Home > Intel Communities > Open Port IT Community > IT@Intel > Blog > Tags > it
Up to Blog Posts in IT@Intel
1 2 3 Previous Next

IT@Intel Blog

45 Posts tagged with the it tag
Matthew Rosenquist
4

Is the value of patch management decreasing?  Some experts say, due to a rise in privately held vulnerabilities, the value of patch management is eroding.  Others feel patching is losing the race and becoming too little and too late with the rapid development of attackers.  I too have chimed in on the topic and stated patching all vulnerabilities is not economical, as most are never widely exploited.  But does this mean we should be looking at alternate paths, away from patch management?  I stand firm in support of the end-node update concept, but take a slightly different view of the scope and value.

 

I see ‘patch management’ as the strategic capability of managing end nodes.  I consider the delivery of ‘patches’ as a broad term which includes OS, application, and hardware BIOS upgrades which can benefit the security posture of the device.  This includes and is akin to the widely accepted delivery of security product updates for anti-virus, anti-spyware, firewalls, etc.  Some of which are updated daily.

 

Attacks are constantly changing.  They normally take advantage of poor coding practices, use design functionality in unintended ways, or exploit avenues to misguided end-user judgment.  The ability to update systems is crucial to maintain security equilibrium.  It is a support function for systems to adapt to new threats.  This capability has a multitude of benefits, both strategic and tactical.  Being able to reach out to systems allows for a better understanding of the number, type, and usage of systems in the environment.  An effective system can paint a picture of systems at risk.  It is a sweeping means to close identified vulnerabilities in deployed code, which can reduce the exposure surface.  It can be used to respond to compromises and drive clean-up activities.  Such services can raise the general security level of a community and may drive to a more homogenous security stance, which strongly lends towards efficiency.

 

Mapping ‘patch management’ against a defense-in-depth model shows it allows for Prevention of exposure to known vulnerabilities where patches exist.  It can provide Detection capabilities to improve alerting of attempted as well as successful attacks.  Once systems are compromised, this Response function aids in the restoration of services back to a norm state.  The combination of indicators generated in these areas may assist in efficiency improvements and be used to comprehend future trends, therefore providing a potential Prediction opportunity

 

Overall, actively managing end-node security via ‘patch management’ is very important.  I doubt any serious security professional is advocating turning off all patch or remote system security updates.  The value may vary over time and across different systems, but we have a lot of control in how this capability evolves and the value it returns.  We are empowered to maximize the return on investment.

 

The question still remains, from a measures and metrics perspective, how best can we show and quantify the benefits, efficiency, and value.  The industry as a whole has yet been able to adequately or consistently tackle this challenge.  That discussion is fodder for another blog.

4 Comments Permalink Tags: patching, roi, matthew_rosenquist, it@intel, patch, strategy, value, rosi, information_security, risk, optimal_security, security, model, rosenquist, it, intel_it
Eleanor Wynn
0

Last year Intel announced the ultra mobile PC using Intel(R) Atom(TM) Processor N270 (1.60GHz) . I commented on its particular incarnation as the Purse PC. I was holding my breath waiting for this to come out. The designer PC is here. I first saw it in a major luxury retailer’s catalog and then in a magazine ad. It is designed by Vivienne Tam and is adorned with large pink and orange chrysanthemums.

Men, don’t stop reading here. It’s your chance to buy your significant other a piece of electronic equipment as a gift and get away with it!

I am still waiting for one by one of my favorite designers, something that is iridescent black with contrasting corners, or pinstripes, or white on white damask…or…retro. We need variety to create market mass and user identity differentiation. But I think the floral treatment is a good start. It is beautiful.

And...for the security minded, who the heck is going to steal this thing from you in an airport?

“Pardon me, I believe that is my Vivienne Tam PC you are carrying underneath your trenchcoat. I am sure it was just a mistake that you confused it with your black standard-sized notebook.”

The ideal theft-proofing will be the DIY design-your-own PC skin at the vendor website, using a host of design elements and color, spray paint effects, etc., all baked in of course. That screams: “This is not my Dad!” via remote control. You saw it here.

Next question: what are people putting on their purse PCs. I have to know! And what is the demographic? Click for some clues. The purse PC does have a matching carrying case, and couture dress, if you can afford it. But I notice that on another site someone complained that there was no mirror on it. Possible new graphics app: Mirrorware. Hmmm.

0 Comments Permalink Tags: fashion_computer, netbook, ultra-light, purse_pc, atom_processor, it@intel, it, intel_it
David Buchholz
1

Trying to start off the new year with a question more than a statement as you can see from the subject.  I ask this because of some of the work I am currently doing.  Through the past several months we have been looking a several "influencing" factors and their possible effect on tomorrow's corporate environment.  Things such as consumerization, MID's, netbooks, bring your own computer and even the Generation Y workforce growing in size.  I think one area of "influence" we haven't looked at is legacy IT.  It is just as much an influence as new technologies and trends.  Many shops spend lots of money to put solutions, good or bad, in place.  Invest in infrastructure that made sense 3-5 years ago.  Set roadmaps that made sense when first proposed and established processes for how IT used to work or should have worked.  But the real question today is what would you do different?  Should we take a more agressive approach at End of Lifing pre-existing technologies and solutions that seem to cost more to support today or in some case are here to solve a problem that doesn't exist or has moved on somewhere else. What about out sourcing, how many jobs today no longer make sense from a corporate stand point?  Providing a service is one thing, but if you are providing the same service as the vendor at a higher cost, that really doesn't make sense.  I guess what I am really looking for is what is the value add?  What would you different and what is the value add you feel it would bring to your IT?

 

Just some food for thought to start the new year, I don't think there is a right or wrong answer, simply some space for some sipirted discussions

 

Please share your thoughts!

1 Comments Permalink Tags: next_generation, roi, cio, cost_savings, social_computing, cost_cutting, value, it, change, it_business_value
David Buchholz
0

After spending the last 6 months researching emerging technologies around the IT Client platform, I have identified two must have technologies when considering your client refresh.  The first is Solid State Hard disks.  While the cost is a concern at initial glance, the benefit you receive from this technology is incredible.  We have seen benefits such as no more hard drive failures do to failures from moving parts.  Increased performance from faster machine startup and resume times.  Increased application responsiveness from quicker access on a SSD versus traditional platform.  Fragmented hard drives become an issue of the past and you can now save costs on 3rd party defrag tools and/or custom solutions you develop in house.  These are just some of the many benefits we have seen, for more in depth review check out our recently released whitepaper - http://communities.intel.com/docs/DOC-2524. But beyond all of these benefits are the ones you may need in the future.  As IT moves to more and more of a Virtualized Client environment, technologies like these help make adoption much easier.  When testing the Solid State Disks, we noticed that our Virtualized IT environment running in a traditional Type-2 Client Hypervisor actually ran 27% faster than the same virtual environment on a traditional platter based drive.  This brings me to the next technology, VT-d.  This is the next evolution in client support of virtualization.  While todays more common systems have VT-x, VT-d is now available on many newer systems today.  VT-s offers what we refer to as "direct pass through" interface for virtual machines to communicate with the system hardware.  What this means for you is that you can have a virtualized OS that can talk directly to certain parts of your systems hardware without having to go through a virtualization layer in a Host OS.  This will also enable better use of Type-1 Hypervisors or "Native Client" hypervisors that will allow side by side, on at the same time OS operation on a single platform.  Imagine being able to support a corporate and personal build on the same machine but keeping them isolated from each other.  This opens the door to a host of possibilities for future IT shops.  Not all of these technologies are ready to run full speed today, but with most shops carrying a 2-3 year refresh cycle, it is important to buy the right technologies at the right time so when you want to deploy these, you have systems that support them.  So make sure you check these two technologies out and get them into your client roadmap as soon as possible.

0 Comments Permalink Tags: ssd, roadmap, virtualization, roi, client, vt-d, it, performance
Gal Eylon
1

Before I begin I just wanted to share that this is my first attempt at blogging and I’m really excited to try out this new medium (at least for me J).

 

My name is Gal Eylon, I’m a program manager within Intel IT and I am leading a team which is responsible for vPro adoption activities across our enterprise. Recently we have posted a white paper ( Implementing Intel(r) vPro(tm) Technology to Drive Down Client Management Costs ) that details the journey we have gone through in order to fully deploy vPro use cases within our production environment. The white paper walks you through our architecture and engineering phases and then takes a deep dive into the operational phase – which made use case deployment a reality for Intel.

 

Although our journey was not easy (and has only begun…) – we are pretty pleased from our results and hope you would benefit from this white paper and that it would ease your adoption activities within your environment. In addition - I would appreciate if you would share some of the experiences, BKMs and challenges you are facing within your enterprise. If you are looking for additional info regarding our adoption activities please let me know and I’ll be more than happy to share.

 

Happy New Year!
Gal.

1 Comments Permalink Tags: amt, security, vpro, gal_eylon, intel, client, it@intel, roi, it, provisioning, manageability, cost_savings, value
Heath Buckmaster
4

Most of the people participating in this part of the Intel Community are IT folks. We all share some common skills and backgrounds, and likely degrees in similar things like Information Systems.

 

We also share a commonality in the workplace - we work in a cost center. IT, in most cases, is not a money-maker for a company. Product divisions create things, sales and marketing divisions sell things, but IT just keeps it all up and running. Money doesn't flow through IT, it flows TO IT to pay for the networks, phones, servers, clients, software, websites, etc.

 

So when it comes time for cost-cutting, the cost centers are the first on the chopping block. So how do you keep your employees going when all around them budgets are being cut, headcount actions remain a possibility, and the economy around them pours through instability?

 

Now keep in mind we're not perfect - we don't always do things as consistently as we should, but we try.

 

Here are Heath's Five Suggestions for IT in 2009.

 

1. More consistent communications - get the CIO and the senior IT leaders in front of people talking about what's going on within the IT. Be open to listening to your internal blogs and forums environments where people tend to be more vocal, and actively participate in these "new" communication styles. Communication shifts, and we have to shift with it.

 

2. Regularly scheduled on-site social events. We've had a catered breakfast and two lunches this year for all of IT on site. We also did an "Amazing Race" competition that brought teams together from all parts of IT, complete with catered BBQ lunch, some exciting video game playing, and wacky relay races. Get people away from their desks and provide opportunities to socialize with their peers. I know people who work in a 3 aisle radius, but there are a ton of other people in IT that are just as cool and just as interesting - give me an opportunity to meet them.

 

3. Embed the fun at a department level. A number of departments have purchased video game systems and are setting up game time over the lunch hour for their teams. Right now I'm participating in one with my entire program team, and I got feedback from one of my employees that this has gone a long way in bringing fun into the workplace. You don't have to go out and spend hundreds of dollars on a gaming system, so bring in a board game to your staff meeting, and instead of spending an hour on passdowns, spend an hour flying around Park Place* and Boardwalk* with your team.

 

4. Reset your expectations if necessary. The world is not the same as it was in the dot com boom. Companies are shifting their spending to research and innovation, and growth is slowing. You can't expect that people will maintain the same level of passion they had before if you aren't actively encouraging it and promoting it. If you're a manager, you can't keep raising the bar if people feel like they are beaten down by outside influences. Be realistic about what your team can achieve and set REAL stretch goals.

 

5. Focus on strengths, NOT areas of development. People in IT will always have something new to learn, but let them do that when they are ready for it. Focus on what they are good at and talk about those things. Get them into jobs that accentuate the positive and not punishment for the improvement areas. Yes - make sure people have the basic skills for the job and interact positively in the workplace, but if you've got someone who is superior at programming and not at public speaking - stop trying to put them in front of the customer and let them code to their heart's content!

 

Give it a shot and see what happens in your team! IT has a strategic place in the growth and development of any company - but you have to make it happen.

 

I welcome all feedback and comments about what your organizations are doing to keep the motivation and the passion in IT.

4 Comments Permalink Tags: it, it@intel, heath_buckmaster, motivation, passion, cost_cutting
David Buchholz
0

As I sit back and think of some of the newer technologies we have looked at recently, I find myself wondering if IT is in the never ending cycle of re-inventing the wheel. What I mean by this is sometimes it seems as if we continue to try and re-engineer everything to make it fit our environment or how we think it should work. When viewing newer technologies, usage models and trying to pass data off to other groups the phrases I think I hear the most are, “That will never work in our environment,” or “If we can get them to change this, this and this, we may be able to use it here” or my favorite, “This will never be secure enough for us to use it as it exists”. While these may be valid assessments against the way we do things today, the big question is: should we be pushing ourselves to look for new ways of doing things? Five years ago, employees preferred to use their machines and software loads supplied by IT because they were more powerful or feature rich than anything they had at home. But in today’s society, people have higher end machines at home than IT supplies them. They also use newer technologies that are usually off limits or not supported by IT. Think of some of the tools we use today, such as this blog or even instant messaging. These technologies exist in our corporate environment because we saw people using them at home and brought them into our corporate environment. It wasn’t something that IT created and people took home to use. So with so many of these newer technologies out there, should we keep pushing to make them adapt to our IT world, or should we start pushing IT to start adapting to new models. We take umbrella approaches to everything today. Total security of the platform, instead of trying to reduce the footprint we have to manage. We look for solutions that will cover the majority of the users, versus what may be right for smaller enclaves. We place several management clients on the platform to perform numerous tasks instead of using native components or reducing some of the redundant requirements we have. Moving forward, the next generation of workers will expect businesses to offer familiar technology and won’t accept tradition as an excuse. IT shops need to provide workers with “cool” ways to work. If they don’t, they risk becoming obsolete.

0 Comments Permalink Tags: it, value, innovation, generation, usage, model, alternate_compute_models
Chad Clemons
2

 

Yesterday, Intel released this announcement on the Digital Health "Intel Health Guide" product and it's clearance by the FDA. This looks to be a very exciting device that will go a long way in applying technology to provide a more personal, human healthcare experience while maintaining care quality.

 

 

Working in IT, I have not always had good visibility into the business of Intel. In IT, we talk about "customers" which refers to Intel employees using IT services, not Intel customers who buy and use Intel's products.

 

 

However, as a program/project manager in the IT Mergers and Acquisitions team, I am gaining unique insights into how Intel builds products by engaging with customers and understanding needs, not just short term but potentially very long term.

 

 

For example, Intel recently acquired a company called WebVMC. While working with the Digital Health and WebVMC folks on the IT integration of that acquisition, I've gained new insights into the direction Intel is going with its businesses around Digital Health.

 

 

I'm looking forward to future projects that will help me as an IT solutions provider truly understand the business aspects involved so that the solutions I build and deploy help meet those business objectives. Because at the end of the day, it's not about cool IT technology (as much as we might like it to be), it's about our customers and making a difference in their lives...and how especially true in the field of healthcare.

 

 

Great work, Digital Health team!

 

 

 

 

2 Comments Permalink Tags: acquisitions, health, healthcare, remote_nurse, it
Chad Clemons
3

Greetings!

 

The great behemoth that is Intel is in fact made up of many, many tiny cogs...and I am one such cog.

 

Working as a program/project manager within Intel's Information Technology group, my efforts are focused on addressing the IT aspects of Intel's acquisitions and divestitures activities (aka mergers and acquisitions...aka M&A...although it seems lately that we've been doing a fair amount of the ‘divestiture' projects...but I don't think you'll see the term M&A&D being used anytime soon! It's just not very sexy.)

 

 

I'll probably take a trip down memory lane in a later post, as this is in fact my second foray into the world of IT M&A.

 

 

In short, my role involves working with the various business units within Intel when they decide to acquire a company or divest a piece of their business, and ensure that all IT aspects of the transaction are addressed successfully. The PM role is responsible for everything from network connectivity for desktop and laptop systems to servers and storage to telephony and Blackberries. We work closely with our "partners" within Intel (we used to call them "customers," but I prefer the term "partners"...later post topic?) to ensure that people, assets and intellectual property are 1) brought in smoothly to the Intel fold in the case of an acquisition, and 2) handed off/out smoothly in the case of a divestiture.

 

 

Wow, so much more I could add on this topic alone, but I'm a brand new blogger, so I must pace myself!

 

 

Thanks!

 

 

Chad Clemons

 

 

 

 

3 Comments Permalink Tags: it, it@intel, m&a, mergers, acquisitions, divestitures
George Clement
0

Using six sigma in IT

Posted by George Clement Apr 1, 2008

Just finished my green belt project analyzing how effective web analytics is in identifying applications no longer required by IT (and should be archived) . the project went well I had some interesting data to show for it and it def drove a decision.

 

I'd have to say that LSS gave me some new tools to use. The templates we use internally are ok but If I was outside I'd probably stop by http://lssacademy.com/downloads/ and check out their C&E and FMEA.

 

 

Some advice to others looking to start a GB project I'd like to mention a couple of general things I learned from setting up and running mine:

 

  • Don't boil the ocean - Improve an existing process as your green belt project.

  • Use Six Sigma tools to measure process output and identify where failures impact results (FMEA, C&E, etc).

  • Apply Lean Thinking to a step that has a lot of failure.

  • Measure improvement using Six Sigma tools (remesure your failure rate / speed / or what every you has as the cause of your failure).

 

0 Comments Permalink Tags: it, roi, lean, six, sigma
Laurie Buczek
2

Each year Intel IT publishes an Annual Information Technology report documenting our key initiatives and how we performed towards them. The Intel Information Technology 2007 Performance Report is now available. It is noteworthy to state that 2007 was another year of substantial change for Intel IT. Some of the key highlights are:

 

  • We entered our second year of a multi-year replatformization of our ERP environment.

  • We streamlined our decision making and governance by eliminating 67% of our forums necessary to make a decision.

  • We announced our long-range data center efficiency initiative which is expected to achieve a $1B (US) cost avoidance

  • We focused on standardizing and reducing the number of applications. We removed more than 450 outdated & redundant applications!

 

We welcome your comments on how we did. I especially would like to hear how your company's evaluate their IT performance.

2 Comments 0 References Permalink Tags: it, it@intel, annual_performance_report, apr, it_operations
Travis Broughton
43

Recently, a colleague and I spoke to a group of IT administrators in Washington, DC. We left our car in a self-park parking lot in which the attendants had everyone leave their keys in their car, in lieu of keeping them on a valet "key board". They seemed to be depending on reasonably honest customers (we were in a secure area past a government checkpoint) and their own memories to ensure no cars were "lost". We returned to find that the parking lot attendants had completely rearranged the vehicles. Since it was a rental car, it was hard to describe the car and therefore hard to find. (By this point you're probably thinking that I've posted to the wrong board or that Intel pays me by the word, but bear with me)

 

It took a rather lengthy iterative search, but we eventually found the car. As we walked, my colleague and I joked about this as "parking lot virtualization". Our vehicle was moved from one slot to another to better fulfill the changing needs of the parking environment over time. This struck a chord with us, having just been discussing some of the challenges with virtualization.

 

In the data center, most virtualization suites allow an administrator to manually move a workload from one host to another. This is a very powerful concept - instead of having to negotiate for a 3:00am Sunday morning maintenance window to do preventative hardware maintenance, we can move all of the workloads to another physical machine, perform maintenance during normal working hours, and eventually move the workload back to its original location. We can also migrate workloads from a less powerful machine to a newer machine for performance or in order to retire hardware.

 

Combining this capability with the ability to host multiple workloads on a single piece of hardware, the data center can quickly become very complex. Without a robust database to map workload to physical machine (and vice-versa) or an automated update mechanism to adjust these mappings after a move, we can easily lose track of our services. These mappings are needed in order to answer questions like "host/rack/row/room x went down - what services need to be restarted?"

 

My colleague noted that ITIL has mature, well-defined mechanisms to deal with many of these types of events. Change orders, maintenance escalations, and configuration databases were all designed with these business processes in mind, albeit at a much slower (and more manual) pace. It would defeat much of the benefit of virtualization if one had to get a signed piece of paper, email approval, or file a trouble ticket in order to offload a workload in response to a failed CPU fan. Instead, we should use policy to anticipate and enact these types of responses. The discipline and rigor of change management is critical within the virtualized data center, but it must be directly encapsulated by our tools in order to be effective. In essence, the CMDB needs to be dynamically updated in order to maintain fidelity to the Data Center's logical state at any given instant.

 

For those of you who have deployed virtual machines in large-scale production, what techniques have been most successful for managing the chaos of moving services and images? Are you using a glue layer for your legacy CMDB and other management tools, or are you finding it easier to throw them out and depend on the tools provided by your virtualization stack?

43 Comments Permalink Tags: data_center, it, virtualization
Laurie Buczek
3

Getting Ready for IDF

Posted by Laurie Buczek Aug 30, 2007

Intel's IT professionals are getting ready to come to you live from IDF (Intel Developer Forum) in San Francisco the week of September 18th-20th. John "JJ" Johnson, CIO, will be discussing Intel’s perspective on the impact technology brings to the future of IT. We are also developing a social media panel who will discuss the challenges of social media in the IT environment and more. In addition, you will likely find me roaming the halls chatting with you, participating in sessions and doing a live blog. We are looking forward to it. Any, oh, by the way- I have a super discount for you. Use the following codes to get a great discount: For September 18th only - code #DNCITI- gets you in *free. *If you want to attend all 3 days use code # PRMITI for a price of only $895. I look forward to seeing you there!

3 Comments Permalink Tags: idf, it, it@intel
Laurie Buczek
3

A few of our top security analysts & strategists got together to share with Podtech how Intel's own IT department tackles security challenges. Did you know that Intel's IT organization developed a "war gaming" program to model and predict bad guy behaviors? Do you have increased challenges around securing your network perimeter due to the integration of more mobile devices? Have you developed a way to actually measure the business value of IT's security efforts? I invite you to learn how Intel's IT organization addresses these security topics and more. Check out our first video introducing the series on security, then hop over to Managing the Effort to Measure Security blog by Matthew Rosenquist. More coming soon...

 

 

3 Comments Permalink Tags: security, it@intel, it, video
Jeff Moriarty
9

In my blog inside Intel I'm exploring some ideas for social media implementation, and would like to throw them out here to the IT Community for input. Our social media implementation is a bit patchwork at the moment, so I'm looking at ways to help fill it in. In this case, the idea is to open up our current method of corporate employee communication.

 

Currently, our intranet is a fairly static site. Most news and articles are just fixed web posts, and what I've been exploring is adding an open discussion area on the end of every article published on any intranet site. Then any reader who has something to ask or add on a topic can contribute. It may be a simple link to related material, or it may be detailed thoughts on the topic. There may be no comments for an FYI about a local road closure, or a lengthy exchange about some of our product strategies. If the topic draws out a reader who cares enough to add thoughts, the net result of those inputs creates material that is more valuable than the post alone. At worst it shows what people think of a topic, and at best there could be ideas, information, and discourse that adds a lot more than the original post.

 

The second piece of this change would be to allow employees to directly submit their own articles and material, similar to something you might see on del.icio.us or Digg. Those sites are very different, but together they enable every single employee to quickly share content they find valuable, and provide a mechanism for the best of that content to rise up for all to see. It's a staggering difference from the tops-down, management sanitized communication we get today. It leverages the incredible knowledge and brainpower already present across Intel, and starts building a valuable repository of information that no centralized, "tops down" organized project could accomplish.

 

 

Perhaps it gets to the heart of an ongoing debate about the role of IT - are we an enabler for existing technical demand, or do we have an obligation to stretch the rest of the company in new behavorial directions around technology? I'm a believer in the latter, but it's far from a settled issue.

 

 

Do any of you allow that sort of deep participation in all levels of employee communications? Is your company even one that would allow it? As I work this issue internally, I'd really like to hear how others address it.

 

 

9 Comments Permalink Tags: collaboration, value, it, social_media
1 2 3 Previous Next

Popular Blog Posts