Quocirca Insights

Page 5 of 30« First...34567...102030...Last »

February 23, 2017  8:30 AM

Durable and circular for more a sustainable mobile device strategy

Rob Bamforth Rob Bamforth Profile: Rob Bamforth

Consumerisation of mobile technology has had many benefits. It has driven down the prices of devices, improved the user experience to the benefit of non-technical users. Plus, awareness and crucially acceptance, of mobile devices, has soared. All of this might seem good for the business, but there is a significant drawback. Consumer attitudes to technology can lead to a throwaway culture, with the obvious impact on wastage. This is not sustainable.

Mobile technology uses precious materials which are becoming scare, expensive to find or politically harder to gain access. Devices also include hazardous waste materials and lots of energy is consumed during production. No surprise that governments are increasingly introducing legislation to decrease waste, lower carbon emissions and penalise polluters.

This is being felt by organisations already, and will have further impact in future as regulations tighten. A much larger direct effect of throwaway technology is the disruptive impact on business processes. This has commercial and not just environmental consequences. Low cost consumer devices might seem simple and cheap to replace, but device failures and unexpected changes affect and interrupt the business process.

Durability

While few working environments are really ‘hazardous’, they can be unpredictable and unforgiving if devices are mishandled. So, a better approach is to make mobile device design fit for purpose and sufficiently durable. This means considering not only the device itself, but also the peripherals, accessories and software that will be used with it over its life.

More durable ‘whole life’ design should ensure devices can be maintained in the field. It could also take into account that devices should be compatible over several generations with replaceable components such as batteries and other ecosystem elements such as printers, scanners, cases etc. This would keep costs down and address some of the environmental concerns about wastage from replacing items that still work but have been made obsolete because of changes to the core device.

Whole life design would also offer better support for business continuity where workers rely on mobile devices.  If devices are not sufficiently durable there is always the risk of something breaking. Failure of any single element of the system causes downtime, aborted processes and user frustration.

Circular economics

A different economic model, which takes the whole life approach, has been suggested from the work of the Ellen MacArthur Foundation. This followed the “cradle to cradle” concepts established by William McDonough and Michael Braungart. It has at its core the term ‘circular economy’, and its approach is to replace the current largely linear approach of ‘take, make and dispose’ with one in which resources circulate at high value, avoiding or reducing the need for new resources.

There are many environmental benefits to a more circular economy and a ‘circular’ or sustainable approach to mobile devices – from reducing greenhouse gas emissions and other pollutants, relieving pressure on raw materials and energy consumption. Such circularity could also be directly beneficial to businesses and the mobile workforce:

  • Durable design. Products are built to last and survive the day to day knocks and challenges of an active working environment. Products are increasingly built for energy efficiency with simpler in-field replaceable components e.g. Batteries.
  • Sustainable Supply Chain. Products are designed for in-field upgrade and re-use at end of life. This provides opportunities for remanufacturing and refurbishment across the supply chain.
  • Recycling and Recovery. Manufacturers operate comprehensive warranties and take-back programmes at the device end of life, making it easy to return and responsibly recycle hardware.
  • Product life extension. Manufacturers are able to extending the product life through software-upgrades and firmware updates. This allows for long-term compatibility with peripherals and accessories to ensure all elements of the mobile device ecosystem remain in active use as long as possible.

The key principal is that while a more circular approach offers environmental benefits, it also provides benefits to the business; direct cost savings in the total cost of ownership of devices, and indirect savings when looking at the reduction of disruption to the mobile business process. This approach to mobile device durability is further explored, with guidelines for how to build a sustainable mobile device strategy, “All mobile, still working, becoming sustainable”.

February 16, 2017  10:25 AM

Forget intelligent cities – how about a more intelligent planet?

Clive Longbottom Clive Longbottom Profile: Clive Longbottom
iot

Gin Lane by William HogarthThe year is 1750 – just before the industrial revolution. The overall population of the UK is around 6.5m. London has a population of 675,000: the second most populated city is the sea port of Bristol, with 45,000.

Roll on to 1850, when the industrial revolution has passed its peak. The UK population is now 26m. London has a population of over 2.5m. Liverpool, Manchester, Birmingham, Leeds and Sheffield have all overtaken Bristol, all with populations of over 150,000. Whereas London has remained at around 10% of the country’s population, the next 5 cities have moved from being around 2% of the population to around 6%.

The transformation of the northern cities pulled in people from the outlying areas. Moving to the cities ‘paved with gold’ was seen as the way to become rich via working in the new mills. What it really led to was the London that moved from Hogarth to Dickens, and northern cities where malnutrition, illness and the poor houses led to high rates of death in these expanding, coal-fired conurbations. The countryside suffered – there were fewer workers available to work in the fields, and this led to less fresh food being available to feed the growing population of the cities, leading to diseases such as rickets and scurvy. Even where workers remained outside of the cities, they were increasingly pulled in to working down the mines to fuel the growth of the cities.

Is an equivalent happening as technology creates the digital revolution?

The wrong focus
The focus to date has been on the intelligent city. This has a degree of sense, in that it provides constraints around a vision. Those creating the intelligent city can focus on specific boundaries, a specific population of people and specific desired outcomes. However, if the desired value of the intelligent city is forthcoming, then that city becomes more attractive as a place to live than other cities, towns and villages around it. This has been seen in cities where hyperspeed internet has been introduced, and where integrated citizen services have improved accessibility of certain services. The massive growth of cities such as Pune in India (10-year population growth 40%) and Shenzhen in China (25%) shows how people are still being sucked in to high-growth centres.

London now has a population of around 8m – more than the whole UK population back in 1750. Even with massive improvements in technology, it is struggling – many organisations find that advertised internet speeds are rarely (if ever) achieved; housing costs are driving people to live outside the city and travel in; transport and utilities are struggling to cope with demand; homelessness is on the increase. London is far from being an intelligent city.
This is where the internet of things (IoT) may be able to help. Instead of focusing on an individual city, governments, organisations and communities should start to focus on citizens across the whole of the country, and even beyond. Each citizen has their own needs, whether they be a city banker or a country farmer. Prioritising one above the other leads to increasing friction and feelings of ‘us and them’ between individuals and groups. Providing a level playing field leads to a more cohesive community, which then leads to greater success as a country.

Better internet
As a starter, providing good levels of internet access to villages means that more people can work from these areas, so moving away from the large second home model that is prevalent in the UK. Many of these homes are empty for large parts of the year, meaning that few fully local businesses can survive. Enabling people to spend more time in the villages can revitalise such local businesses – the butchers, bakers and greengrocers, for example. This does not mean the government’s target of a minimum of 10Mb/s as a universal service offering (USO) by 2020 is going to help much.

The UK is already way down the global internet speed rankings. With some countries already working against USOs of 1Gb/s and some cities, such as Chattanooga in the US already stating a USO of 10Gb/s by 2030, 10Mb/s is looking a little like wet string and baked bean cans.

As consumers move increasingly to a digital economy, the need for faster broadband speeds is pressing. Sure – basic browsing, buying and information seeking can be done on 10Mb/s, but telephony, music, video conferencing and HD TV streaming will be constrained by such speeds. 5G could help here by providing high speed connectivity without the need for dependence on ageing copper and aluminium infrastructure.
The broader use of the internet of things (IoT) also needs good connectivity. Farmers can use IoT devices on their farms to optimise the use of the value chains from the farm to the fork – but the data being gathered by thousands of devices on the farm needs to be dealt with adequately. Some of that can be managed through intelligent filtering at the farm itself, but true high speed internet will help enormously in the capabilities to aggregate, analyse and report on the data.

Public transport can also benefit from such connectivity – citizens can ensure that full itineraries are created and managed in real time, linking buses, taxis, trains and so on lowering the needs for owning cars. Indeed, as autonomous vehicles come through, the need for solid connectivity to clouds where the vehicles can exchange and act on data becomes a necessity.

The right skills at the right time
Identifying skills as required in real time can also be better enabled. Need someone to come to you and fix your printer? Maybe there is a mobile engineer not too far away at the moment – GPS tracking and mobile work ticketing can make it that the expert can be there in a matter of minutes or hours. Likewise, need someone to fix your machinery on the farm? Don’t wait until tomorrow – either have the IoT pre-identify the problem before it becomes a major issue and call in an engineer to swap things out, or get the nearest engineer on site as soon as possible – without needing to pick up the phone.

The whole of the UK can benefit from an IoT based around better connectivity – it can move from these too highly focused intelligent city projects to an intelligent, and far more productive, country model. If countries would then start to use connectivity in a positive manner to break down the bureaucratic and nationalistic walls between nations, then we may – just may – be able to move toward the intelligent planet.


February 14, 2017  2:09 PM

Mobile devices at work – a more sustainable approach

Rob Bamforth Rob Bamforth Profile: Rob Bamforth

Mobile devices put access to IT right into the hands of people while they are out and about performing their work tasks. For many this is not just about ‘being in touch’ or getting access to useful data. IT tasks performed using the mobile device are critical to the business process.

gears

These tasks could include a courier getting delivery jobs or the recipient’s signature or a railway guard checking and selling tickets. It might involve an engineer in the field performing maintenance, identifying failure and scheduling spare parts. Or it might be a retail worker checking stock and inventory. In each case, the mobile worker is reliant on the technology.

Once, these tasks would have involved pen, paper, forms and considerable delays. Now the transactions are instantaneous, with paper mainly being replaced by scanners, sensors and code readers. Physical output will only sometimes be necessary for part of a service interaction or those requiring a receipt. This means that all elements of hardware, software and network connection, are important to continuity of service of the business process.

Is consumer mobile technology sufficiently up to the task?

Not all situations are hazardous, but some, outdoor workplaces such as building sites or damp and dusty locations, will be. Others will involve open interaction in public places on transport, in shops, or over large campuses with indoor and outdoor spaces like hospitals, universities and factories. Most working locations can be unpredictable and unforgiving if devices are mishandled.  For many of these working environments, consumer mobile technology is not sufficiently durable. Failure of any single element of the system causes downtime, aborted processes and user frustration.

Individuals will have a connection to mobile devices of their own and (probably) take a little more care with them. Workplace devices are a different matter. Many workers will have other things to consider. They may be working outside or in cold situations where they need gloves. It might not always be possible to pay complete attention to looking after the device. It’s not that employees are being careless, but their primary focus needs to be the task, not device, in hand. The device needs to be sufficiently durable to take care of itself.

The research in Quocirca’s report, “All mobile, still working, becoming sustainable”, covers the adoption of sustainable mobile device strategies. It shows life expectancy is one of the top three buying criteria, after product cost and cost of ownership, for mobile devices. However, too much attention to upfront device cost savings by using cheaper or consumer devices risks introducing increased costs over a longer period. Even the oft-used wider perspective of total cost of ownership risks ignoring consequent cost increases for the business process.

Sustainable mobile device strategy

This is where a sustainable mobile device strategy will be beneficial, not only for the environment, but also for its cost impact on the business. This comes from a mix of hard costs and soft costs, since mobile devices themselves are part of a broader ecosystem. In many mobile use cases in logistics, retail, transportation and field services there will be important ancillary components. These could include vital peripherals – scanners, printers etc. – as well as accessories – protective and carry cases, vehicle mounting points etc. These may well be affected by changing or updating broken devices.

A sustainable approach means that these elements should still be in use over several generations of the primary device. This itself should be sufficiently durable to survive longer. Devices should also be update-able and upgradeable in the field; this includes changing batteries. These simple hardware improvements extend reliable working, and avoid one of the largest soft costs – interruptions to the business process. Consumer-oriented mobile devices are rarely this flexible, robust or designed with longevity of peripheral support in mind.

More consistency and longer working with the same device means less retraining required for users and avoids frustration. Furthermore, happier users are more likely to take a little more care of the tools they have become familiar with. It is therefore better for both the environment and the bottom line to take a longer look at the use of mobile devices over the entire business process, rather than simply trying to make an upfront saving on device cost. These approaches towards a more sustainable mobile device strategy are explored further in the Quocirca report, “All mobile, still working, becoming sustainable”.


February 8, 2017  10:08 PM

Load Balancing for security?

Bernt Ostergaard Bernt Ostergaard Profile: Bernt Ostergaard

Load Balancing (LB), is now popping up on the corporate security agenda! LB is no longer just about managing traffic flows across enterprise routers and servers. In the age of the cloud and software defined networking (SDN), the LB off-loading function has serious possibilities for deflecting DDOS attacks by shifting attack traffic from the corporate server to a public cloud provider. Next generation software load balancers with advanced dashboard capabilities can also provide deep analytics down to the individual application. This is exemplified in the next-generation SDN load balancing just announced by AVI Networks.

Companies increasingly rely on their WAN access for business-critical application performance, and servicing their on-line customers. Previously, that would indicate the need for specialised hardware and significant redundant capacity – just think of retail traffic spikes on Black Fridays! It would also be expensive to upgrade. With SDN, this all becomes a software issue on standardised X86 hardware.

We also continue to see increases in the number and size of DDOS (Distributed Denial Of Service) attacks, with the heaviest attacks now surpassing 600GBps, according to Akamai. This type of cybercrime represents about 25% of corporate cybercrime costs. Building significant hardware-based DDOS avoidance capacity is very costly, and requires high maintenance levels. Software load balancers with cloud offload can provide a much lower cost and elastic protection. To demonstrate scalability in software, AVI Systems recently scaled applications from zero to one million SSL transactions per second in under ten minutes on the Google cloud.

SDN in the data centre

With SDN, enterprise data centres can rely on a converged X86 server base. They can virtualise their WAN access channels by bonding fixed and wireless connections using SDWAN routers (see http://www.computerweekly.com/blog/Quocirca-Insights/Dismantling-data-centre-and-WAN-silos). And now they can deploy software defined load balancing to ensure their application performance, as well as elastically expand (or contract) network capacity as needed.

To do that requires data centre integration, virtualisation and convergence, as well as hybrid cloud management. Furthermore, to be on the leading edge, companies will want to containerise these functions to allow data centres to deploy business applications more rapidly, with reduced development overhead, lower costs, and increased business agility.

lb-in-distributed-dc

The diagram depicts load balancing across a hyper-converged infrastructure (source: AVI Networks).

SDN in the converge data centre

The next generation data centre using products like Big Switch Networks, creates a distributed data centre architecture. This has bare metal hardware that is virtualised, uses containers and hybrid cloud extensions. SDN is still not one-size-fits-all! Inevitably IT departments looking at the next generation of SDN load balancers need to ensure:

  • Compatibility with the major public cloud providers.
  • Virtualisation presupposes compatibility with VMware and Openstack.
  • For X86 compatibility, enterprises can use Intel Bare Metal.
  • Automation, management and orchestration can align with Chef, Ansible, Puppet and others.
  • SDN controller products are available from a range of providers like Cisco, HPE and Contrail.
  • Then there is the container tech coming from Kubernetes, Red Hat OpenShift, Mesosphere DC/OS and Marathon.
  • Finally, to manage and orchestrate the hybrid cloud environment will require REST API based dashboards.

Load Balancing as IT insurance

IT departments stand and fall with their ability to deliver business continuity at still lower price points. They need to justify their own existence every day! Call it insurance in the broader sense. Providing elastic allocation of compute resources, and using the ability of major public clouds to suck up DDOS attacks to ensure business continuity, can be viewed as an insurance policy. IT faces line-of-business demands for more agility to support their DevOps plans, and the ability to provide different corporate constituencies with deeper analytics into individual apps performance, to determine where the delay bottlenecks are. Providing user-friendly and flexible business continuity options that deter lines-of-business from going off-piste, will also curry favour with the company board, as it attempts to implement Governance, Risk and Compliance (GRC) policies.


February 3, 2017  6:43 PM

AV security – unwelcome guests and visual oversight?

Rob Bamforth Rob Bamforth Profile: Rob Bamforth
BYOD, Security, Wi-Fi

Consumerisation and collaboration bring many positive changes to the enterprise. Employees can now use the devices they prefer. Through social media, they have also become used to sharing and communicating more readily with friends and colleagues. However, these changes also introduce security risks – just who and what have you got connected to the network?

icon2

If it was simply a matter of traditional IT products and regular employees, that would be complicated enough. Now all manner of smart devices and itinerant visitors are connected.

In a concerted industry effort to tackle these types of issues head on, cyber security is for the first time going to form part of conference discussions at the forthcoming Audio Visual (AV) event, Integrated Systems Europe (ISE) in Amsterdam in February. The industry’s two main associations, CEDIA and InfoComm have assembled an array of experts to discuss cyber security and the associated risks over a morning conference on Friday 10th February.

This initiative is to be welcomed as the security aspects of IT rise to the fore. Technology is not only pervasive in working environments, but also an integral element of our home lives as consumers. Widespread use can breed complacency. Organisations need to have the tools, systems and processes in place for technology to be used safely and securely in the workplace.

Technology

In many organisations cloud based services are simple to buy to extend a project without bothering IT. Employees are also used to bringing or wearing their own devices. This trend towards ‘shadow IT’ and BYOD (Bring Your Own Device) has few technical boundaries. So, when a meeting room screen needs to be connected or a video feed is required it is equally easy to buy consumer AV devices or services.

This ‘BYOAV’ (Bring Your Own AV) might seem innocuous, but AV technology, consumer and enterprise, has followed the same trends as many other technologies. Cost reduced (so easily affordable), network ready, often wirelessly (so always accessible), and open (so should be interoperable). But it also introduces, often invisible, security issues.

AV equipment is frequently placed in locations where presenting and sharing involves third parties, either as recipients or co-presenters. Guest access to Wi-Fi networks is expected too and should be secured or managed, but connections to AV equipment are more lax. Older systems may still rely on VGA connectors and cables. Sophisticated modern AV installations and low-cost consumer options are increasingly wireless. Even if they include security, the chances are high that it will be different to devices from other manufacturers in other rooms. It will also most likely be different to what is already in place elsewhere in enterprise IT.

People

Some control and consistency will need to be imposed, but historically, AV installations have been part of office management and facilities, often with little involvement from IT. Current AV equipment is highly sophisticated. Its potential impact both on fixed and wireless networks and security, means that AV needs to be incorporated and integrated into the IT management function.

AV also needs to be considered as part of overall enterprise security. Decades ago, some companies worried about the ability for snoopers to pick up the signals from monitors from a car parked outside of offices. Today badly protected wireless devices and networks pose risks. So too do big bright screens that can be photographed surreptitiously by mobile devices.

Snooping by visual means or via an unprotected wireless network both constitute security risks when using AV. So too does the way that users – employees and third parties – authenticate to use or access AV systems. Dial-in codes, logins and guest access should all be treated in the same rigorous way as any other IT security. As it becomes increasingly simple to seamlessly share content electronically, so it has to be managed.

Process

This has to include a combination of polices and processes as well as tools, but the first step is to understand the scale of the problem. To do this requires co-operation and integration between those involved in AV and IT. It starts with better understanding of the current capabilities of products available and the direction of innovation.

The AV industry has undergone much recent innovation. With large display technology becoming much more affordable, screens are popping up everywhere. These include ad hoc meeting spaces and huddle rooms as well as more formal conference rooms. These are being made accessible by companies from Google and Intel to Barco, Sony and AMX. These companies also attempt to apply security and control through their own, different, systems.

Each are all very well in isolation. In mixed environments with so many other elements to consider, IT security needs to seamlessly consolidate diverse technologies. If the measures that keep AV systems secure become too complicated or restrictive, users will simply bypass them.

In addition to AV/IT integration, IT security managers need to extend security training and best practices to include visual and audible components. Unwanted data leakage is not just what is sent over the network, but may also be what is seen and heard.

AV security now needs to be taken seriously within IT. Given the current focus on collaboration and collaborative tools, IT managers would benefit from engaging with AV professionals. This could include a visit to major trade shows, such as ISE, and perhaps taking time to look in on the conference on cybersecurity.


January 30, 2017  9:06 AM

Bonding Cars and Comms

Bernt Ostergaard Bernt Ostergaard Profile: Bernt Ostergaard

Let’s face it: our road transport systems are jamming up – and it’s just getting worse! In order to improve transport infrastructures, the global focus is on the merger of physical transport and telecoms to optimise transport volumes, speed, accuracy as well as security, and actually reducing the environmental impact. Smart traffic management needs Software-Defined Networks (SDN) and Software-Defined WAN access (SD-WAN) to manage hefty increases in mobile data traffic.

All over the world, road, rail, sea and air transport lanes are under pressure to handle increasing traffic volumes. We have in previous blogs reviewed various aspects of the challenge at sea (Maritime network connectivity – all at sea?), and in public transport (SD-WAN handles fleet management and passenger services).

Road transport planners such as the ones in Singapore in their 2030 Smart Mobility plans (Source: https://www.lta.gov.sg/content/dam/ltaweb/corp/RoadsMotoring/files/SmartMobility2030.pdf)

singaporte-traffic-planspursue several strategies to increase throughput:

  • Real-time traffic management systems to reduce congestion
  • In-car automation to reduce risk of collision and economise on fuel and power consumption
  • Public transport and car-sharing off-load to reduce the number of vehicles on the roads and reduce the number of in-city parking spaces required

SD-WAN is a key enabler

Better road traffic management can alleviate traffic jams, but will entail a huge increase in WAN traffic volumes. Software Defined Network (SDN) and Network Function Virtualisation (NFV) technologies are emerging to handle the surge in data volumes on the WAN. The software-centric approach redefines the core WAN architecture, enabling it to adapt to fluctuating and complex network traffic patterns, and the ever-growing demand for mobile comms.

Mobile access will use a wide range of network services: via satellites, multiple cellular mobile services, Wi-Fi, Bluetooth and right down to close-range, Low Power Wide Area (LPWA) communication for Internet-of-Things (IoT) services. The autonomous car will need to intelligently access several of these channels simultaneously.

That requires intelligent mobile SD-WAN access technologies from vendors like Peplink and CradlePoint (see update and correction at the end og this blog!) that can bond available access channels to handle the wide range of connections from IoT traffic bursts to huge terabit file transfers.

Automation, sensors, big data

Real-time traffic management relies on sensors feeding data to algorithms that identify where congestion is likely to occur (e.g. at traffic lights and in lanes) and what alleviating measures may be undertaken to minimise them.

Sensors come in many shapes and forms. Traffic IoT includes:

  • Fixed ground sensors such as traffic cams, in-road sensors, and meteorological and pollution sensors
  • Mobile ground sensors in network-connected cars;
  • Sensors on public transport systems such as buses and trains where the routes and timetables are known before hand
  • Airborne topographical aerial surveillance to monitor ad-hoc hotspots such as accidents and emergencies.
    1. Drones of course have many other functions than aerial traffic management monitoring. This can range from NASA’s planetary rovers for the Mars environment, to high precision agricultural Unmanned Aerial Vehicles (UAVs). In the latter case farmers are using what was once military aviation technology to grow better crops using sensors and robotics to bring big data to precision agriculture.
    2. Amazon recently announced successful trials of its centrally managed Prime Air drone delivery service in Cambridge, UK. The drone successfully delivered a TV streaming stick and bag of popcorn to the garden of a nearby customer! However, if this scales up, it will directly impact a lot of package delivery services.

The automotive changes we are witnessing today all point to a steep rise in mobile communication needs that can adapt to changing signal availability be it cellular, Wi-Fi or emerging IoT communication standards. That will require intelligent SD-WAN devices to optimise access to and use of multiple network services.

Update and correction:

A reader points out that Cradlepoint does in fact not provide bonding capabilities in its SD-WAN router units. The Cradlepoint COR IBR600 router only detects network failures and seamlessly switches over to another active connected data source. I agree that this is not full bonding, merely failover. Mobile bonding, defined as the ability to aggregate bandwidth of all available wireless WAN connections, allowing the router to conduct a session over more than one connection simultaneously, comes from a few of the SD-WAN router vendors. Besides Peplink with its MAX On-The-Go multichannel router, these vendors include Viprinet with its multichannel VPN router, the Mushroom Networks Portabella, and arguably also Icomera which provides mobile connection services for buses and trains that aggregate parallel data networks.


January 27, 2017  8:40 AM

8 steps for implementing a successful print security plan

Louella Fernandes Profile: Louella Fernandes

Amidst the proliferation of Internet of Things (IoT) endpoints, the cybersecurity threat landscape has expanded to every mobile, smart and cloud-enabled device on the network. This threatens the resilience of organisations not only from the disruption of business operations, but also the potential ramifications of a data breach can lead to financial loss, brand and reputational damage and loss credibility in the market place. Printers and multifunction printers (MFPs) are not immune to the security threat and are vulnerable to the same risks as any device on the network. As IoT devices they are susceptible to the growing threat of DDoS attacks – left unsecured they are an open door to the corporate network.

Quocirca’s latest report “Print security: An imperative in the IoT era” discusses the many points of vulnerabilities around print. With advanced connectivity and capacity to collect, process and store large volumes of data, the multifunction printer (MFP) has long been a ‘weak link’ in the IT infrastructure – one that businesses can no longer afford to be complacent about. In Quocirca’s survey, 61% of large enterprises admitted suffering at least one data breach through insecure printing.

 

Consequently, businesses must take a proactive and multifaceted approach to print security. This requires a full security evaluation of the print environment which can recommend the appropriate technology – including hardware and software security – as well as end-user education on responsible and secure printing practices.

Quocirca recommends that the following measures are taken:

  1. Ensure print devices are part of an overall information security strategy. Printers are no longer dumb peripherals and must be integrated into an organisation’s security policies and procedures.
  2. Adopt a security policy for the entire printer fleet. In the event of a data breach, an organisation must be able to demonstrate that it has taken measures to protect all networked devices. An organisation should be able to monitor, manage and report on the entire fleet, regardless of model, age or brand.
  3. Secure access to the network. Like other networked devices, MFPs require controls that limit network access, manage the use of network protocols and ports, and prevent potential viruses and malware.
  4. Secure the device. Hard disk encryption adds an additional layer of security; securing stored data be it actively in use by the device, sitting idle on a device, and/or used by the device in a previous job. To avoid the risk of data being recovered when the MFP is moved or disposed of, data overwrite kits should be employed to remove all scan, print, copy and fax data stored in the hard disk drive.
  5. Secure access. Implement user authentication to eliminate the risk of unclaimed output being left in printer trays. User authentication, also known as pull printing, ensures documents are only released to the authorised recipient.
  6. Secure the document. In addition to access and device controls, digital rights management capabilities can further discourage unauthorised copying or transmission of sensitive or confidential information. This can be achieved by enabling features such as secure watermarking, digital signatures or PDF encryption.
  7. Ongoing monitoring and management. To ensure compliance and to trace unauthorised access, organisations need a centralised and flexible way to monitor usage across all print devices. Auditing tools should therefore be able to track usage at the document and user level. This can be achieved by either using MFP audit log data or third-party tools, which provide a full audit trail that logs the identity of each user, the time of use and details of the specific functions that were performed.
  8. Seek expert guidance. Manufacturers and Managed Print Service (MPS) providers continue to develop and enhance their security products and services. Take advantage of security assessment services which evaluate potential vulnerabilities in the print infrastructure. Note that not all assessments are equal. Ensure that the assessment provider demonstrates the credentials to fully evaluate the security risks across device, data and users. There are also a range of security certifications that are published by the National Institute for Standards and Technology.

Ultimately, print security demands a comprehensive approach that includes education, policy and technology. In today’s compliance driven environment where the cost of a single data breach can run into millions, organisations must proactively embrace this challenge. By using the appropriate level of security for their business needs, an organisation can ensure that its most valuable asset – corporate and customer data – is protected.

Read Quocirca’s Print Security: An Imperative in the IoT Era


January 5, 2017  7:36 PM

The convergence of AV and IT

Rob Bamforth Rob Bamforth Profile: Rob Bamforth

Developments in both audio visual (AV) and information technology (IT) are leading to a ‘convergence’ of the two sectors. This is similar to what has already happened in other markets once open, connected and scalable internet technology became pervasive. Those working in IT and AV need to better understand each other and the consequences of technology advances in each sector, to plan effectively for the future.

Mobile working, sharing and collaborating

IT assets are no longer tied to an edge device or server in the back of the office, but are now accessible anywhere, often wirelessly on anything via a centrally managed service from the cloud.

There is a ‘digital overload’ with multiple sources, sensors and devices delivering a huge variety of real-time data to be accessed and interpreted via a multi-channel blend of communications, devices and screens.

With more information to share and faster timelines, the ever-present quest for productivity and collaboration is a top priority for IT that smart use of AV could help support. Further advances in the technology landscape highlight some ways that IT and AV are becoming more closely integrated. This will help to better meet the changing needs of the working environment.

Software defined world – convergence of data, separation of control

As more is connected, the shift is towards ‘webscale IT’. This is the approach typically used by companies such as Google or Facebook. The move is to the use of mesh networks with intelligence pushed to the edge, and software defined abstraction where data control and flow are separated.

Distributed intelligence with central coordination from the cloud is also relevant for AV, where technology was once proprietary and self-contained. The trend is now to open interfaces and a ‘single pane of glass’ (the wonderful ‘SPOG’) or web console, to manage all network accessible resources.

Automation and smart assistance

Data volumes from social media, embedded electronics and sensors increasingly need artificial intelligence and machine learning to glean previously undiscovered insights for business processes and user guidance.

Intelligence is also being embedded in devices and facilities to automate the use of AV equipment. Sensors can indicate when and how many people enter a room; light levels and ambient settings can be adjusted automatically as the facilities ‘self-organise’ around the needs of those present.

Presentation and digital blurring

High definition 4K has become standard and affordable. There is an increasing availability of large displays and further innovative displays such as curved LED walls. Touch screens and wireless tablet controllers are opening up software interfaces with systems exploiting visual feeds using cameras and sensors to understand movement to control camera pointing and zoom and manipulate complex data through gesture control.

Virtual Reality (VR) now delivers an affordable environment, from cardboard headsets wrapping over mobile phones to high end immersive systems. Augmented Reality (AR) further blurs the physical and digital worlds, with applications from architectural visualisation to supporting maintenance operations through animation. The integration and manipulation of data for these hybrid applications requires alignment between the skill-sets of AV and IT.

Just as mobile phones moved from simple telephony to be sophisticated computing devices connected to enterprise IT, AV has also evolved from standalone devices into a sophisticated networked IT ecosystem. This convergence of AV and IT brings exciting opportunities, but also challenges.  Professionals in both of these areas of technology will be aiming to grow their understanding of each other’s sector.

Trade-shows once specific to the AV sector, such as ISE in Amsterdam in February, now feature many aspects of IT from security and management to collaboration and mobile working. Sure, there will be plenty of big screens and fancy audio with glitzy appeal. But IT managers looking to better understand the opportunities and challenges of integrating AV into their day to day IT infrastructure will now also find ISE a professionally enlightening event to attend. ‘Converging’ with fellow experts from the world of AV would certainly be a good step towards ensuring AV/IT integration is smooth, seamless and successful.


January 3, 2017  4:32 PM

Protecting web sites from web scrapers

Bob Tarzey Profile: Bob Tarzey

If you sell something, it makes sense that news of what you are selling spreads far and wide to attract as many buyers as possible. To this end, e-commerce sites want to be found near the top of relevant search lists and to be included on price comparison sites. It is accepted that automated software robots (bots) must access web sites to achieve this, including the web crawlers used by search engines and web scrapers used by price comparison sites; these are so-called good-bots.

However, not all bots are good and, as the digital commerce platform provider Datalex discovered, some bots can be very bad indeed. The Ireland-based company provides a unified e-commerce platform for travel operators, combining pricing, shopping, order management and analysis for journey bookings, all this across the variety of access channels would be travellers wish to use. Its European customers include Virgin Atlantic, Brussels Airlines, Swiss International Air Lines and Aer Lingus. It has many more across the globe.

Datalex enables its customers, which are mainly travel operators, to manage complex personalised bookings for travellers. As well as the actual ticket for a journey this might include increased baggage allowances, seat upgrades, lounge access, in-flight meals, car hire, flights, hotels, travel Insurance, ground transportation and so on.

The trouble is that such information is not just of interest to legitimate travellers planning their journeys and benign good-bots. Unscrupulous competitors use web scrapers to steal content from travel sites and re-post it on their own sites (which can negatively impact search engine optimisation), and to monitor and undercut prices.

Web scraping activity can be persistent, hurt performance and drive up back end costs as charges are run up for call-outs to other services, which are generated both by legitimate users and bad bots. Aggregated across the Datalex platform this can become a problem for all the customers it hosts, even the ones that are not being directly targeted.

Mitigating web scrapers is tricky as you do not want to block the good ones. In a recent e-book, The Ultimate Guide to Preventing Web Scraping, Quocirca looked at the problem of distinguishing good-bots from bad-bots and controlling their activity.

There is a protocol called the robot exclusion standard/protocol (or simply robots.txt) which is used by good bots to check which areas of a website they are welcome to visit; however, this relies on etiquette and bad-bots will just ignore it. Manually blocking the IP addresses that host bad-bots is tiresome as it is easy for the perpetrators to just move their web scrapers to new locations. As most bad-bots mimic legitimate user behaviours it is hard for web application firewalls, which focus on anomalies and vulnerabilities, to detect them. Login enforcement, strong authentication and “are you a human?” tests are all distractions for legitimate users and good-bots.

The answer for Datalex in the end was specialist bot detection and mitigation technology from a vendor called Distil Networks. The aim is to use a reverse web proxy to detect bots directly through a range of techniques including behavioural analysis, digital fingerprinting and machine learning. Bots can then be classified and policies applied; good bots can be white-listed and bad-bots, including unwanted web-scrapers, blocked. Datalex said it eliminated the unwanted hits against its customers’ sites, making them more stable and reducing backend infrastructure costs. On average, eliminating bad bots decreased traffic to Datalex customer sites by 20-30% with no impact on real human users.

Quocirca’s e-book, which was sponsored by Distil Networks, can be accessed here. Other bot control products are available from vendors such as Akamai, Imperva and Shape Security.

More information of the Datalex story can be seen here.


December 16, 2016  2:29 PM

Expense spared – the cost of replacing legacy things

Bob Tarzey Profile: Bob Tarzey

A previous Quocirca blog post (The Internet of Everything – the need to manage external things) looked at how Internet of Things (IoT) deployments will mostly need to include access to at least some external devices. One of the problems this throws up, especially for network security teams, is the need to verify the safety of devices joining networks, over which they have little or no on-device control.

This problem is not exclusive to external devices, internal ones are a challenge too; IoT-integrated legacy devices will not have been provisioned with network security in mind and the processing power of low cost new devices will often be too limited to do much beyond the task they are built for. Furthermore – new or old – low powered devices will often be running one of a wide range of specialist operating systems making it hard to develop generic on device security software (as was discussed in a 2016 Quocirca research: European Perceptions, Preparedness and Strategies for IoT Security, sponsored by ForeScout, a network and IoT security vendor).slide11

With legacy devices, one answer is to upgrade or replace them so th
at they are up to the job; but there is little appetite for doing so. Quocirca research (not previously published) shows that even if the cost of adding intelligence to a device was just €10, less than 50% would fork out for an upgrade. If the cost
was €20 this drops to 40%, €30 to 18% and so on (see figure).

However, most would not actually give up, but look to use a gateway of some sort to act as control point for managing multiple devices. Doing so has three main benefits.

  • The gateway can manage network address translation (NAT), so each device behind the gateway does not need a unique IP address, this help with scalability and means IPv4 addresses can be reused putting of the need to move everything to IPv6
  • The gateway can handle security, blocking suspicious access attempts and run regular device health checks
  • The gateway can act as a data aggregator and filter, receiving feeds from each device it controls and look for exceptions to flag to a central IoT application platform, this can considerably reduce network traffic

Quocirca’s research also shows that intelligence of the central platform and gateways are both considered more important than the intelligence of actual devices.

The use of gateways or aggregators is the approach proposed in Quocirca’s Reference Architecture for the IoT, which sets out a generic approach to deploying IoT applications that is scalable, secure and cost effective. Quocirca’s research shows that the overwhelming majority of businesses are already being impacted by the IoT, the time to prepare networks for potential onslaught of new devices is now.


Page 5 of 30« First...34567...102030...Last »

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: