Quocirca Insights


March 1, 2017  10:46 AM

Collaboration – where AV and IT meet?

Rob Bamforth Rob Bamforth Profile: Rob Bamforth

There were plenty of amazing products launched and on display at ISE2017 in Amsterdam in early February. But in the background buzz there was a common theme of an industry in transition. While many talked about convergence between AV and IT, some fear the risk that it will actually be more of a ‘collision’. This will have a consequential impact on jobs and revenues.

sunburst2

None of this restrained the exuberance of showcasing the best of the audio visual (AV) sector. The event brought in a record number of over seventy-three thousand attendees. In many quarters, there was also a more upbeat assessment of the new opportunities that might be created as the AV and IT sectors move closer together. There was also an acknowledgement that this would require some work.

Now the dust has settled and the exhibition paraphernalia is dismantled for another year, it is possible to take a pragmatic view of where the opportunities may lay.

The AV industry is undoubtedly undergoing change, but the IT sector is by no means static or settled. There has been a significant and ongoing shift towards the utility or ‘as-a-service’ model, which some find unsettling for both job security as well as data security. There has also been the liberation of IT into the hands of consumers. Mobile, wearables and the internet of things (IoT) have seen IT shift from the easily managed desktop into a voracious hydra of access options. Great for users and customers, but adding to the already challenging IT operational burden.

Is now a good time then for IT to work more closely with AV?

Historically, the focus of AV could be characterised as the experience within the room and an increasingly spectacular ability to convey information. For many, that meant presentations and over the years, the technology that this encompasses has grown in capability and usability. It has also become more connected.

This is where the overlap with IT, with its focus ‘beyond’ the room and across the network, becomes more apparent.

AV is all about the user experience and supporting media-rich communication. With recent advances in large touch screen and interactive displays systems – mirroring the advances in mobile IT with tablets and smartphones – this user experience has expanded into the important, but often elusive, area of collaboration.

This is high on the agenda for IT. The word ‘collaboration’ has been added onto the end of the term Unified Communications, and peppered liberally across many PowerPoint presentations. Making it a reality that delivers its anticipated value has proved difficult.

Making collaboration a reality

IT is very used to tackling the challenges of integration, security and resilience. It has also been unifying the communications plumbing with the help of major IT vendors. But turning this into seamless simple experiences that people delight in using every day is rarely a core competency. Here is where a closer relationship with AV would be beneficial to both sectors – collaboration rather than collision.

Tools for enhancing communications, by unifying or incorporating different strands of media such as video is only one of the areas where the AV world is moving away from point products toward solutions and building broader relationships in open ecosystems of partners. The industry is now showcasing integrated systems to specific business problems. This is not just for collaboration, but also with omni-channel commerce solutions for retail, tools for education and smart buildings as well as the more obvious sectors focused around entertainment.

This was evident at ISE2017, not only in the way that halls oriented around these business topics as themes, but also in that the discussions and presentations on stands and in the conference, had moved on from form and features to addressing business needs and challenges. With this positive attitude, the AV industry does not need to fear convergence along with IT, but embrace it as this will be good for both sectors.

February 28, 2017  12:52 PM

Seclore – DRM 2.0 revisited

Bob Tarzey Profile: Bob Tarzey

In October 2016 Quocirca reported on a new breed of digital rights management (DRM) tools which have emerged in recent years. These tools have security built in to their core and are designed to support the growing used of cloud stores and mobile computing (DRM 2.0). The post looked in detail at three vendors; Vera, FinalCode and Fasoo. Some others were mentioned in passing, including Seclore, a California-based vendor, with origins in India and some major European customers.

Perhaps the most striking thing about Seclore is its claimed DRM market share for its Rights Management product which it says is second only to Microsoft (the latter embeds DRM in certain of its other offerings). Seclore says its own directly managed customer base of 470 enterprise customers accounts for 4.5 million end users. However, via OEM partners it claims another ten thousand customers with 8-9 million users.

In many case partners are using Seclore Rights Management to extend the scope of existing content management or productivity products to ensure protection continues beyond the scope of the base product. For example, “Citrix ShareFile enables security to “follow the file” through integrating Seclore”; this was required to extend DRM to cloud and mobile use. Seclore has been integrated with IBM’s FileNet content management for the same reasons.

It is not just content management systems. Data loss prevention (DLP) systems were originally designed to deal with content moving around within an organisation’s network and police what left it. This has become too limited an approach with the growing use of cloud stores and Seclore claims both Symantec and McAfee’s DLPs are being extended to enable the external use of DLP using its product.

As well as being designed to address the need for external sharing, Seclore ensures it remains independent of device types and document formats to support as wide a range of use cases as possible.

Another intriguing initiative is that, wherever possible it aims to inherit rights and policies from the original systems, for example SAP and Microsoft SharePoint, rather than having to re-write them. However, policy can be modified and Seclore Right Management also enables policy to change as documents progress through a work flow, for example as financial results move from confidential to public domain. These capabilities are key to making Seclore’s OEM partnerships work.

If, like many, your organisation has reached the point where the management of rights needs to be extended to cloud stores and mobile users, then Seclore should be added to the list of products for consideration. Better still, it may be possible to simply upgrade some of your existing technology if there is an existing Seclore integration that allows you to do so.


February 26, 2017  5:22 PM

Car transport? There’s an app for that

Bernt Ostergaard Bernt Ostergaard Profile: Bernt Ostergaard

The impact of self-driving technology, whether it be Uber-style driverless ride sharing vehicles, automated long-haul lorry driving or drone transport, will be felt across all transport sectors.

The next 20 years will see the steady uptake in driving automation. It will increase real-time communications in order to minimise travel time and cost. Legislators must grapple with standardisation, liability and security issues; while the industry is adding more and more driver-assistant services under the hood without significantly increasing the price point. But what about connectivity requirements, and will driverless cars actually reduce travel time?

Automation in the works

High-end cars today are more than semi-autonomous. Many hundreds of meters of wiring connect sensors to computers, that directly interface with the engine and steering systems. The development of car automation technology is a multi-billion-dollar race – a mix of competition and co-operation between the IT and automotive industries.

screen-shot-2017-02-24-at-08-54-31

Major players on the IT side include Google with its Waymo driverless car technology, and Amazon, Microsoft and Apple with their navigation technologies. On the car manufacturing side GM, has acquired Getcruise to create a range of driverless cars, and Mercedes is developing its Car-to-X technology that lets the car exchange information with the surrounding infrastructure, like traffic lights, and other connected vehicles. Ford is partnering with Amazon to provide its driverless cars with Alexa, Amazon’s smart voice assistant technology, allowing drivers to voice communicate with the car systems.

Automated traffic infrastructures

In a fully automated road traffic scenario (something the airlines are pretty close to in the sky), the speed and course of driverless vehicles is optimised by a city-wide computing system. That requires fast and secure active-to-active WAN connectivity between cars and traffic management systems. The automated – and ultimately driverless cars, will need network connections capabilities to handle in-car IoT communication between sensors and computers, as well as external wireless 4G LTE and WiFi connectivity. The cars may also need satellite connectivity in rural environments.

Advanced navigation systems already have network connectivity to check weather and traffic conditions ahead. Intelligent mapping systems like HERE, supply information to control self-driving cars equipped with street-scanning sensors to measure traffic and road conditions. This location data can in turn be shared with other map users.

Ultimately, driving cars will be left entirely to computers – in cars without steering wheels. We will all be passengers or freight. Mobile connectivity must be maintained using dedicated roadside Wi-Fi networks as well as the existing mobile data services. The ability to switch, select and bond with constantly changing wireless base stations will be crucial for success. This is where SD-WAN routers from vendors like Peplink, that can handle multiple connections as a single virtual connection, are needed across a wide range of mobile environments.

With the driver gone, next to go may be the privately-owned car. The Singapore government estimates that replacing today’s 700.000 private vehicles with network connected, driverless vehicles would reduce the Singapore car pool to 300.000. It would simultaniously reduce transport times and the need for parking spaces. It would generally lower pollution levels and improve road safety.

Reduced travel time?

The Singapore scenario, and similar assessments of driverless traffic, vector in the advantages of much higher traffic density and the reduced need for parking spaces. With central management of in-city transport, users will buy transportation services – not vehicles. What these scenarios do not vector in, is traffic increases, if transport becomes as easy as using your smart phone. When every child, disabled, elderly or drunk person can order driverless transport, we risk a physical traffic volume explosion. Just look at the traffic increases the smart phone caused. So maybe queuing is not going away, just because we automate it.


February 23, 2017  8:30 AM

Durable and circular for more a sustainable mobile device strategy

Rob Bamforth Rob Bamforth Profile: Rob Bamforth

Consumerisation of mobile technology has had many benefits. It has driven down the prices of devices, improved the user experience to the benefit of non-technical users. Plus, awareness and crucially acceptance, of mobile devices, has soared. All of this might seem good for the business, but there is a significant drawback. Consumer attitudes to technology can lead to a throwaway culture, with the obvious impact on wastage. This is not sustainable.

Mobile technology uses precious materials which are becoming scare, expensive to find or politically harder to gain access. Devices also include hazardous waste materials and lots of energy is consumed during production. No surprise that governments are increasingly introducing legislation to decrease waste, lower carbon emissions and penalise polluters.

This is being felt by organisations already, and will have further impact in future as regulations tighten. A much larger direct effect of throwaway technology is the disruptive impact on business processes. This has commercial and not just environmental consequences. Low cost consumer devices might seem simple and cheap to replace, but device failures and unexpected changes affect and interrupt the business process.

Durability

While few working environments are really ‘hazardous’, they can be unpredictable and unforgiving if devices are mishandled. So, a better approach is to make mobile device design fit for purpose and sufficiently durable. This means considering not only the device itself, but also the peripherals, accessories and software that will be used with it over its life.

More durable ‘whole life’ design should ensure devices can be maintained in the field. It could also take into account that devices should be compatible over several generations with replaceable components such as batteries and other ecosystem elements such as printers, scanners, cases etc. This would keep costs down and address some of the environmental concerns about wastage from replacing items that still work but have been made obsolete because of changes to the core device.

Whole life design would also offer better support for business continuity where workers rely on mobile devices.  If devices are not sufficiently durable there is always the risk of something breaking. Failure of any single element of the system causes downtime, aborted processes and user frustration.

Circular economics

A different economic model, which takes the whole life approach, has been suggested from the work of the Ellen MacArthur Foundation. This followed the “cradle to cradle” concepts established by William McDonough and Michael Braungart. It has at its core the term ‘circular economy’, and its approach is to replace the current largely linear approach of ‘take, make and dispose’ with one in which resources circulate at high value, avoiding or reducing the need for new resources.

There are many environmental benefits to a more circular economy and a ‘circular’ or sustainable approach to mobile devices – from reducing greenhouse gas emissions and other pollutants, relieving pressure on raw materials and energy consumption. Such circularity could also be directly beneficial to businesses and the mobile workforce:

  • Durable design. Products are built to last and survive the day to day knocks and challenges of an active working environment. Products are increasingly built for energy efficiency with simpler in-field replaceable components e.g. Batteries.
  • Sustainable Supply Chain. Products are designed for in-field upgrade and re-use at end of life. This provides opportunities for remanufacturing and refurbishment across the supply chain.
  • Recycling and Recovery. Manufacturers operate comprehensive warranties and take-back programmes at the device end of life, making it easy to return and responsibly recycle hardware.
  • Product life extension. Manufacturers are able to extending the product life through software-upgrades and firmware updates. This allows for long-term compatibility with peripherals and accessories to ensure all elements of the mobile device ecosystem remain in active use as long as possible.

The key principal is that while a more circular approach offers environmental benefits, it also provides benefits to the business; direct cost savings in the total cost of ownership of devices, and indirect savings when looking at the reduction of disruption to the mobile business process. This approach to mobile device durability is further explored, with guidelines for how to build a sustainable mobile device strategy, “All mobile, still working, becoming sustainable”.


February 16, 2017  10:25 AM

Forget intelligent cities – how about a more intelligent planet?

Clive Longbottom Clive Longbottom Profile: Clive Longbottom
iot

Gin Lane by William HogarthThe year is 1750 – just before the industrial revolution. The overall population of the UK is around 6.5m. London has a population of 675,000: the second most populated city is the sea port of Bristol, with 45,000.

Roll on to 1850, when the industrial revolution has passed its peak. The UK population is now 26m. London has a population of over 2.5m. Liverpool, Manchester, Birmingham, Leeds and Sheffield have all overtaken Bristol, all with populations of over 150,000. Whereas London has remained at around 10% of the country’s population, the next 5 cities have moved from being around 2% of the population to around 6%.

The transformation of the northern cities pulled in people from the outlying areas. Moving to the cities ‘paved with gold’ was seen as the way to become rich via working in the new mills. What it really led to was the London that moved from Hogarth to Dickens, and northern cities where malnutrition, illness and the poor houses led to high rates of death in these expanding, coal-fired conurbations. The countryside suffered – there were fewer workers available to work in the fields, and this led to less fresh food being available to feed the growing population of the cities, leading to diseases such as rickets and scurvy. Even where workers remained outside of the cities, they were increasingly pulled in to working down the mines to fuel the growth of the cities.

Is an equivalent happening as technology creates the digital revolution?

The wrong focus
The focus to date has been on the intelligent city. This has a degree of sense, in that it provides constraints around a vision. Those creating the intelligent city can focus on specific boundaries, a specific population of people and specific desired outcomes. However, if the desired value of the intelligent city is forthcoming, then that city becomes more attractive as a place to live than other cities, towns and villages around it. This has been seen in cities where hyperspeed internet has been introduced, and where integrated citizen services have improved accessibility of certain services. The massive growth of cities such as Pune in India (10-year population growth 40%) and Shenzhen in China (25%) shows how people are still being sucked in to high-growth centres.

London now has a population of around 8m – more than the whole UK population back in 1750. Even with massive improvements in technology, it is struggling – many organisations find that advertised internet speeds are rarely (if ever) achieved; housing costs are driving people to live outside the city and travel in; transport and utilities are struggling to cope with demand; homelessness is on the increase. London is far from being an intelligent city.
This is where the internet of things (IoT) may be able to help. Instead of focusing on an individual city, governments, organisations and communities should start to focus on citizens across the whole of the country, and even beyond. Each citizen has their own needs, whether they be a city banker or a country farmer. Prioritising one above the other leads to increasing friction and feelings of ‘us and them’ between individuals and groups. Providing a level playing field leads to a more cohesive community, which then leads to greater success as a country.

Better internet
As a starter, providing good levels of internet access to villages means that more people can work from these areas, so moving away from the large second home model that is prevalent in the UK. Many of these homes are empty for large parts of the year, meaning that few fully local businesses can survive. Enabling people to spend more time in the villages can revitalise such local businesses – the butchers, bakers and greengrocers, for example. This does not mean the government’s target of a minimum of 10Mb/s as a universal service offering (USO) by 2020 is going to help much.

The UK is already way down the global internet speed rankings. With some countries already working against USOs of 1Gb/s and some cities, such as Chattanooga in the US already stating a USO of 10Gb/s by 2030, 10Mb/s is looking a little like wet string and baked bean cans.

As consumers move increasingly to a digital economy, the need for faster broadband speeds is pressing. Sure – basic browsing, buying and information seeking can be done on 10Mb/s, but telephony, music, video conferencing and HD TV streaming will be constrained by such speeds. 5G could help here by providing high speed connectivity without the need for dependence on ageing copper and aluminium infrastructure.
The broader use of the internet of things (IoT) also needs good connectivity. Farmers can use IoT devices on their farms to optimise the use of the value chains from the farm to the fork – but the data being gathered by thousands of devices on the farm needs to be dealt with adequately. Some of that can be managed through intelligent filtering at the farm itself, but true high speed internet will help enormously in the capabilities to aggregate, analyse and report on the data.

Public transport can also benefit from such connectivity – citizens can ensure that full itineraries are created and managed in real time, linking buses, taxis, trains and so on lowering the needs for owning cars. Indeed, as autonomous vehicles come through, the need for solid connectivity to clouds where the vehicles can exchange and act on data becomes a necessity.

The right skills at the right time
Identifying skills as required in real time can also be better enabled. Need someone to come to you and fix your printer? Maybe there is a mobile engineer not too far away at the moment – GPS tracking and mobile work ticketing can make it that the expert can be there in a matter of minutes or hours. Likewise, need someone to fix your machinery on the farm? Don’t wait until tomorrow – either have the IoT pre-identify the problem before it becomes a major issue and call in an engineer to swap things out, or get the nearest engineer on site as soon as possible – without needing to pick up the phone.

The whole of the UK can benefit from an IoT based around better connectivity – it can move from these too highly focused intelligent city projects to an intelligent, and far more productive, country model. If countries would then start to use connectivity in a positive manner to break down the bureaucratic and nationalistic walls between nations, then we may – just may – be able to move toward the intelligent planet.


February 14, 2017  2:09 PM

Mobile devices at work – a more sustainable approach

Rob Bamforth Rob Bamforth Profile: Rob Bamforth

Mobile devices put access to IT right into the hands of people while they are out and about performing their work tasks. For many this is not just about ‘being in touch’ or getting access to useful data. IT tasks performed using the mobile device are critical to the business process.

gears

These tasks could include a courier getting delivery jobs or the recipient’s signature or a railway guard checking and selling tickets. It might involve an engineer in the field performing maintenance, identifying failure and scheduling spare parts. Or it might be a retail worker checking stock and inventory. In each case, the mobile worker is reliant on the technology.

Once, these tasks would have involved pen, paper, forms and considerable delays. Now the transactions are instantaneous, with paper mainly being replaced by scanners, sensors and code readers. Physical output will only sometimes be necessary for part of a service interaction or those requiring a receipt. This means that all elements of hardware, software and network connection, are important to continuity of service of the business process.

Is consumer mobile technology sufficiently up to the task?

Not all situations are hazardous, but some, outdoor workplaces such as building sites or damp and dusty locations, will be. Others will involve open interaction in public places on transport, in shops, or over large campuses with indoor and outdoor spaces like hospitals, universities and factories. Most working locations can be unpredictable and unforgiving if devices are mishandled.  For many of these working environments, consumer mobile technology is not sufficiently durable. Failure of any single element of the system causes downtime, aborted processes and user frustration.

Individuals will have a connection to mobile devices of their own and (probably) take a little more care with them. Workplace devices are a different matter. Many workers will have other things to consider. They may be working outside or in cold situations where they need gloves. It might not always be possible to pay complete attention to looking after the device. It’s not that employees are being careless, but their primary focus needs to be the task, not device, in hand. The device needs to be sufficiently durable to take care of itself.

The research in Quocirca’s report, “All mobile, still working, becoming sustainable”, covers the adoption of sustainable mobile device strategies. It shows life expectancy is one of the top three buying criteria, after product cost and cost of ownership, for mobile devices. However, too much attention to upfront device cost savings by using cheaper or consumer devices risks introducing increased costs over a longer period. Even the oft-used wider perspective of total cost of ownership risks ignoring consequent cost increases for the business process.

Sustainable mobile device strategy

This is where a sustainable mobile device strategy will be beneficial, not only for the environment, but also for its cost impact on the business. This comes from a mix of hard costs and soft costs, since mobile devices themselves are part of a broader ecosystem. In many mobile use cases in logistics, retail, transportation and field services there will be important ancillary components. These could include vital peripherals – scanners, printers etc. – as well as accessories – protective and carry cases, vehicle mounting points etc. These may well be affected by changing or updating broken devices.

A sustainable approach means that these elements should still be in use over several generations of the primary device. This itself should be sufficiently durable to survive longer. Devices should also be update-able and upgradeable in the field; this includes changing batteries. These simple hardware improvements extend reliable working, and avoid one of the largest soft costs – interruptions to the business process. Consumer-oriented mobile devices are rarely this flexible, robust or designed with longevity of peripheral support in mind.

More consistency and longer working with the same device means less retraining required for users and avoids frustration. Furthermore, happier users are more likely to take a little more care of the tools they have become familiar with. It is therefore better for both the environment and the bottom line to take a longer look at the use of mobile devices over the entire business process, rather than simply trying to make an upfront saving on device cost. These approaches towards a more sustainable mobile device strategy are explored further in the Quocirca report, “All mobile, still working, becoming sustainable”.


February 8, 2017  10:08 PM

Load Balancing for security?

Bernt Ostergaard Bernt Ostergaard Profile: Bernt Ostergaard

Load Balancing (LB), is now popping up on the corporate security agenda! LB is no longer just about managing traffic flows across enterprise routers and servers. In the age of the cloud and software defined networking (SDN), the LB off-loading function has serious possibilities for deflecting DDOS attacks by shifting attack traffic from the corporate server to a public cloud provider. Next generation software load balancers with advanced dashboard capabilities can also provide deep analytics down to the individual application. This is exemplified in the next-generation SDN load balancing just announced by AVI Networks.

Companies increasingly rely on their WAN access for business-critical application performance, and servicing their on-line customers. Previously, that would indicate the need for specialised hardware and significant redundant capacity – just think of retail traffic spikes on Black Fridays! It would also be expensive to upgrade. With SDN, this all becomes a software issue on standardised X86 hardware.

We also continue to see increases in the number and size of DDOS (Distributed Denial Of Service) attacks, with the heaviest attacks now surpassing 600GBps, according to Akamai. This type of cybercrime represents about 25% of corporate cybercrime costs. Building significant hardware-based DDOS avoidance capacity is very costly, and requires high maintenance levels. Software load balancers with cloud offload can provide a much lower cost and elastic protection. To demonstrate scalability in software, AVI Systems recently scaled applications from zero to one million SSL transactions per second in under ten minutes on the Google cloud.

SDN in the data centre

With SDN, enterprise data centres can rely on a converged X86 server base. They can virtualise their WAN access channels by bonding fixed and wireless connections using SDWAN routers (see https://www.computerweekly.com/blog/Quocirca-Insights/Dismantling-data-centre-and-WAN-silos). And now they can deploy software defined load balancing to ensure their application performance, as well as elastically expand (or contract) network capacity as needed.

To do that requires data centre integration, virtualisation and convergence, as well as hybrid cloud management. Furthermore, to be on the leading edge, companies will want to containerise these functions to allow data centres to deploy business applications more rapidly, with reduced development overhead, lower costs, and increased business agility.

lb-in-distributed-dc

The diagram depicts load balancing across a hyper-converged infrastructure (source: AVI Networks).

SDN in the converge data centre

The next generation data centre using products like Big Switch Networks, creates a distributed data centre architecture. This has bare metal hardware that is virtualised, uses containers and hybrid cloud extensions. SDN is still not one-size-fits-all! Inevitably IT departments looking at the next generation of SDN load balancers need to ensure:

  • Compatibility with the major public cloud providers.
  • Virtualisation presupposes compatibility with VMware and Openstack.
  • For X86 compatibility, enterprises can use Intel Bare Metal.
  • Automation, management and orchestration can align with Chef, Ansible, Puppet and others.
  • SDN controller products are available from a range of providers like Cisco, HPE and Contrail.
  • Then there is the container tech coming from Kubernetes, Red Hat OpenShift, Mesosphere DC/OS and Marathon.
  • Finally, to manage and orchestrate the hybrid cloud environment will require REST API based dashboards.

Load Balancing as IT insurance

IT departments stand and fall with their ability to deliver business continuity at still lower price points. They need to justify their own existence every day! Call it insurance in the broader sense. Providing elastic allocation of compute resources, and using the ability of major public clouds to suck up DDOS attacks to ensure business continuity, can be viewed as an insurance policy. IT faces line-of-business demands for more agility to support their DevOps plans, and the ability to provide different corporate constituencies with deeper analytics into individual apps performance, to determine where the delay bottlenecks are. Providing user-friendly and flexible business continuity options that deter lines-of-business from going off-piste, will also curry favour with the company board, as it attempts to implement Governance, Risk and Compliance (GRC) policies.


February 3, 2017  6:43 PM

AV security – unwelcome guests and visual oversight?

Rob Bamforth Rob Bamforth Profile: Rob Bamforth
BYOD, Security, Wi-Fi

Consumerisation and collaboration bring many positive changes to the enterprise. Employees can now use the devices they prefer. Through social media, they have also become used to sharing and communicating more readily with friends and colleagues. However, these changes also introduce security risks – just who and what have you got connected to the network?

icon2

If it was simply a matter of traditional IT products and regular employees, that would be complicated enough. Now all manner of smart devices and itinerant visitors are connected.

In a concerted industry effort to tackle these types of issues head on, cyber security is for the first time going to form part of conference discussions at the forthcoming Audio Visual (AV) event, Integrated Systems Europe (ISE) in Amsterdam in February. The industry’s two main associations, CEDIA and InfoComm have assembled an array of experts to discuss cyber security and the associated risks over a morning conference on Friday 10th February.

This initiative is to be welcomed as the security aspects of IT rise to the fore. Technology is not only pervasive in working environments, but also an integral element of our home lives as consumers. Widespread use can breed complacency. Organisations need to have the tools, systems and processes in place for technology to be used safely and securely in the workplace.

Technology

In many organisations cloud based services are simple to buy to extend a project without bothering IT. Employees are also used to bringing or wearing their own devices. This trend towards ‘shadow IT’ and BYOD (Bring Your Own Device) has few technical boundaries. So, when a meeting room screen needs to be connected or a video feed is required it is equally easy to buy consumer AV devices or services.

This ‘BYOAV’ (Bring Your Own AV) might seem innocuous, but AV technology, consumer and enterprise, has followed the same trends as many other technologies. Cost reduced (so easily affordable), network ready, often wirelessly (so always accessible), and open (so should be interoperable). But it also introduces, often invisible, security issues.

AV equipment is frequently placed in locations where presenting and sharing involves third parties, either as recipients or co-presenters. Guest access to Wi-Fi networks is expected too and should be secured or managed, but connections to AV equipment are more lax. Older systems may still rely on VGA connectors and cables. Sophisticated modern AV installations and low-cost consumer options are increasingly wireless. Even if they include security, the chances are high that it will be different to devices from other manufacturers in other rooms. It will also most likely be different to what is already in place elsewhere in enterprise IT.

People

Some control and consistency will need to be imposed, but historically, AV installations have been part of office management and facilities, often with little involvement from IT. Current AV equipment is highly sophisticated. Its potential impact both on fixed and wireless networks and security, means that AV needs to be incorporated and integrated into the IT management function.

AV also needs to be considered as part of overall enterprise security. Decades ago, some companies worried about the ability for snoopers to pick up the signals from monitors from a car parked outside of offices. Today badly protected wireless devices and networks pose risks. So too do big bright screens that can be photographed surreptitiously by mobile devices.

Snooping by visual means or via an unprotected wireless network both constitute security risks when using AV. So too does the way that users – employees and third parties – authenticate to use or access AV systems. Dial-in codes, logins and guest access should all be treated in the same rigorous way as any other IT security. As it becomes increasingly simple to seamlessly share content electronically, so it has to be managed.

Process

This has to include a combination of polices and processes as well as tools, but the first step is to understand the scale of the problem. To do this requires co-operation and integration between those involved in AV and IT. It starts with better understanding of the current capabilities of products available and the direction of innovation.

The AV industry has undergone much recent innovation. With large display technology becoming much more affordable, screens are popping up everywhere. These include ad hoc meeting spaces and huddle rooms as well as more formal conference rooms. These are being made accessible by companies from Google and Intel to Barco, Sony and AMX. These companies also attempt to apply security and control through their own, different, systems.

Each are all very well in isolation. In mixed environments with so many other elements to consider, IT security needs to seamlessly consolidate diverse technologies. If the measures that keep AV systems secure become too complicated or restrictive, users will simply bypass them.

In addition to AV/IT integration, IT security managers need to extend security training and best practices to include visual and audible components. Unwanted data leakage is not just what is sent over the network, but may also be what is seen and heard.

AV security now needs to be taken seriously within IT. Given the current focus on collaboration and collaborative tools, IT managers would benefit from engaging with AV professionals. This could include a visit to major trade shows, such as ISE, and perhaps taking time to look in on the conference on cybersecurity.


January 30, 2017  9:06 AM

Bonding Cars and Comms

Bernt Ostergaard Bernt Ostergaard Profile: Bernt Ostergaard

Let’s face it: our road transport systems are jamming up – and it’s just getting worse! In order to improve transport infrastructures, the global focus is on the merger of physical transport and telecoms to optimise transport volumes, speed, accuracy as well as security, and actually reducing the environmental impact. Smart traffic management needs Software-Defined Networks (SDN) and Software-Defined WAN access (SD-WAN) to manage hefty increases in mobile data traffic.

All over the world, road, rail, sea and air transport lanes are under pressure to handle increasing traffic volumes. We have in previous blogs reviewed various aspects of the challenge at sea (Maritime network connectivity – all at sea?), and in public transport (SD-WAN handles fleet management and passenger services).

Road transport planners such as the ones in Singapore in their 2030 Smart Mobility plans (Source: https://www.lta.gov.sg/content/dam/ltaweb/corp/RoadsMotoring/files/SmartMobility2030.pdf)

singaporte-traffic-planspursue several strategies to increase throughput:

  • Real-time traffic management systems to reduce congestion
  • In-car automation to reduce risk of collision and economise on fuel and power consumption
  • Public transport and car-sharing off-load to reduce the number of vehicles on the roads and reduce the number of in-city parking spaces required

SD-WAN is a key enabler

Better road traffic management can alleviate traffic jams, but will entail a huge increase in WAN traffic volumes. Software Defined Network (SDN) and Network Function Virtualisation (NFV) technologies are emerging to handle the surge in data volumes on the WAN. The software-centric approach redefines the core WAN architecture, enabling it to adapt to fluctuating and complex network traffic patterns, and the ever-growing demand for mobile comms.

Mobile access will use a wide range of network services: via satellites, multiple cellular mobile services, Wi-Fi, Bluetooth and right down to close-range, Low Power Wide Area (LPWA) communication for Internet-of-Things (IoT) services. The autonomous car will need to intelligently access several of these channels simultaneously.

That requires intelligent mobile SD-WAN access technologies from vendors like Peplink and CradlePoint (see update and correction at the end og this blog!) that can bond available access channels to handle the wide range of connections from IoT traffic bursts to huge terabit file transfers.

Automation, sensors, big data

Real-time traffic management relies on sensors feeding data to algorithms that identify where congestion is likely to occur (e.g. at traffic lights and in lanes) and what alleviating measures may be undertaken to minimise them.

Sensors come in many shapes and forms. Traffic IoT includes:

  • Fixed ground sensors such as traffic cams, in-road sensors, and meteorological and pollution sensors
  • Mobile ground sensors in network-connected cars;
  • Sensors on public transport systems such as buses and trains where the routes and timetables are known before hand
  • Airborne topographical aerial surveillance to monitor ad-hoc hotspots such as accidents and emergencies.
    1. Drones of course have many other functions than aerial traffic management monitoring. This can range from NASA’s planetary rovers for the Mars environment, to high precision agricultural Unmanned Aerial Vehicles (UAVs). In the latter case farmers are using what was once military aviation technology to grow better crops using sensors and robotics to bring big data to precision agriculture.
    2. Amazon recently announced successful trials of its centrally managed Prime Air drone delivery service in Cambridge, UK. The drone successfully delivered a TV streaming stick and bag of popcorn to the garden of a nearby customer! However, if this scales up, it will directly impact a lot of package delivery services.

The automotive changes we are witnessing today all point to a steep rise in mobile communication needs that can adapt to changing signal availability be it cellular, Wi-Fi or emerging IoT communication standards. That will require intelligent SD-WAN devices to optimise access to and use of multiple network services.

Update and correction:

A reader points out that Cradlepoint does in fact not provide bonding capabilities in its SD-WAN router units. The Cradlepoint COR IBR600 router only detects network failures and seamlessly switches over to another active connected data source. I agree that this is not full bonding, merely failover. Mobile bonding, defined as the ability to aggregate bandwidth of all available wireless WAN connections, allowing the router to conduct a session over more than one connection simultaneously, comes from a few of the SD-WAN router vendors. Besides Peplink with its MAX On-The-Go multichannel router, these vendors include Viprinet with its multichannel VPN router, the Mushroom Networks Portabella, and arguably also Icomera which provides mobile connection services for buses and trains that aggregate parallel data networks.


January 27, 2017  8:40 AM

8 steps for implementing a successful print security plan

Louella Fernandes Louella Fernandes Profile: Louella Fernandes

Amidst the proliferation of Internet of Things (IoT) endpoints, the cybersecurity threat landscape has expanded to every mobile, smart and cloud-enabled device on the network. This threatens the resilience of organisations not only from the disruption of business operations, but also the potential ramifications of a data breach can lead to financial loss, brand and reputational damage and loss credibility in the market place. Printers and multifunction printers (MFPs) are not immune to the security threat and are vulnerable to the same risks as any device on the network. As IoT devices they are susceptible to the growing threat of DDoS attacks – left unsecured they are an open door to the corporate network.

Quocirca’s latest report “Print security: An imperative in the IoT era” discusses the many points of vulnerabilities around print. With advanced connectivity and capacity to collect, process and store large volumes of data, the multifunction printer (MFP) has long been a ‘weak link’ in the IT infrastructure – one that businesses can no longer afford to be complacent about. In Quocirca’s survey, 61% of large enterprises admitted suffering at least one data breach through insecure printing.

 

Consequently, businesses must take a proactive and multifaceted approach to print security. This requires a full security evaluation of the print environment which can recommend the appropriate technology – including hardware and software security – as well as end-user education on responsible and secure printing practices.

Quocirca recommends that the following measures are taken:

  1. Ensure print devices are part of an overall information security strategy. Printers are no longer dumb peripherals and must be integrated into an organisation’s security policies and procedures.
  2. Adopt a security policy for the entire printer fleet. In the event of a data breach, an organisation must be able to demonstrate that it has taken measures to protect all networked devices. An organisation should be able to monitor, manage and report on the entire fleet, regardless of model, age or brand.
  3. Secure access to the network. Like other networked devices, MFPs require controls that limit network access, manage the use of network protocols and ports, and prevent potential viruses and malware.
  4. Secure the device. Hard disk encryption adds an additional layer of security; securing stored data be it actively in use by the device, sitting idle on a device, and/or used by the device in a previous job. To avoid the risk of data being recovered when the MFP is moved or disposed of, data overwrite kits should be employed to remove all scan, print, copy and fax data stored in the hard disk drive.
  5. Secure access. Implement user authentication to eliminate the risk of unclaimed output being left in printer trays. User authentication, also known as pull printing, ensures documents are only released to the authorised recipient.
  6. Secure the document. In addition to access and device controls, digital rights management capabilities can further discourage unauthorised copying or transmission of sensitive or confidential information. This can be achieved by enabling features such as secure watermarking, digital signatures or PDF encryption.
  7. Ongoing monitoring and management. To ensure compliance and to trace unauthorised access, organisations need a centralised and flexible way to monitor usage across all print devices. Auditing tools should therefore be able to track usage at the document and user level. This can be achieved by either using MFP audit log data or third-party tools, which provide a full audit trail that logs the identity of each user, the time of use and details of the specific functions that were performed.
  8. Seek expert guidance. Manufacturers and Managed Print Service (MPS) providers continue to develop and enhance their security products and services. Take advantage of security assessment services which evaluate potential vulnerabilities in the print infrastructure. Note that not all assessments are equal. Ensure that the assessment provider demonstrates the credentials to fully evaluate the security risks across device, data and users. There are also a range of security certifications that are published by the National Institute for Standards and Technology.

Ultimately, print security demands a comprehensive approach that includes education, policy and technology. In today’s compliance driven environment where the cost of a single data breach can run into millions, organisations must proactively embrace this challenge. By using the appropriate level of security for their business needs, an organisation can ensure that its most valuable asset – corporate and customer data – is protected.

Read Quocirca’s Print Security: An Imperative in the IoT Era


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: