IT@Intel Blog

Is it time for "Radical Change" in IT?

VirtualDave — Fri, 26 Sep 2008 21:03:07 GMT

As I sit here fresh from a leadership conference for IT employees, I find myself thinking about that. Does IT need radical change? After hearing several examples of how people engineered solutions to solve specific problems or reviewed projects they had developed over the past year, I can answer with a definite yes. While it wasn't simply this experience that pushed me to realization, it definitely helped complete the pattern I had noticed in today's IT.

I spend most of my normal role investigating and researching emerging and next generation technologies. With this role came many headaches from pounding my head against the wall of established processes, procedures and preconceived notions. But to borrow an idea from Gene Meieran, that is simply the toll I am paying on this road to my success. But I look at this and ask a simple question, why?

When pushing to adopt a new technology, why do we have to wait until it meets all of our established requirements? Why do we try to make vendor's products adapt to us, versus us considering the possibility to adapt to them? Why does it take us 2 years to adopt a new operating system or major product? Why do we run projects for 18-24 months to implement a product that exists out on the shelf today? In looking at several examples of what people consider successful products today, I look to see what makes them different, attractive, and a must have. I then ask what would it take to make IT different, attractive and a must have for any corporation.

Five or six years ago, people came to work and looked to IT to get the latest hardware, OS and innovations, because we had it here. We spent the dollars and time to solve problems and innovate. But in the last few years, people have adopted technology must faster at home than we do at work. They use the iPhone, a Wii, social networking tools, cloud based services, etc. They are enabled at home with more options than we provide as an IT shop. We use instant messaging in IT, not because we developed it as a way to eliminate small emails, but because instant messaging was a consumer product that grew so fast, that IT had to adopt it. Social networking is doing the same thing. So I wonder, what would it take to get IT back ahead of the curve and become an enabler of new ideas and solutions, rather than an implementer & reinventer of existing technology?

We need to get back to freethinking and innovation that is core to our roots. Companies like Intel were founded on thoughts like the famous quote from Robert Noyce - "Don't be encumbered by the past, go out and do something wonderful" yet in our day to day life I see many encumbered by the past and am waiting for the wonderful. We choose solutions that have more of the one size fits all. Instead of picking the best solutions for the roles that exist; we try to find the one item that can solve all of our problems. Rather than choosing the optimal product for the "one size", we should look at the product that enables the end user to perform optimally. Imagined if corporations took this approach with their products. Image a shoe manufacture that developed the one size fits all. It would be an opened toe, ¾ shank athletic tread, men's size 10, 3-inch heel, sneaker pump. It would meet most of the needs of the shoe-wearing world, but wouldn't be the right shoe for many, if anyone. So why do we settle for the same model in IT? We need to be innovative. We need to look at Apple, Google, Nintendo and others. They didn't just develop products that do what everyone else's products do today, but they did them differently & in many cases better. What does it take to make your part of IT the next iPod, iPhone or Wii? How can we enable our partners to perform optimally? What does it take to just go out and do something without worrying about how many existing committees; review boards, processes and groups have to be engaged to just get it going? The answer is radical change. We need to change how we work. We need to change the level of control we have today. We need to shrink what we try to manage. We need to strive to enable the partners versus totally control their work life. We need to ask so what every once in a while. When someone says if we do A then B might happen. Ask the question, so what? We spend all this time doing the day-to-day moving from spot to spot, never worrying about the resources, costs and effort put into the status quo. When we try to implement something new, it goes under the microscope and quite often is held to a different standard than existing solutions. Requirements seem to be a never-ending monster of growth, instead of the simple point-by-point items they should be for solutions. Many times the solutions themselves are actually listed as the requirements. So I challenge us all to start a process of Radical Change. Start asking the question So What? Start pushing back on the status quo, quit being encumbered and start a process of innovation. Help your partners perform optimally and be a key part of their success rather than just one of their suppliers. It won't be easy, it won't always be fun, but it will be rewarding.

Microsoft Hyper-V Updated to Support Intel's Xeon 7400

BrianMcCann — Thu, 25 Sep 2008 15:27:21 GMT

I'm sure you've already seen press on the new 7400 series of processes. It is a really exciting time to see 6 core procs coming out. Being an engineer that supports enterprise applications and technologies this should provide a lot of extra power to apps that were CPU bound to 4 procs. One such technology is virtualization and Microsoft's Hyper-V. Previously the limit of Hyper-V was 128 physical procs and 16 logical procs. Microsoft just released an update that will increase those previous limits to support up to 192 physical procs and 24 logical procs! WOW, I can't wait to see that in action. This should definitely help organizations that need to limit their physical footprint of servers with their consolidation efforts.

This is a great example of two companies combining their technology in ways that really benefit the customer. Very exciting times...I can't wait for even more cores!!!

Defeating malware infections with Intel system defense part 3 - automation

Omer Ben-Shalom — Thu, 18 Sep 2008 04:50:52 GMT

The third and last part of the video series discussing how you can make use of the vPro system defense capabilities the easy way is out, this video shows an example of how your existing security server can implement network quarantine using system defense on provisioned devices without having to know a thing about AMT.
The video follows on the second video which showed an example of using system defense through the Microsoft SCOM GUI and shows a proof of concept implementation that only requires the security server to input an event into the local windows event log which is easily doable with almost any programming/script language. Behind the scene the SCOM agent installed on the security server intercepts this event, sends notification to the SCOM server and as a result the SCOM server implements the blocking policy on the offending host.

http://www.podtech.net/home/5355/isolation-of-infected-pcs-and-remediation-with-intel-vpro-technology-part-3-of-3

The beauty of this is that now you can choose any server to collect and correlate your security events and take quarantine decisions and all that without this server having to be an AMT management server. the existing AMT manager (SCOM in this example) is doing the hard work for you.
as before I hope you find this useful, I would love to hear comments and answer any questions.
Cheers
Omer.

Fortune Cookie Security Advice - September 2008

Matthew Rosenquist — Wed, 17 Sep 2008 18:12:10 GMT

Everyone wants information security to be easy. Wouldn't it be nice if it were simple enough to fit snugly inside a fortune cookie? Well, although I don't try to promote such foolish nonsense, I do on occasion pass on readily digestible nuggets to reinforce security principles and get people thinking how security applies to their environment.

Common Sense
I think the key to fortune cookie advice is ‘common sense' in the context of security. It must be simple, succinct, and make sense to everyone, while conveying important security aspects.

Here is my Fortune Cookie advice for September:

In information security, like in sports, knowing your adversary is far more important than knowing the condition of the field.

Information security is an adversarial pursuit. It all begins with threat agents, those people who will negatively affect your organization. Some are malicious, others are not. The key is they are living, breathing opponents whose motivations drive actions which cause loss. They learn, adapt, and change as they seek their objectives.

Know your threats. This is an important first step. Knowing all your vulnerabilities is fine, but secondary in importance.

For those who are malicious, understand what they target and the likely methods they will employ. Only then can the vulnerabilities be narrowed to show the most probable exposures. This prediction gives the security professional a focus on what to protect, how best to monitor, and preparations necessary to respond when needed.

So am I contributing to the problem of over simplifying security? Or am I reaching out to those who might not take an inordinate amount of time necessary to understand the complexities and nuances of our industry? You decide and feel free to share your knowledge-nuggets.

Fortune Cookie Security Advice - August 2008

Fortune Cookie Security Advice - June 2008

Fortune Cookie Security Advice - May 2008

Deconstructing Cyber Security Attacks - Threat Model

Defense in Depth Information Security Strategy

Defeating malware infections with Intel system defense

Omer Ben-Shalom — Tue, 26 Aug 2008 22:11:00 GMT

I'm Omer Ben-Shalom and I am a principal engineer with Intel information technology (IT) focusing on mobility and client platforms. I have had the pleasure of working with the Intel development teams on the vPro AMT system defense and decided to share my experiences via a three part video series showing how system defense can help in active response to infected PCs.
There are many threats to the environment. the 'classical' threats originate from the outside and it is the job of the perimeter defenses such as firewalls, IPS and others to block them but the more problematic ones are those that originate from inside the perimeter, these type of attacks are mostly conducted from legitimate machines owned by the business and are quite often carried inside the perimeter unknowingly by employees especially when using mobile platforms such as notebooks which are carried outside the business and back in.
Detecting infected PCs and other malicious activity is done with the help of the various intrusion detections systems and the alerts generated can be collected and aggregated to provide a very good picture of the existing threats. A much more difficult task is the ability to quarantine the hosts carrying out the malicious activity and perform remediation. there are solutions involving both host software and network side blocking but with the host possibly compromised and the network location of the offending host subject to change with mobile platforms effective quarantine and remediation is very complex.
This is where the Intel vPro system defense capabilities come into play by allowing selective network access restrictions on a host, these restrictions can allow only the connectivity necessary to fix the problem and being implemented on the host platform itself cannot be escaped just by changing the network location.
This week we are publishing the first of a three part video series on how to use system defense for this purpose both manually and via integration to existing AMT management. I hope you will all take the time to view the introduction video below. any comments are welcome. I would love to hear your views about the problem as well as the solution.

http://www.podtech.net/home/5329/vpro-technology-system-defense-nar-videos-part-1-of-3

I hope you enjoyed this video, parts two and three should post by next week, stay tuned

Data goes bye bye -- do you backup your personal stuff?

John Simpson — Mon, 25 Aug 2008 21:07:14 GMT

The loud crash from upstairs brought me out of my restful state with a surge of adrenalin. As this wonder-drug coursed through my veins I immediately became aware of everything. The Tick-tock of the clock, the dog breathing in the corner and floorboard creaks from upstairs. I kept telling myself that the storm outside must have caused something to shift -- something simple and not so scary. Starting up the stairs, eyes darting, the beat of my heart drowned out my adrenalin edge. Near the top of the landing there was a flash of lighting, a large boom, and the lights went out as I saw a figure lunge at me, knocking me down to the landing below.

Nightmares can manifest themselves in many forms. I'll leave the ending up to you, however, I am currently living a nightmare with regards to my personal data at home.

About ten months ago I took the plunge into the terabyte (TB) arena and bought an external drive. This enabled me to pull information from many sources in order to supply a consolidated view of different media (movies, pictures and music) to the family. As I was going through this evolution I started removing data from internal drives, and making neat and organized structures on the external drive. It was fast and friendly and up until a few weeks ago, it was also reliable.

That's when the nightmare began.

One day I turned on my home system and noticed that the external drive would no longer connect (it actually connected and disconnected about five times a minute). This was the one time I had turned off the computer and forgot to turn off the external drive, so I figured it had just gotten hot and was in some self-protection mode with a thermal overload. No such luck.

The enclosure (device containing he hard-drives) had failed.

I contained my anxiety because it was obvious it was the enclosure and not the drives (through some hardware diagnostics). So I figured I would simply mount the drives and extract the data that was not backed-up on DVD (about 8 months of video and photos).

Again, no luck. The problem was caused by the type of enclosure I had purchased.

There are multiple types of drive configurations on the market, and if you are not aware of what type your enclosure uses, you could find yourself in the same boat I'm in. The specific one I had was configured (from the factory) as a RAID-0. For the unaware, RAID (redundant array of inexpensive disks, http://en.wikipedia.org/wiki/Redundant_array_of_independent_disks) has different settings (or levels), which are configured based on the level of security and speed you want for your data.

The vendor had configured this as a RAID-0 to maximize the space available and maximize speed. The benefits of a RAID-0 come at a price. This array configuration (with two drives) basically splits the data in half and writes each half, simultaneously, to each drive. Half the time to write, half the time to read, makes it very fast. The basic problem is that only half the data exists on each drive meaning no drive is of use without the other. And when there is corruption of a logical disk or you want to switch to a new enclosure, you are stopped by the fact that most hardware RAID controllers use proprietary disk layouts.

I know they are proprietary since I've tried reading these drives with three different RAID-0 arrays (which is also why I know the drives work fine, through diagnostics).

My next step is to try and perform a soft-RAID setup internally to my computer.
This involves creating an image of each drive and using software to try and detect the different parameters of the RAID setup, in order to emulate the hardware configuration. If this works I should be able to pull my data off of the drives.

What do I do with the data?
Well, I have sufficient internal storage to keep it while I catch up on 8-months worth of DVD back-ups. Long-term I am looking to a RAID-5 setup in hopes of solving my data storage, security and hardware failure worries.

Bottom line.
Be aware how your external (or internal) setup is configured. If you see RAID-0 or JBOD, then you have zero protection and must have a way to perform back-ups. Yes, I could try to have some external data recovery company perform the data restoration, however, I would rather do it myself and save the cash for a back-up system.

How do you ensure you don't lose anything of value?
Have you encountered a similar issue?

Fortune Cookie Security Advice - August 2008

Matthew Rosenquist — Mon, 25 Aug 2008 17:27:54 GMT

Everyone wants information security to be easy. Wouldn’t it be nice if it were simple enough to fit snugly inside a fortune cookie? Well, although I don’t try to promote such foolish nonsense, I do on occasion pass on readily digestible nuggets to reinforce security principles and get people thinking how security applies to their environment.

Common Sense
I think the key to fortune cookie advice is ‘common sense’ in the context of security. It must be simple, succinct, and make sense to everyone, while conveying important security aspects.

Here is my Fortune Cookie advice for August:

Security policy is like a seatbelt. It will not protect you every time, but it is guaranteed to fail if you choose not to use it.

No security policy is perfect. In fact, it should be a continuously evolving body of work which is improved as the industry changes and learns. The biggest challenge is not the exactness of the policies; rather it is the awareness and consistent adoption by the employees. An appropriate level of effort must be directed at the successful marketing and support by the target audience.

It may not be sexy, but policy can empower the Management support and maintenance of policy are key factors in leveraging this tool. Clear and straightforward verbiage coupled with sufficient marketing saturation can deliver necessary awareness to affect behaviors. With employee support of security principles, an organization takes a great step forward in achieving an optimal security posture.

A Company’s Greatest Security Threat and Asset

Fortune Cookie Security Advice - June 2008

Fortune Cookie Security Advice - May 2008

Are Security ROI Figures Meaningless?

Matthew Rosenquist — Mon, 25 Aug 2008 14:56:19 GMT

Recently, security expert Bruce Schneier expounded security ROI figures were meaningless! Is it true? Well, yes and no.

The brutal truth.
Well respected information security expert Bruce Schneier recently provided a stark opinion regarding the value of ROI's.
Follow this link to see the story:
http://www.zdnetasia.com/news/security/0,39044215,62037905,00.htm

In brief, Bruce stated security because numbers can be manipulated to justify anything.

He explained that the amount spent on a product can change significantly by simply playing with the equation.
"If the chance of you being attacked is one in a million and I change it to one in two million... I have halved the amount of money you should spend.
"I can make an ROI model say whatever I want. I could justify or not justify anything based on these very, very rare and very, very damaging events," he said.

Tell me it is not true!
I believe Bruce is both right and is delivering a message which is a little incomplete. His general message is accurate and shocking enough to garner the right level of attention. Most of the information security ROI's I have read were speculative, could not be validated, were impossible to reproduce, and had great latitude to provide results which benefit the desires of the author. Nowadays audiences are being provided ‘information' under the auspices of ‘fact', when in reality they are more of an opinion. Such valuation assessments are based on qualitative data versus quantitative metrics.

I blogged about the The Problem of Measuring Information Security back in August 2007

Awareness must be raised. I applaud Bruce in helping to make this happen. His message, as brutal as it sounds, is bringing to light a shadowy area in our industry. I think the follow-up message for audiences is to scrutinize and apply common sense to any ROI they come across. Understand the methodology and if it makes sense in their context. Lifting the curtain can quickly reveal a puppet master pulling the strings to artificially show value.

Like Bruce, I too have a jaded perspective. I have seen some WILD ROI's. Much of what I have read from security vendors is pure folly. However, just because most are fiction, it does not mean all methodologies are without merit.

Intel published a Whitepaper - Measuring the Return on IT Security Investments which is applicable to some situations. This method, far from being a silver-bullet, is a good start and has proven its truthfulness.

For any method, the accuracy should be scrutinized. Can it be validated, repeated? Was the method exclusively developed solely for self serving purposes from someone trying to sell something shiny? Does it make sense? These are the questions I ask myself.

On the bright side, many bright sharp people are working very hard to make the industry better and develop more rigid processes to insure both accuracy and confidence.

In the end, there is much work to be done in the information security valuation space. In the meanwhile, savvy consumers should be aware of the challenges and dive deeper into prospective ROI's and determine if they are ‘meaningless'.

Are today’s IT shops doomed to repeat the never ending cycle of re-inventing the wheel?

VirtualDave — Thu, 21 Aug 2008 18:32:55 GMT

As I sit back and think of some of the newer technologies we have looked at recently, I find myself wondering if IT is in the never ending cycle of re-inventing the wheel. What I mean by this is sometimes it seems as if we continue to try and re-engineer everything to make it fit our environment or how we think it should work. When viewing newer technologies, usage models and trying to pass data off to other groups the phrases I think I hear the most are, “That will never work in our environment,” or “If we can get them to change this, this and this, we may be able to use it here” or my favorite, “This will never be secure enough for us to use it as it exists”. While these may be valid assessments against the way we do things today, the big question is: should we be pushing ourselves to look for new ways of doing things? Five years ago, employees preferred to use their machines and software loads supplied by IT because they were more powerful or feature rich than anything they had at home. But in today’s society, people have higher end machines at home than IT supplies them. They also use newer technologies that are usually off limits or not supported by IT. Think of some of the tools we use today, such as this blog or even instant messaging. These technologies exist in our corporate environment because we saw people using them at home and brought them into our corporate environment. It wasn’t something that IT created and people took home to use. So with so many of these newer technologies out there, should we keep pushing to make them adapt to our IT world, or should we start pushing IT to start adapting to new models. We take umbrella approaches to everything today. Total security of the platform, instead of trying to reduce the footprint we have to manage. We look for solutions that will cover the majority of the users, versus what may be right for smaller enclaves. We place several management clients on the platform to perform numerous tasks instead of using native components or reducing some of the redundant requirements we have. Moving forward, the next generation of workers will expect businesses to offer familiar technology and won’t accept tradition as an excuse. IT shops need to provide workers with “cool” ways to work. If they don’t, they risk becoming obsolete.

Community building around software developers

John Simpson — Thu, 21 Aug 2008 13:54:53 GMT

The early morning dew glistens as the light of dawn wakens the cactus blossoms of the Arizona desert. Of course, at this time of the year, it never gets cool enough for dew to build or blossoms to go to sleep. During the late summer there are winds that blow through the sands, kicking up dust, and filling the maddening clouds with thick rain. These winds blow hard. These winds cause the desert to change.

There are other winds that have been blowing through the business world enabling a convergence of technology and usage patterns. What was once firmly outside the firewall, and considered only for those on the fringe, is now being embraced and pulled inside.

Social Media (corporately named Professional Media) can be used to enhance your work force like no other tool/technology/use ever has. In the past, when you were looking for an expert, trying to solve a problem, or interested in posting a solution, you did so within the confines of your close personal network. Today, as many of the common social media tools embraced by the business world, that personal network is expanding to involve the whole company. In my case that number approaches 100,000 people.

My specific opportunity involves the forming of a company-based, professional society of software developers.

Why is this important or even needed? Let's say you are starting a new project to create a web-based sales system. While going through the design process you decide upon a certain software platform, specific languages and messaging mechanisms. After the design is approved you then need to setup your development and testing environments as well as any compilation/deployment mechanisms necessary to manage your processes. For just about every project, this has been a large chunk of time and effort because each individual group had become their own pocket of excellence.

What is a pocket of excellence? This would be the team, or individual, who does their job really well, because the processes (and tools) they have in place correspond to the needs and expectations of their immediate team. It is the single person doing it the same way because that way works and meets the customer’s needs.

A pocket of excellence is a personal (or private) network based solution to their local problem (software development).

My goal is to start a society of loosely coupled software developers willing to share their thoughts and ideas in order to allow those private networks to become global in scale. In sharing their data from their pocket of excellence, they begin to gain a wider insight regarding their approach. They may get input to improve it or in turn may see something which makes sense and simplifies their own solution. It should resolve itself into a library of processes and a network of people, in order to help make their jobs better.

Some of the focus areas that I have targeted in our society are:

Education
Standards
Technologies
Tools/Utilities
Design
Testing
Deployment
Supportability

I will follow up with some expansion of this and further explanations of how social (professional) media can help to enable this on a company scale. I would love to hear about any efforts in your company, or feedback on what we are attempting to do.

Can Client Virtualization lead to a simpler IT environment?

VirtualDave — Wed, 20 Aug 2008 21:00:06 GMT

For the past year I have been working with several client technologies that revolve around the area of Client Virtualization. As I looked into these technologies and benchmarked them, I began to realize several key things.

These technologies are finally mature enough to start using mainstream. True they may not all fit your current IT model, security rules or management framework, but that is another discussion. The pure fact is with hardware virtualization now enabled in chipsets, we can expect virtualized environments that perform faster than yesterday's systems and almost as fast as the host OS. Moving forward, technologies will be released that will support side by side OS or multiple instance virtual machines. Imagine a world where IT can manage something as simple as a virtual environment and get out of the platform support and enterprise OS business. There are tools there today that allow this to happen and we have done some work in this area and released a white paper recently with our results, it is called Client Computing with a VUE and can be found at (http://communities.intel.com/docs/DOC-1638). The key is to make sure you start planning around these technologies now, versus scrambling to support them later.

Some of these technologies are flexible enough, they can be used to enable our users in ways we never could before - Imagine going home at night and not having to carry a laptop. Simply carrying a USB stick that has your IT build on it and being able to plug it into your home system to check email, review documents etc. Imagine users having a choice in the platforms they use. No longer is getting a system in IT like picking the first Model T, do you want black or black? We could enable our users today to be able to simply go to any computer access a website, log in and authenticate, and a few moments later, they can have corporate apps streamed to the system they are on and access their data from cloud storage.

IT can sometimes be more than a cost center - After reviewing some of these technologies, I realized we as IT could use some of these to provide more than standard services to the corporate environments we support. Imagine a corporate environment with thousands of desktops that users use day to day but don't fully utilize. Using some of these technologies, we can take processor and memory slices off these machines and add them to a grid computing environment. Allowing our corporation several thousand more process cycles without having to expand their server or data center space.

Again, not all of these can drop right into your environment today. Some things may need to change on the technology or your IT side. But the key is this area is changing fast. Let's stop thinking about how we have always done it and instead ask how we should do this tomorrow.

Feel free to comment and leave your thoughts!

A Company’s Greatest Security Threat and Asset

Matthew Rosenquist — Wed, 20 Aug 2008 18:03:49 GMT

Can an organizations greatest security asset also be its most serious threat? Yes it can.

The Greatest Asset
I manage information security for Intel’s mergers and acquisitions. Recently, I was evaluating an acquired company and delivering information security training to our newest employees on their collective hire date. As I was presenting the fundamentals of how to keep the company, their work, and our industry safe from cyber threats, an important security maxim was exemplified.

In interacting with the audience, I understood how they were accustomed to conduct business, the scope of information they handle on a daily basis, and their views on the value of security. I began to emphasize how the employee base was the greatest asset to information security and the combined force of a well informed, properly trained, and security savvy workforce dwarfs the efforts of the dedicated security staff. My recruitment speech sunk in and their faces glowed with pride. I saw a bit of excitement from the audience, that of empowerment and newfound responsibility. I was setting them up. Although absolutely true, a few slides later in my presentation I unveiled the stark reality.

The Greatest Threat
I asked to my newly recruited security champions what the greatest threat to the company was. Amid different answers, I revealed that THEY were the greatest threat. Not just them, but the entire workforce. The glow in their faces dimmed a bit. How can this be? How can our employees be both the greatest asset and the worst enemy in the cyber warfare trenches? They were shocked. They were dumbfounded. They were intrigued. I gave a dramatic pause. It is not often people are captivated by the boring and bothersome topic of information security. I savored the moment.

The real battlefield is in hearts and minds of employees. These new employees, more than any, represent the greatest challenge. They are accustomed to their previous ways, inundated with new-hire information, and are not familiar with the security expectations of their new corporate parent. Security policy is a distant concern on their first day. Every subsequent day, the separated cluster of workers will not benefit from the social reinforcement of good security practices as they are distanced from the collective body of experienced employees who exhibit secure behaviors.

We discussed how apathy, laziness, and circumventing policy for a quick gain, can cause significant weaknesses in security. Every employee has a responsibility to be secure and reinforce those fundamentals with their peers. A single employee through malice or carelessness can cause more damage than a legion of hackers. They must decide, through their actions, if they are the security marshals or the villains of the story. The battle is with the mindset of the employees. The finest security policy is worthless in the hands of an apathetic workforce.

In the end, the discussion was a success. It was not just training; it was an interactive dialogue talking to what is important and how every employee, now including them, work as a team to be Intel’s greatest security asset.

So, who do you market to?

Intel Developer Forum Demo: Streaming Media over WiMax

Catherine Spence — Tue, 19 Aug 2008 19:42:32 GMT

If you are at the Intel Developer Forum in San Francisco this week you might want to visit the System-on-a-Chip Community for a very cool demonstration of streaming media over WiMax. Our Intel IT Team put this demostration together working with the Intel product developers and their ecosystem partners.

This demonstration shows a connection between a corporate office and a remote branch office via WiMax. The branch office uses an all-in-one appliance (a secure mesh router) containing a WiMax radio. The corporate office has a WiMax basestation and streams multimedia content over the network connection back to the branch office.

The secure mesh router in the demonstration is built using an Intel(R) EP80579 Integrated Processor formerly known as Tolapai. EP80579 is the first integrated processor that is a system-on-a-chip (SOC). This is important because it hails a new generation of smart, flexible, light and simple devices for the embedded internet. As an IT Researcher I'm no product expert so check out the full official SOC Press Kit for more details.

Here are some pictures from IDF:

Stop in and say 'hi' to Bruce!

How do you record audits against software?

John Simpson — Tue, 12 Aug 2008 17:08:27 GMT

In the world of effective software inventory management there are audits. Those audits are done comparing the software to physical installations or against budget. There are audits performed when a HFE (Human Factors Engineer) analyzes your usability or those done to ensure that you have sufficient disaster recovery elements in place.

This happens every day against dozens of software applications and I have to ask the question -- where do you record this data? Does everyone have individual approaches and simply has a spreadsheet containing the data? Is it recorded anywhere?

I have to wonder where the value is in gathering data that has no reuse or exposure to the owners of the software solutions.

So I've been bouncing around an enhancement to allow certain groups to register (and report) on audits. Internally some people hate it and some love it.

What do you do?
Do you have yet another application for capturing software audits?
Do you do them at all?

Let me know.

Previous topics include Application inventory, what do you capture?, Application inventory starts with a definition, Application inventory as a cost savings initiative, Application Inventory, the start of data sustainability? and How do you measure data quality in your Application Inventory?.

Keep Your Scary Software Out of the Workplace!

Laurie Buczek — Wed, 30 Jul 2008 04:24:54 GMT

Today is the first day of participating in an IT Consortium around collaboration. The hot topic seems to be around Enterprise 2.0. Not surprising. I am speaking tomorrow around how Intel is using social computing tools to transform collaboration. I will admit that I entered this discussion with a misperception about other company's state of maturity in "going social." An open conversation began with discussions about whether companies block access behind the firewall to any social media sites. An unbelieveable 75% said "yes" to sites like Facebook and YouTube but a bit more were receptive to LinkedIn. I asked "why"? Answer: Business groups don't want their employees to "goof off" doing non-business activity during work time. Also expressed were security and information control concerns. I followed-up with a question asking of those companies that block social sites, how many have external corporate blog sites. Zero. I think corporations are trying to control something that no longer can be controlled.

I flashed back to a great post on Go Big Always. The article captured historical reactions to disruptive software and technologies to corporations. If you answered "yes" to blocking social sites and not finding business value in social software, then this is a MUST read! It shows that sometimes reactions to change are more out of fear, than logic. We are taking it as food for thought as Intel attempts to take our investment and usage of social software to the next level. Below are the article's key takeaways (re-published):

Email has no place at work (1994)
It’s clearly used for goofing off. The last thing I want are my employees wasting my money emailing each other. What’s the use case for email at work? What’s the ROI? Who else is doing it? See industry article

Internet access has no place at work (1996)
Giving employees access to the internet would be a massive productivity problem. Not to mention there are huge security concerns. What’s the reason employees should be allowed to cybersurf? See industry article

eCommerce is too high a risk for our company (1998)
Our company can’t afford the risk associated with opening ourselves up to new, unproven channels or even hacking. There are a lot of thieves online. Why would someone buy our products on the World Wide Web? See industry article

Instant Messaging has no place at work (2002)
It’s a massive distraction. Interruptions cost billions each year. Employees shouldn’t be allowed to spend time chatting all day work. Instant messaging has massive productivity loss implications. See industry article

Social Software has no place at work (2005)
It’s clearly used for goofing off. The last thing I want are my employees wasting my money blogging or networking with each other. What’s the use case for social software at work? See industry article

If IT is truly a strategic business partner, then let's start advising our businesses that not only can we not stop scary software, but that the software may not be that scary after all.