3D printing tend toward the simplistic. Some
remarkable things can be made
with the current technology,
such as prosthetics, but there are
sharp limits to what the technology can deliver. Carbon3D, a
startup based in Redwood City,
Calif., has developed an alternative called CLIP (Continuous
Liquid Interface Production). According to Carbon3D, CLIP eschews the layerby-layer approach todays 3D printers employ and instead grows parts. This
method also allows for the use of a wider range of materials. Carbon3D announced
a $100 million funding round led by Google Ventures, which company CEO and
co-founder Joseph M. DeSimone says will bring it closer to delivering on its vision.
Carbon3Ds technology has the potential to dramatically expand the 3D printing
market beyond where it stands today and reshape the manufacturing landscape,
says Andy Wheeler, Google Ventures general partner.
OpenStack is an open-source platform for building and managing computing resources in the cloud, and
Mirantis is a startup that offers an
OpenStack distribution as well as related
services, training, and support, with an
emphasis on improving enterprise scalability. In August the Mountain View,
Calif.,-based company announced a
$100 million funding round led by Intel,
new investor Goldman Sachs, and numerous existing investors. With Intel as
a partner, look for Mirantis to expand
its reach among enterprises.
KEY POINTS
Intel has been developing
processor technology and other
products for nearly 50 years.
Today Intel also offers solidstate drives, server systems,
networking and communication
products, and a platform to
support the burgeoning Internet
of Things.
Intels 6th Gen desktop processors enable multitasking,
4K HD video support, and more
hardware-based security.
The laptop and mobile processors are smaller and more
energy efficient for thinner devices and longer battery life.
By 1974, Intel would release its new 286 microprocessor, which was part of desktop computers, and the Intel brand
8080 microprocessors, which were said
the major personal computer boom of became synonymous with this eras
processors as the company ascended to
to be 10 times more powerful than pre- the 1980s.
vious models and were used in a wide
Innovation in the microprocessor become the undisputed market leader.
The Pentium Pro followed in 1995,
range of products, including cash regand microcontroller product lines
and in 1998 the company introduced
continued throughout the 1980s and
isters and traffic lights. And in 1975, the
its Intel StrongARM processor, which
8080 microprocessor was featured as beyond by adding more performance
was designed specifically for smaller,
part of the Altair 8800, a basic personal while also reducing power consumption. This led to Intel hitting $1 bilhandheld devices. Also in 1998, Intel
computer that served as a hobbyist kit
released the Pentium II Xeon processor,
lion in revenue by 1983. In 1985, Intel
for those interested in and dedicated to
which served a huge demand
personal computing.
within the server and workstaBy 1976, Intel started
tion market.
packing more and more techAs the PC market solidified,
nology into its microprocessors
with desktop and laptop comand other computer products.
puters growing smaller and beThe 8748 and 8048 were both
coming ubiquitous, the turn of
microcontrollers, which put
the 21st century offered Intel
both the processor and the
a widening avenue of techmemory on one silicon chip.
nology and market opportuniBy bringing these two compoties. For example, in 2000 Intel
nents together, manufacturers
announced its new Pentium 4
were able to add computing
processor as well as a wireless
capabilities to even more types
LAN PC card. In 2003, Intel
of products, including home
launched its Centrino processor
appliances and even automoline, which included LAN supbiles, among thousands of other
port and was designed with lapexamples. This was essentially Intels innovative focus on the processor space means the company
tops in mind. And in that same
the beginning of the smart not only thinks about performance, but also size. Intels mobile-foyear, Intel also continued develera of technology, where even cused microprocessors make it so that smartphones and tablets will
not only be more powerful, but also thinner and more portable.
opment in the mobile space with
the most basic devices are given
its PXA800F cellular processor.
new capabilities through the use
In 2006, Intel released its
of small yet powerful chipsets.
released its Intel 386 32-bit processor, Centrino Duo and Core 2 Duo procesMicroprocessors For Early PCs
sors and at the same time developed
which had the major selling point of
In 1980, Intel released its 8051 being able to run more than one prothe worlds first quad-core processor
and 8751, which were both the best- gram at the same time. In 1985 and
for servers and desktops. This blend of
selling microprocessors in the world 1987, Intel made two big entries into consumer, small business, and enterat the time. And along with the Digital
prise focuses helped Intel grow further
the supercomputer market with its
Equipment Corporation (commonly iPSC/1 and IPC/2 supercomputers,
and become the company were familiar
known as DEC) and Xerox, Intel eswhich used Intels 286 and 386 proces- with today.
tablished the cooperative Ethernet sors, respectively. And in 1988, which
project as a way to develop ways for was the companys 20th anniversary,
True To Its Core
computers to connect to one another Intel created its first flash memory techMuch of what Intel does right now
via LANs (local-area networks). 1981
has origins that are traceable through the
nology called EPROM Tunnel Oxide.
was another big year, as Intels 8088
companys history as well as new capamicroprocessor became the backbone
Center Of The PC Revolution
bilities that continue to push boundaries.
of the IBM PC. This is important beIntel transformed the personal com- Intel introduced its Core processor line
cause in the following year, the com- puting market with its Pentium chips,
in 2010 and continues building on that
pany not only released its first 16-bit
introduced in 1993. By 1994, Intel
line, boosting performance and energy
microcontroller but also its 16-bit Intel
chips were used in more than 85% of all
efficiency with each new generation.
Wireless
& The Internet Of Things
Solid-State Drives
10
if those programs require a lot of processing power, then you may want to
look into these new Intel chips.
Most consumers and businesses have
their desktops covered with security
suites, firewalls, and other softwarebased security tools, but hardware is
another story. Intels new processors
provide hardware-level security to
complete the picture. To protect systems and the data stored on them while
theyre in use, Intel offers its Software
Guard Extensions solution and
Memory Protection Extensions tool.
And to protect your desktop while it
11
Whats At Risk
In short, software is hard to make
and easy to steal. Despite the best preventive efforts, crack sites and warez
groups sometimes manage to gain
access to the developers confidential keys and pass them along to almost anyone who asks, says attorney
12
13
KEY POINTS
Adopting cloud-based storage
can mean immediate cost savings,
but many companies experience
unforeseen long-term complexities
and costs.
Rather than for cost savings,
organizations are increasingly
adopting cloud storage for speed
and agility reasons.
To see a long-term cloud
storage payoff, pinpoint what the
organization specifically hopes to
achieve from cloud storage.
SLAs (service-level agreements), cloud storage model, and
migrating to another provider can
all generate unexpected costs.
14
storage, even if those reasons are not necessarily tied to costs savings. Whats key
is knowing what an organization should
ask of itself and of potential cloud storage
providers to determine how the organization can benefit and ensure it gets what it
requires from a provider. The following
explores these issues and others in order to
forge a strategy that makes getting a payoff
from cloud storage possible.
The Payoff
While some organizations use cloud
providers for primary storage needs,
various data and experts point to cloud
storage as a good option for disaster recovery, backup, and archiving purposes.
In other words, cloud storage is good for
data that needs to be accessed easily but
infrequently, if at all. King says cloud is also
15
Control Costs
A notable problem with cloud storage
providers is that people dont realize
there are so many complex pricing models
out there, Baig says. Everything from reserved instances to even bidding on cloud
16
form that is easy to use and very affordable. So we are addressing that mid-segment, combining the best of both worlds.
Not One-Size-Fits-All
The ideal cloud solution for most
SMBs, then, is one that provides ample
capabilities (but not more than are necessary, and not so complex as to necessitate
IT assistance), flexibility (for example,
no vendor lock-in), and speed of deployment. Gadea says 1&1 Cloud Server
delivers on these requirements, and includes multiple options for different sizes
of companies and projects. There are
eight options available, he says, ranging
from an entry-level option for not very
complex websites to a high-end option,
where you may have a database scenario
with a need for at least 8GB of RAM, as
well as a customizable Flex option.
17
18
getting exfiltrated out of the environment, he says, and then there are other
applications where a third-party entity is
stealing your login credentials, whether
they are stored on the mobile device
itself or not. Cahill explains that these
types of applications typically come from
an untrustworthy source and not one
of the official app stores, such as iTunes
or Google Play, which are pretty well
vetted by Apple and Google.
The problem comes in if you get
baited into downloading an application
from a third-party source thats untrusted, says Cahill. Those applications
will masquerade as legitimate applications. Theres one out there thats a wallpaper application. All of these mobile
applications have manifests associated
with them, which are basically lists of
what services on the smartphone they
need to access. If you think about it, a
wallpaper application should have no
19
20
Employee Education
& Awareness
The threats facing mobile devices are
certainly worrisome, but before you
start throwing out all of your smartphones and tablets, its important to
remember that there are ways to prevent these attacks from happening, or
at least to give your employees more
defensive tactics for thwarting attacks.
The first step is to improve overall employee education and awareness. In the
IDC report mentioned earlier, Crook
and Kolodgy point out that many users
see mobile devices as more secure than
desktops or laptops, and they chalk that
up to employees simply not being educated enough on what threats are out
there as well as what threats are unique
to mobile devices.
ORGANIZATIONS
SHOULD STRIVE
TO HAVE A
HOLISTIC ENDPOINT SECURITY
POLICY AND
APPROACH THAT
INCLUDES
MOBILE DEVICES,
SAYS ENTERPRISE STRATEGY
GROUPS DOUG
CAHILL.
Thats one reason why its so important to develop employee training
courses in which employees can learn
about spear phishing schemeshow
they are perpetrated and how they can
be avoidedand to put policies in place
regarding access to certain types of applications. With education programs
and policies in place, its then time to
test employee knowledge and make sure
they actively use their training.
The other thing companies can do
is [initiate] a fictitious spear phishing
attack, says Cahill. You can have a
third-party come in and launch whats
called a red team exercise, which is to
test really how effective your education
has been to your end users to not fall
21
22
as Novell and IBM used to offer integrated, organization-wide collaboration solutions that offered tools like
email, application development, tasks
and scheduling, and more. But now,
where there used to be large collaboration and productivity suites, there
are now just key apps that support
messaging and are primarily about
connecting people to people and to
information, she says. And while
there are still those types of suites out
there for productivity, such as Office
365 or Google For Work, Thompson
says that on the collaboration side, its
becoming much more of an ad hoc
approach and it isnt as necessary as
it once was for a larger collaboration
management platform.
Whats happened over time is that
weve had more and more automation in the business systems that we
use, so we actually dont need as much
23
KEY POINTS
Fast data takes the velocity
part of big data and makes
speed to capture and speed to
insight its primary focus.
Many vendors already offer
fast data solutions, which can
handle the streaming data
capture and real-time analytics
needed for a fast data project.
Fast data can be used for
sales and e-commerce, but it
also fits into manufacturing, security, and many other areas.
Fast data solutions will one
day be able to perform data processing and analytics at the same
time and in the same system.
24
25
26
Greenovations
ENERGY-CONSCIOUS TECH
The technologies
that make our
lives easier also
produce some
unwanted side
effects on the
environment.
However, many
researchers,
manufacturers,
and businesses
are developing
solutions that are
designed to keep
us productive
while reducing
energy demands
to lessen our impact on the environment. Here's
a look at some of
the newest such
initiatives.
Have a Tesla Model S vehicle? There are now more than 500 Supercharger stations available
worldwide, and that number could double over the next year.
28
Typical solar panels use flat-plate PV (photovoltaic) cell systems, which are tried and true but not
as efficient as they could be. Newer technologies stand to affordably improve PV systems.
29
Recover Value
Hardware typically covered under
IT asset recovery includes PCs, laptops,
servers, monitors, fax machines, copiers,
printers, smartphones, and tablets.
Increasingly, wearables and IoT (Internet
of Things)-related devices are also included. For many companies, donating
such equipment to charities, schools, etc.
is a viable disposal option with possible
tax breaks. Further, says Sandi Conrad,
Info-Tech Research Group director, many
ITAD providers will manage the process,
including properly licensing OSes, ensuring equipment works, and transferring
the equipment.
Traditionally, though, IT asset recovery
has meant getting value back from unwanted equipment. This is changing as
useful life spans for equipment are extending. Companies, for example, are
keeping PCs and servers five or more
years vs. three. Thus, ITAD providers are
31
32
memory and drives taken from PCs, laptops, servers, copiers, printers, and other
equipment. Traditionally, DOD 5500
was the standard in this domain, Schafer
says, although NIST 800-88 has largely
replaced it.
Also important is verifying the chain
of custody the transportation logistics a
provider uses for such drives. Schafer says
these areas, which represent a bulk of total
disposition costs, entail securely packing
and shipping assets to the providers facility. Chain-of-custody particulars also
include the encryption the enterprise uses
for drives. Preferably all enterprise data
is encrypted for the process, Schafer says,
because monitoring which drives are encrypted is a nightmare.
Logistics details can include whether
a provider seals drives at the company
and performs a one-to-one serial number
match at its facility, which is expensive
but secure, Schafer says. The inverse occurs when, for example, a provider packs
drives on a furniture truck that makes
11 stops on the way, he says. If half the
assets show up, count yourself lucky. In
other words, you get what you pay for
security-wise. Because some ITAD providers use third parties for transportation,
organizations should ensure that transport
employees have been well-vetted and that
background checks have been performed.
Whats In A Provider
Among the positive traits to look for
in an ITAD provider is its ability to help
33
Privacys Influence
Nebuloni says whats driving this
change in approach primarily is that
34
"Unlike the U.S., where privacy laws are federal, statespecific, or industry-specific, all EU states use the same
directive as the basis for their national laws.
CARSTEN CASPER
Managing Vice President,
Privacy & Digital Workplace Security
Gartner Europe
European customers tend to be fairly conservative about where their data is located.
Furthermore, they want to ensure companies they interact with have at least a
subsidiary in their country.
Following the PRISM scandal, Nebuloni says European customers uncomfortable with their data residing outside
their countries pushed for local data centers. Local service providers in France and
Germany have tried to get an edge on U.S.
companies by emphasizing their local ties,
he says. In France, for example, an association of French cloud service providers
have worked to provide French-certified
cloud services, Nebuloni says. So it seems
like politics is intertwining more and more
with IT services and IT markets where the
cloud is concerned, he says.
Steve Wilson, Constellation Research
vice president and principal analyst, says
the writing has been on the wall in
Europe for some time. He points to the
Safe Harbor provision that essentially allows some U.S. businesses to escape the
full weight of EU expectations as being
on borrowed time. Wilson notes many
non-European countries that also have
strong privacy laws want their data processing to occur in Europe vs. the U.S.
Many laws in such countries take the form
of, If you export personal information
from our country, you must only send it
to places that have equivalent data protections, he says.
In general, Iannopollo says EU citizens
view privacy as a fundamental right and
part of their culture. History has shaped
this relation with privacy, she says, making
Europeans different than citizens in other
geographies. As customers, Europeans
The Future
Nebuloni says many U.S. executives he
speaks with are cognizant of the great
regulatory and psychological problems
existing in Europe, particularly executives
involved with companies that offer cloud
products. Ultimately, Nebuloni believes,
larger U.S. companies will partner with
local providers to address privacy issues.
Casper, meanwhile, says the need to operate data centers in Europe is unlikely to
go away soon. How demand will change,
however, will depend on the legislative
initiatives on privacy in the U.S., in the
European Union, and the privacy discussions between the two parties, he says.
Similarly, Iannopollo says privacy and
data protection are "here to stay and to
change businesses culture and modus
operandi as necessary, she says. She expects more non-EU companies will open
European data centers and comply with
EU data protection rules. Moving forward, we also expect them to truly understand and operate against the cultural
background of their European customers,
partners, and employees, she says.
THE NO. 1
UPGRADE YOU
CAN MAKE TO
BOOST LAPTOP
PERFORMANCE
IS TO ADD MORE
MEMORY.
35
36
Why It Exists
& Common Examples
The main reason why shadow IT
tends to show up in an organization is
because various areas of the business
37
38
Potential Benefits
DAVID YACKNESS
Director, CIO Advisory
Info-Tech Research Group
GENERATORS
UPS
PRE-OWNED GEN SETS
20-3000KW
LOW HOUR WITH WARRANTY
INQUIRIES
Kris Davenport: 602.622.5619
kris.davenport@empire-cat.com
KEY POINTS
Make sure youre able to spot
the tell-tale signs that your network is overtaxed and be proactive in addressing issues.
Keep users and applications
in mind when designing your
network and dont work in a
vacuum or you could end up
running into preventable issues.
Consider building a hybrid
WAN so you can have multiple
network connections in play depending on the use case.
WAN orchestration tools can
help you better manage your
network and control applications for the best performance.
40
41
42
43
44
approach. Cisco, on the other hand, offers network switches that are highly
programmable and can be used in those
DevOps environments. A lot of people
have different definitions, and thats the
tricky part, but I think most people just
want a lot of flexibility and programmability so that if [they] want to make
changes, [they] can just do that through
software automation, Conde says.
SD-WAN
A newer form of networking some
companies are considering is SD-WAN
(software defined wide area networks),
which typically focus more on remote
branches or offices that are connecting
back either to the data center or to the
cloud, Conde says. These networks are
different from traditional SDNs as they
typically deal with more SaaS (software as
a service) solutions and spread networking
needs across both cloud and data center.
SD-WAN is particularly helpful in
dealing with the issue of outstripping network capacity. Conde says most of these
businesses use MPLS (Multiprotocol
Label Switching) networks, which are
private circuits that you buy from telecoms that connect remote offices to data
centers. The problem is that adding
MPLS lines can get quite expensive, so
many companies turn to standard broadband Internet for some use cases. Using
SD-WAN lets you decide what primary,
mission-critical traffic, such as VoIP,
should be on the primary MPLS line and
which secondary or low-priority traffic
can be moved to general broadband.
CORPORATE TRAVEL?
NEED A VACATION?
Let our #missionbird take you where you need to go.
Our diverse fleet of 22 aircraft offers a travel experience above the rest.
KEY POINTS
Back up both data and applications to ensure programs run
properly after recovery.
Back up every install file,
firmware update, patch, and
customization or the software
may not work as intended.
Consider using a storage resource management platform or
purpose-built backup appliance
to back up virtualized and traditional software and workloads.
Prioritize the applications
that need to be backed up and
recovered first and make sure
you revisit your DR plan on a
consistent basis.
46
data file, but you have no way to actually access it without that software application, he says.
The same goes for major pieces of
software and data in the enterprise.
You may properly back up and protect
your Oracle database, for example, but
if you dont have every component of
the applications that uses that data up
and running, then youre just stuck with
an unusable database. Russell says that
some of these applications also have
built-in Web components, so to get everything up and running, you not only
need to protect the database and application, but also any necessary Webenabled functionality.
Special Considerations
For Software
Backing up every component of a
program goes even deeper though, because you also have to consider every
firmware update, OS (operating system)
version, missing patches, and so on.
When it comes to disaster recovery, its
very detail-oriented, and you have to pay
attention to the software stack because
the thing that tends to trip people up the
most is when they get incompatibilities
of software, says Goodwin. Theres just
a tremendous number of details and a
lot of those details, frankly, are on the
software side.
Goodwin says companies will often
overlook these incremental changes and
not realize that they can involve software
as well as an OS. These little changes may
seem so minor at the time that you either
forget about them or ignore them, but he
warns that they can become so frequent
that a disaster recovery system gradually but quickly becomes out of sync with
the primary system. So when you try
to recover your primary system using
backed up assets, you could be using
incompatible versions of the software or
OS and workloads wont run properly.
Its a lot of those oops moments
when people try to do a test or, worse
47
48
Goodwin agrees with the idea of prioritizing applications for backup and
recovery and says its often as simple as
starting off with mission-critical, then
you go to business-critical, and then the
rest are operational. He says you absolutely have to recover in priority order
and apply service levels to those different
things, meaning that you have to not
only make sure something is up and running, but also that it will perform at an
acceptable level.
Goodwin explains, You might say,
I need to be able to recover my mission-critical applications within four
hours. My business-critical I can recover
within 24 to 72 hours. All of the operational, maybe its OK to recover them
within five days. Oftentimes, it boils
down to what generates your revenue. If
its something that generates revenue,
Goodwin adds, its mission-critical.
Business-critical would be things like
your back office accounting. You have
to do it, but if you do it today or tomorrow, it doesnt matter that much.
More operational things might be file
and print, reporting, and other stuff that
is more of a back office, periodic, once
every 30 days.
KEY POINTS
Insider threats can be disgruntled employees or third-party
contractors, but they may also
be the result of human error or
spear phishing schemes.
UBA (user behavior analytics)
and cloud-based application access solutions can help prevent
insider threats.
Investigations are necessary
to determine if a threat was
malicious or accidental and how
the incident should be handled.
People-centric security
makes your workforce the first
line of defense against insider
threats and other security risks.
50
Threat Types
One type of insider threat, according to
Doug Cahill, senior analyst at Enterprise
Strategy Group, is the disgruntled employee or insider with purely malicious intent. This employees main goal is to either
steal information or damage the company
in some way from the inside.
Another type can stem from temporary third-party contractors. One of the
most prominent examples of a breach
that happened via third-party is Targets
HVAC contractor, says Cahill. Thats
how [its] network became compromised.
Another type of insider threat is one in
which an employees login credentials are
co-opted as the result of a targeted attack.
An example of this, according to Cahill,
can occur in a spear phishing campaign
when someone receives what appears
to be a legitimate email from his bank.
Because it is well-engineered email, he
clicks an attached file or weblink within
the message. Unbeknownst to the user,
his actions result in the installation of a
keystroke logger that records everything
he types. A malicious person can use this
same method to target organizations,
giving him access to a variety of login
credentials, such as cloud-based apps,
internal corporate databases, and more.
Important Technologies
To Consider
When it comes to the technology side
of preventing and managing insider
threats, Cahill says its important to prioritize your systems and applications to
determine which ones require extra protection and authentication. He recommends organizations protect the systems
that hold the most business-critical data
with 2FA (two-factor authentication),
which requires not only a username and
password, but also a unique code that is
sent to a separate device, such as a smartphone, thereby adding an extra layer of
security. Were in a world today where
2FA needs to become a standard authentication mechanism, says Cahill. Thats
the first thing and thats really table stakes
relative to todays landscape.
The next technological step, according
to Cahill, is to consider implementing a
UBA (user behavior analytics) solution,
which, he explains, is a new category of
products that very often integrate with
SIEM (security information and event
management) products such as Splunk
or Arcsight. UBA solutions help establish a baseline of normal usage for an
employee and give you a foundation to
work from when trying to identify potential anomalies. For example, maybe an
employee typically logs into his email or
CRM system at 8 a.m. from his desk but
one day he accesses it at midnight from a
different location. The UBA system would
51
read the security policy. This is an important thing to remember because if you
need to educate or train an employee after
an incident or use it as leverage in an investigation, its important that you have
something solid to fall back on.
From there, you either have to perform
an internal investigation or have a thirdparty investigator come in to determine
what happened and what the ramifications are. This is the part in the process
where you find out if the attack had pure
malicious intent or if you can chalk it up
to human error. Walls says that the type
of insider threat has a direct impact on
what needs to be done, so if it was an accident, it may only require some education
and training, but if its malicious, then
you may need to involve law enforcement
and consider criminal prosecution.
At that point, it ceases to be a security matter and becomes an HR disciplinary matter, or in certain cases a law
enforcement criminal activity matter,
says Walls. The investigating team will
notify the correct person in HR, or legal
counsel if they think theres criminal risk.
There should be defined points of contact
for them. Then, its the organizations decision as to how they invoke disciplinary
activities or legal proceedings, whether
they want to ignore it or move on it. Its
no longer a security matter.
These types of situations illustrate how
important it is to have a UBA or similar
solution in place to create an audit trail,
so that everything is recorded, Cahill
says. You can go back and review that
trail not only for forensics purposes,
but also for compliance. And you can
use these systems to decide what should
happen following a certain type of threat.
Upon detecting inappropriate use of a
system and data leakage, you can terminate access right away, says Cahill. If
its an insider threat from a third party,
all of those accounts should be timebombed. If I have an engagement at a
company for a two week statement of
work, my credentials should absolutely
52
People-Centric vs.
Technology-Centric Approach
While technology is a viable option
for preventing insider threats, and one
that many organizations embrace, its also
possible to take a more people-centric approach to security. Instead of investing
in more and more technology to detect
what people are doing, you start investing
in the people and building communities
of trust where the people who are in the
workforce have expectations of each other
in terms of trustworthiness, performance,
observation, and co-supervision of each
others activities, so that the people in
the organization are your first line of detection, mitigation, and response, Walls
says. In essence, you can make your employees the initial gateway to stopping
insider threats and let them govern themselves in a more organic way.
Walls admits that technology-centric
security and people-centric security are
very different approaches, but they also
dont have to be mutually exclusive.
He warns that having a technocratic
mind set can actually result in a more
fragile organization. Your people, especially these days with the advent of
digital business, are expected to be flexible, adopt new patterns of work, act independently, collaborate and form teams
on the spot, and employ whatever technology is necessary to complete their
tasks in an efficient matter, says Walls.
Theyre being handed a lot of responsibilities, and if we constantly build rigid
technological structures around them
that inhibit their ability to do what they
need to do, they will vote with their feet
and work around those structures.
Its not a matter of choosing one approach over the other, but rather coming
up with a proper balance between technology and policy that makes sense. Its
important to employ 2FA and SIEM technologies, and cloud-based access management solutions, but you also have to
have the employee education, behavior
influence, and personal responsibility
programs in place that empower your
employees to make their own decisions
and put security first in everything they
do. This has to be a conscious investment
and it cant be something you stumble
into, says Walls. If youre taking the
people-centric approach, the CEO needs
to be on board. Its not buying a new
next-generation firewall; its changing the
fundamental relationship between your
employees and your security performance
objectives as a corporation.
54
55
Images, clockwise from top left, courtesy of Apple (1), Samsung (2), Sony (3), Microsoft (4, 5), and BlackBerry (6)
Smartphone Tips
ADVICE FOR HANDLING EMAIL, CALENDAR & CONTACTS
WINDOWS PHONE
Delete Email In Bulk
Get Help
Need more help? Tap the Help+Tips
tile. This app provides access to quick
hints, how-to articles, frequently asked
questions, and video walk-throughs.
56
ANDROID
Set Up Encryption
If you have added an event to your calendar, the entry can be public or private depending on the setting used. If there is an event in your calendar you
would like to keep private, launch Calendar, access the event, tap the event
name to open it, press the Menu key, tap Edit, and make sure the event is set to
Private rather than Public.
Report Spam
Just because youre using your smartphone for a majority of your emailing
these days doesnt mean you have to put up with spam. To take care of unwanted
messages, just tap the offending piece of email to view it, press the Menu button,
and then tap Report Spam. Depending on your phone, you may need to tap the
More icon to see the Report Spam option.
57
iOS
Manage Your Email, Calendar
& Other Notifications
Are you getting so many unnecessary
notifications that your email and calendar
ones are getting lost in the shuffle? You
can control that. Access Settings and tap
Notifications. Tap Sort Manually, and then
tap Edit. Now you can slide app/notification types around to determine which are
(and arent) included in the notification
area and the order in which they appear.
58
BLACKBERRY
Add Contacts To Your
Home Screen
Launch the Contacts app and highlight the contact you wish to have
on your home screen. Press the
Menu key and select Add to Home
Screen. A small box will appear, with
an icon for the contact and the contacts name. You can change either
by tapping on it. When youre satisfied with the name and icon, tap the
Add button.
BlackBerry Link software simplifies the process of transferring data from another device.
59
Hotspot Troubleshooting
Ordinarily, when you carry your
laptop into an airline lounge, it will automatically connect to the available Wi-Fi
hotspot. But what if that doesnt happen?
First, check that your notebooks Wi-Fi
adapter is turned on. Often, youll see
a backlit Wi-Fi icon near the keyboard.
If the icon isnt illuminated, look for a
physical switch that you can flip to enable
the adapter. Sometimes, the state of your
network connection is easily determined
by an icon in the notification area of the
60
Taskbar. For instance, a red X on the network icon indicates the adapter is disabled while an asterisk means the adapter
is in the process of detecting the available
networks. You can right-click the network icon in Windows 7 or Win8 and
select Troubleshoot Problems. When the
Windows Net-work Diagnostics utility
opens, it will reset your connection, disable the wireless adapter, and then enable
the adapter again.
The utility will display descriptions of the problems it detects along
with some recommended solutions. In most instances the utility
will repair the connection and report
the issue as Fixed. To enable a disabled adapter, right-click the Network
Connections icon, click Open Network
And Sharing Center, select Change
Adapter Settings, and then right-click
the name of the wireless adapter. In
the resulting menu, you can choose to
A Touchy Touchpad
If you use your laptop on a dock (and
use an external mouse and keyboard),
you can go weeks or months with a deactivated touchpad and never realize
it until you hit the road. If you find
yourself in this situation, you can activate the touchpad by pressing the Fn
(function) key simultaneously with the
F number key associated with the laptops touchpad (often labeled with an
image of a touchpad). Using this key
combination will either automatically
activate the touchpad or display a device settings dialog box that gives you
the option to enable your touchpad.
Alternatively, you can check the notification area in the lower-right corner
of the screen for a touchpad icon. Click
the icon and the touchpad control panel
appears where you can enable or disable
an input device.
An Unresponsive Keyboard
Or Mouse
If your programs and applications
dont respond to keyboard commands,
use your mouse to shut down the computer by clicking Start, then Shut Down
(in Win7) or tap the Power Button and
61
YOURE READY TO give your presentation, but until that first slide appears on the big screen, you can never
be sure that your equipment has got
your back. We cant tell you not to
worry, but these handy tips should
help bail you out if your presentation
goes south.
62
Network Connection
Many venues supply network projectors, which are made available as
a shared resource. Making a connection to a network projector is as easy as
plugging your notebook into the corporate network via wired or wireless
Ethernet. Check with the companys
IT staff for specifics. Once connected,
use the network connection wizard in
Windows 7 to find the projector you
wish to use:
Click Start (the Windows button in the bottom-left corner
of the screen).
Click All Programs.
Click Accessories.
Click Connect To A Network
Projector.
No Video
In many cases, your notebook will
detect that you have a projector plugged
into one of its video outputs and will
automatically turn on the port. Not all
notebooks do this, however; and even
those that can still have missing video
if the notebook isnt set to duplicate the
Desktop or extend it to the secondary
monitor (the projector). Many notebooks use a function key combination
to toggle the projector port on or off
and set how you can use the display.
We recommend using the control
panels in Win7:
Right-click a blank area on the
Desktop.
Select Screen Resolution.
Select the second display from
the drop-down menu.
Select Extend These Displays
from the Multiple Displays
drop-down menu. Your Desktop
background should now appear
on the projector.
Win7 also has a pop-up display for
selecting the content that is sent to the
projector. Press the Windows-P keys
to bring up the four possible selections:
NOTEBOOK-PROJECTOR
TROUBLESHOOTING
TIPS
Turn off all equipment before
connecting the notebook to the
projector.
If possible, use a digital connection to ensure a high-quality
presentation.
If youre not using the projectors built-in speakers, turn
them down and connect the
notebooks audio out to the
sound system.
If youre using a wireless
mouse or controller, make sure
you can establish the wireless
connection.
Use the network connection
feature in Windows 7 to connect to a network projector.
No video? Check the ports and
Windows Screen Resolution
settings.
Adjust the screen resolution to
resolve out-of-range messages.
When a projected image isnt
proportionally correct, reposition
the projector and/or change the
projectors keystone setting.
If a display turns off during a
presentation, check the notebooks power management
settings.
If video isnt displaying correctly, change the Display settings to make the projector the
primary display.
63
Facebook
When setting up your Facebook profile,
the service will ask for a lot of personal
informationincluding education history,
64
Twitter
By default, Twitters account settings
make your tweets available for all to see.
The alternative is a protected mode, where
your tweets are only visible to your approved Twitter followers. Protected tweets
are not retweetable, so even approved users
cant share your tweets. You also cannot
share permanent links to your tweets with
anyone but approved followers. If you
want to use Twitter to drive Web traffic,
the restrictions in the protected mode
might undermine why you joined Twitter
in the first place.
If you want to adjust your tweet privacy level, or the other privacy controls
on Twitter, sign into Twitter and open
your account settings. Next, click Security
And Privacy and scroll down to Privacy.
If you only want approved followers to see
your tweets, click the Protect My Tweets
checkbox. You can also control who can
tag you in photos, whether your tweets
include a location, and how others can find
Google+
For Google+, privacy has been a key
consideration from the very beginning. For
example, youve always been able to assign
a privacy level for each post you share. And
based on the Circles (friend groups) youve
set up, its easy to share content with only
a specific crowd. Google+ also offers detailed privacy settings where you can control most every aspect of your profile. Visit
your Google+ page, click your name, select
the drop-down menu under the Google+
logo, and choose Settings.
In the Settings window, you can customize who can send you notifications,
comment on your public posts, and
manage subscriptions. If you want to
configure the audience settings for your
posts, photos, and profile updates, scroll
down to the Your Circles section and click
Customize. By default, Google+ pushes
updates to the people in your Friends,
Family, and Acquaintances groups. To
block a particular group, remove the check
from the checkbox. If you want to reach a
larger group of people, you might want to
add a check to the Following checkbox, so
followers of your Google+ profile will be
added to Your Circles list.
Next, scroll down to the Profile section where you can configure how people
are able to find your profile and control
what content displays in your profile. A
setting of interest for businesses is Allow
People To Send You A Message From
Your Profile, as this setting offers a way for
consumers to reach out to you. If the setting is limited to Your Circles or Extended
Circles, customers might not be able to
contact you.
If you use Google+ on your mobile
device, youll also want to examine the
Location Settings section. These settings
let you enable or disable location reporting
via your smartphone and tablet. If enabled,
you can control who can see your current city and/or exact location. The precise
LinkedIn
The business-focused nature of LinkedIn ensures that privacy is a priority. To
examine your settings, log in to LinkedIn,
hover your pointer over your profile
photo in the right-hand corner, and select
Manage next to the Privacy & Settings option. In Privacy Controls, youll find a host
of options to control what others can see
on your profile and activity feed.
If you use LinkedIn to search for new
clients and key connections within an organization, you can opt to remain anonymous, so people wont know that you
looked at their profile. To do so, click
Select What Others See When Youve
Viewed Their Profile. There are two anonymous options, one where others will see
an industry and title, or you can opt to
be completely anonymous. You can also
manage who can follow your updates, edit
blocked connections, and shut down users'
ability to view your connections.
65
PROCESSOR
SPEED OF CHANGE
PROCESSOR
SIX QUICK TIPS
Get Serious
If most of a companys operations
are performed remotely outside the
data center, excessive noise can be
viewed as being a minor concern, says
Roy Illsley, Ovum principal analyst.
Still, excessive noise can impact others outside the data center, potentially
requiring adding insulation to prevent
Go Remote
Although Roy Illsley, Ovum principal analyst, hasnt personally heard of
cases in which noise exposure has caused a data center employee to
suffer from long-term physical damage, hes sure there have likely been
cases of such. Positively, many data center operations are now performed remotely, he says, thus employees dont need to spend as much
time in the data center as previously.
67
PROCESSOR
SIX QUICK TIPS
What To Do
Among easier-to-implement steps
that many data centers already have
taken to combat noise is providing
BONUS TIPS:
Replace The Old With
The New
Ken Koty, PDU Cables
sales engineer, advises
that organizations replace
their older equipment that
is showing evidence of
wear and tear with newer
and quieter equipment.
For example, he says,
technological advancements have led to a generation of fans today being
68
Considering Raising
The Temperature
Some experts suggest
that because cooling
systems play a significant role in generating
noise within data centers, including possibly
to the point that noise
exceeds acceptable
levels, organizations
should consider raising the temperature
in the data center.
The reasoning is that
PROCESSOR
SIX QUICK TIPS
69
PROCESSOR
SIX QUICK TIPS
The Consequences Of
Complications
The whole point of SSO, IAM, and
EMM tools are to keep it simple for
the workforce. If what you provide
employee isnt simple, quick, or robust
enough, its likely theyll move to a
less secure alternative. Just as with
BYOD, they WILL ignore the rules if
you make it too hard for them to get the
job done, says Kate Lister, president at
Global Workplace Analytics. I cant
tell you how many times Im trying to
connect with someone, but they cant
get past the firewall, so they instead
switch to their personal technology.
Arnold echoes Listers thoughts.
IT must also understand that theyll
need to keep it simple, because the
alternative is consumer-grade applications. Arnold gave us the example of
an enterprise that has setup a secure
file-sharing servicebut the service
requires the user to logon each time and
the interface is difficult to useso the
workforce opts to use their unsecured
third-party personal account to share
files. And as soon as you steer workers
away from what youve setup, its hard
to get them back again, says Arnold.
BONUS TIPS:
Training
Kate Lister, president
at Global Workplace
Analytics, tells us that
Unless people are
adequately trained in and
regularly use the technologies offered, they will not
use them effectively or
efficiently, and she adds
that you should Make it
safe for them to say they
70
You also lose capabilities for integrating that data into the rest of the applications you use within the company.
Even worse, your organization might
have spent a good deal of money and
resources to create a secure solution. If
employees are going out of their way to
use something else, the time and funds
spent developing the solution becomes
a big waste. The lesson here is that
application development isnt complete
until youve made it easy for everyone
in the company to use.
Biometric Authentication
The enterprise environment has long been on
the bleeding edge of
biometrics as a form of
authentication. By 2020,
Gartner expects that
advanced biometrics, such
as face recognition, voice
recognition, and keystroke
dynamics, will overtake
PROCESSOR
HOW TO
Key Points
Employ WPA2 Enterprise
encryption
Validate users and setup a
guest network
Eliminate weak points in your
network
71
PROCESSOR
HOW TO
they need. Security barriers are necessary, but are increasingly moving away
from the network, says Mike Battista,
secure manager and analyst, infrastructure, at Info-Tech Research Group.
For example, an individual application can only reveal itself to an authorized user, using a safe device, at the
right time. In-house apps might also
let you create restrictions about what
remote workers can do, or what types
of files they can access. Many enterprise mobility management (EMM),
cloud management, and identity management tools are available to help you
secure mobile devices. P
Action Plan
Isolate Guest Traffic. Enterprises need to allow the occasional guest to
have access, and while most enterprise WLAN access points support this
with a separate sign-in portal, youll need to manage the VLAN to ensure
they have limited file access. Typically, IT managers will limit visitors to
Internet access, unless guests have a critical need for corporate assets.
Another good idea is to set a time limit on guest accounts.
Monitor Guest Access. So, now that youve setup guest access, you
might considering if you need to monitor it for legal reasons. For example,
do you need to follow regulations that require you to collect the data for
a given amount of time? If so, you might need to to record what guests
access over your network. On the flip side, you probably also need to
stick within the privacy laws of your state.
Top Tips
BYOD & Wi-Fi Security. We all know that BYOD makes life tough for IT, and since most of these personal devices connect via Wi-Fi, its important to utilize solid security and create detailed policies about how workers can connect their
personal devices. Some enterprises opt to offer only guest access to BYOD, while others have employees register the
device and use a corporate login for authentication. With the latter, IT can treat BYOD options similar to corporate-owned
devices. Often, employees will need to sign an agreement that they will abide by organizational policies for what data will
and wont be allowed on the personal device.
HotSpot 2.0. In an effort to better secure public Wi-Fi, the Wi-Fi Alliance has created a certification program for
passpoint devices that will allow Wi-Fi connections to be made in a similar way to cellular connections (and with similar security). Mobile devices can be authenticate at hotspots over Wi-Fi using EAP, just like in your enterprise network,
based on a Subscriber Identity Module (SIM), a username or password, or a certificate. All connections are automatically
secured using WPA2 Enterprise. The passpoint certification is based on the Wi-Fi Alliances Hotspot 2.0 specifications.
While I dont quite think that its ready for deployment across the board, Im really excited about Hotspot 2.0 and EAPSIM, says SANS Certified Instructor Larry Pesce, I think that these two new upcoming technologies will eventually drastically change the way we authenticate to wireless networks of all types, including in the enterprise.
72
PROCESSOR
F E AT U R E D P R O D U C T
manage those devices via the InfraSolution X Management software, saving travel time and costs and increasing
data center efficiency, Yim says. For
basic needs, Austin Hughes offers the
InfraSolution S for rack access control
with standalone smartcard handles.
The InfraSolution product offers several advantages over its competitors,
Yim says, particularly when it comes
to compatibility. The InfraSolution
X-800 handle is designed for global
IT-branded cabinets, he says, and its
universal mounting cut-out allows easy
integration with most third-party cabinets, avoiding costly and complicated
door customization.
InfraSolution X comes with its own
software for remote management, but if
you have an existing building manage-
(510) 794-2888
www.austin-hughes.com
PROCESSOR
I T & FAC I L I T I E S M A N AG E M E N T
Small Footprint
The unique footprint and features
of Room Alert 3 Wi-Fi make it perfectly designed to assist with monitoring temperature and other environmental conditions where a small
footprint is needed, where a wired
connection may not exist, when the
investment cost needs to be minimal, or where deployment volume
may be high.
With one digital temperature sensor built-in, users can expand monitoring by adding another digital
sensor (i.e., temperature, humidity,
$175 price makes it affordable to deploy or use in areas requiring a large number of
devices. Over 30 sensor options.
(888) 220-6700
Sales@AVTECH.com
Go to AVTECH.com and click Store
74
F E AT U R E D P R O D U C T
A Purpose-Built JBOD
AIC SAS3 JBODs Deliver High Performance, Serviceability &
Reliability, Complete With Intelligent Enclosure Management
There are a lot of ways to expand
storage capacity in the data center, and
JBOD has always been one of the most
inexpensive methods to do so. AIC
optimizes its SAS3 JBODs with performance and reliability in mindperfect
for high-availability applications.
The J2012-01, for example, is a 2U,
12-bay JBOD that boasts 48Gbps connectivity per Mini-SAS HD cable. You
can attach up to three Mini-SAS HD
connectors per expander tray. Excellent
scaling performance is handled by LSIs
SAS3x28R expander chip. Youll be
able to use almost any hard drives you
want, as AICs firmware and LSIs
expander chip support mainstream
HDDs, HBAs, and RAID controllers
(SAS2 and SAS3).
For reliability, AIC provides redundant 549 watt hot-swap power supplies,
which meet the 80 PLUS Platinum
certification. There are also two hotswappable 6038 fans. Just about every
component in the J2012-01 is hot-swappable, and all the field-replaceable units
are tool-less, so you can upgrade and fix
issues without any downtime.
AIC also works to help you avoid
downtime by including its Intelligent
Enclosure Management and support for
SCSI Enclosure Service (SES-2). You
also have the ability to manage power
on individual drives, which can help
to reduce power consumption in warm
or cold storage applications. To ease
deployment, AIC provides external port
self-configuration to host or expansion.
(866) 800-0056
www.aicipc.com
(888)-865-4639
www.lindy-usa.com
Can We Tock?
Skylake
Code-named Skylake, Intels 6th
Generation Core processors take Intels
14nm manufacturing process and refine
it for even greater performance. The
flagship processor, the Core i7-6700K,
is a quad-core CPU with HyperThreading technology that allows it
to run up to eight instruction threads
simultaneously. It has a stock clock
speed of 4GHz and a maximum singlecore frequency of 4.2GHz through
Advertisement
78
Z170
A good CPU needs a
good chipset to unlock its
full potential, and for 6th
Ge n e r a t i o n In t e l C o re
processors, that chipset is
Z170. Designed to mesh
perfectly with the Core i76700K and Core i5-6600K,
the Z170 chipset provides
dual-channel support for
DDR4, the fastest desktop
memory spec on the market
today. DDR4 also operates
at lower voltage settings than
DDR3, which adds efficiency to this new
platforms list of benefits.
Z170 comes equipped with Intels
new DMI (Direct Media Interface)
3.0, which provides four connection
lanes between the CPU and PCH
at 8GTps per lane, for a total of
nearly 4GBps. Another upgrade
from previous chipsets is Z170s
larger Flex-IO hub, which increases
the number of ports available to
motherboard manufacturers for use as
PCIe lanes, USB 3.0 ports, or SATA
6Gbps ports from 18 in Z97 to 26.
In addition to allowing for greater
flexibility in motherboard design, the
new hub dedicates more bandwidth to
PCIe devices for use with Intels RST
(Rapid Storage Technology), paving
the way for more motherboards with
Look Inside
As the Tock to Broadwells Tick, Skylake is a big step forward. When teamed
up with a Z170 motherboard, the Core
i7-6700K and Core i5-6600K give you
improved performance, greater power
efficiency, increased overclocking
control, and support for the latest
PC technologies.
Born To Overclock
Most power users are familiar with
Intels K series processors and their
unlocked multipliers, but with Skylake
and Z170, Intel has provided the
highest level of overclocking control
yet. For starters, you have access to
unlocked core ratios in 83 100MHz
increments, as well as complete Turbo
overrides for voltage and power limits.
But you also get enhanced full-range
BCLK (base clock) overclocking,
which allows for adjustments in 1MHz
increments up to 200MHz or higher
some sources report frequency gains
greater than 400MHz when using
79
Certied Piedmontese beef tastes great: lean and tender, juicy and delicious.
But theres more to it than just avor. Certied Piedmontese is also low in fat
and calories. At the same time, its protein-rich with robust avor and premium
tenderness. Incredibly lean, unbelievably tender: Its the best of both worlds.
piedmontese.com