Skip navigation
1 2 3 Previous Next

IT Peer Network

1,515 posts

Today, we raise a glass to you, our comrades in arms looking to improve your skills as a business pros, engineers, or experts in the art of technology. Today, we became one milestone stronger — a close-knit LinkedIn community of more than 75,000 IT and business professionals and our closest friends dedicated to being smarter, stronger, and more capable team members.


Working for something bigger than ourselves

Intel-05-05-2016-75K-Followers-Social.pngWe’re all in the same boat trying to catch enough wind in our sails to move this work ship along. As we learn new skills to do better business or implement new technologies, we share what we’ve learned with others here in the community. We look to more than just Intel to educate each other — even if it sometimes means promoting a competitor or cohort above ourselves. Because you know what? That is exactly the thing that makes us a united team. Sometimes we need to look beyond our bubbles to learn new ways of doing the same old things.


We built this community for you

We work painstakingly to find the best mix of content for you — from the IoT, to data centers to the PC (and other devices) and everything in between. We also look beyond our walls to cultivate thought-provoking industry news and trends to expand your skills. This is truly an edge-to-cloud knowledge-sharing experience. We find the articles that will resonate best with you and help you succeed as a professional.


Let us know what you would like to hear more about by simply commenting on our posts. We are listening.

The secret is you: We’ll keep sharing our favorite content and as long as you keep reading and asking questions so we can all grow together.

Now that you know our motivation, here’s where you can follow us to find more great information:

Here’s to another 75,000 followers and a growing educational hub. Please, keep in touch!

In today’s digital world, consumers face a barrage of online phishing attacks, new forms of nasty malware, and the risk of virus-infected desktops like never before. Unfortunately, cyber criminals do not discriminate, and it’s very easy to fall victim to their scams.


But what if you could rest easy at night knowing all of your pictures, videos, and personal files are securely stored on a high-capacity, always-available desktop PC that stays safely in your home? [i],[ii] Here are a few ways that Intel Security is making this possible.


Built-In Protection for Stronger Security


At its core, Intel-based desktops build security in from the silicon up to help safeguard your files, online transactions, data, and identity on a device that can reside securely in your home. Desktop PCs that are running 6th gen Intel Core processors feature hardware-based technologies that protect against a wide range of malware attacks and exploits—and help keep your system and data free from hacking, viruses, and prying eyes.


As an added layer of support, the hardware-based security capabilities of Intel Identity Protection Technology can be found on more than 500 million PCs[iii] to support trusted device authentication. Now you can enjoy amazing computing experiences and more control over your personal content and information without worrying about the next Trojan horse.


password.pngSay Goodbye to Passwords


Creating one strong password that you can remember is hard enough, but doing it for every single online account is almost impossible—until now. Many people use the same password everywhere, so it doesn’t take a skilled hacker to break into an account, just a good guesser.


“More than 90 percent of passwords today are weak, predictable, and ultimately crackable,” says Dave Singh, product marketer, Intel Client Computing Group. “What we’re trying to do is help consumers develop good security habits when they’re browsing and shopping online, and password managers make this very convenient by decreasing frustration to provide a better user experience on their PCs.”


As one example, True Key comes preloaded on most Intel-based desktop PCs with McAfee LiveSafe software. Users can sync their data across Windows, Mac, Android, and iOS devices and import passwords from all browsers and competitors. Advanced multi-factor authentication (MFA) and biometric security make it easy to sign into any account. Choose at least two different factors (e.g., trusted device, face, email, master password, numeric pin, or fingerprint) and the app will verify your identity. For additional security, you can add more factors and make your profile even stronger. Basically, True Key can recognize you and sign you in—eliminating the need for passwords altogether.


“With so many different ways to log in and get to your personal content and information, password managers can really help increase productivity by saving time and headaches,” adds Singh.


Seamless Online Shoppingcheckmoney.png


Imagine being able to walk up to your PC and have one central app manage your mobile wallet, healthcare account, or hotel membership profile. You can now book travel, buy and ship gifts or upload photos to the cloud more conveniently and better protected against malware.


Some password managers can also store wallet items—credit cards, addresses, memberships—and make it easy to “tap and pay” at checkout for secure online payments and transactions. Intel technologies feature fast, end-to-end data encryption to keep your information safe without slowing you down, with built-in hardware authentication to provide seamless protection for online transactions.


“Your high-capacity, always-available desktop can stay safely at your home with all your locally stored files, but you can securely access the information from other devices, including your smartphone,” Singh says.


“Paired with new Windows 10 sign-in options like Windows Hello, desktop computing is truly becoming more personal and secure. It really shows how digital security is advancing to work better together for the best home computing experience.”


So the next time you log into your home desktop PC, you can do it with a smile. Download the Flash Card for more tips on how to safeguard your digital security. 


[i] Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at

[ii] Requires an Intel® Ready Mode Technology-enabled system or motherboard, a genuine Intel® processor, Windows* 7, Windows 8.1, or Windows 10 OS. Results dependent upon hardware, applications installed, Internet connectivity, setup and configuration.

[iii] True Key™ by Intel Security. Security White Paper 1.0.


The Limitations of Security Data

We are constantly being bombarded by cybersecurity data, reports, and marketing collateral—and not all of this information should be treated equally. Security data inherently has limitations and biases, which result in varying value and relevance in how it should be applied. It is important to understand which is significant and how best to allow it to influence your decisions. 


There is a tsunami of security metrics, reports, analyses, blogs, papers, and articles vying for attention. Sources range from reporters, researchers, professional security teams, consultants, dedicated marketing groups, and even security-operations people who are adding data, figures, and opinions to the cauldron. We are flooded with data and all those who have opinions on it.


It was not always this way. Over a decade ago, it was an information desert, where even speculations were rare. Making decisions driven by data has always been a good practice. Years ago, many advocates were working hard to convince the industry to share information. Even a drop is better than none. Most groups that were capturing metrics were too frightened or embarrassed to share. Data was kept secret by everyone while decision makers were clamoring for security insights based upon industry numbers, which simply were not available. 


What Was the Result?

In the past, fear, uncertainty, and doubt ruled. People began to dread the worst and unscrupulous security marketing advocates took advantage, fanning the flames to sell products and snake oil. They were dark times, promulgated with outlandish claims of easily eradicating cyber threats with their software or appliance products. The market was riddled with magic boxes, silver-bullet software, and turn-key solutions to easily fix all security woes.  I can remember countless salespeople asserting “we solve security” (which at that point I stopped listening or kicked them out).  The concept of flipping a switch and all the complex problems of compute security forever goes away, was what uninformed organizations wanted to hear, but was simply unrealistic.  Why customers chose to believe such nonsense (when the problem and the effectiveness of potential solutions could not be quantified) is beyond me, but many did.  Trust in the security solutions industry was lost for a period of time.


Slowly, a trickle of informative sources began to produce reports and publish data. Such initiatives gained momentum with others joining in to share in limited amounts. It was a turning point. Armed with data and critical thinking, clarity and common sense began to take root. It was not perfect or quick, but the introduction of data from credible sources empowered security organizations to better understand the challenge and effective ways to maneuver against threats.


As the size of the market and competition grew, additional viewpoints joined the fray. Today, we are bombarded by all manner of cybersecurity information. Some are credible while others are not. There are several types of data being presented, ranging from speculations to hard research. Being well-informed is extremely valuable to decision makers. Now, the problem is figuring out how to filter and organize the data so one is not mislead.


As part of my role as a cybersecurity strategist, I both publish information to the community and consume vast amounts of industry data. To manage the burden and avoid the risks of believing less-than-trustworthy information, I have a quick guide to help structure the process. It is burned into my mind as a set of filters and rules, but I am committing it to paper in order to share. 


I categorize data into four buckets. These are: Speculation, Survey, Actuarial, and Research. Each has its pros and cons. The key to managing security data overload is to understand the limitations of each class, its respective value and its recommended usage.


Cybersecurity Data-Table.jpg

For example, Survey data is the most unreliable, but does have value in understanding the fears and perceptions of the respondent community.  Research data is normally very accurate but notoriously narrow in scope and may be late to the game.  One of my favorites is Actuarial data.  I am a pragmatic guy.  I want to know what is actually happening so I can make my own conclusions.  But there are limitations to Actuarial data as well.  It tends to be very limited in size and scope, so you can’t look too far into it and it is a reflection of the past, which may not align to the future. 

I hear lots of different complaints and criticisms when it comes to the validity, scope, intent, and usage of data.  I personally have my favorites and those which I refuse to even read.  Security data is notoriously difficult.  There are so many limitations and biases, it is far easier to point out issues than to see the diamond in the rough.  But data can be valuable if filtered, corrected for bias, and the limitations are known. Don’t go in blind.  Common sense must be applied.  Have a consistent method and structure to avoid pitfalls and maximize the data available to help you manage and maintain an optimal level of security.

Below are a few examples, in my opinion, of credible cybersecurity data across the spectrum of different categories.  Again keep in mind the limitations of each group and don’t make the mistake of using the information improperly!  Look to Speculation for the best opinions, Survey for the pulse of industry perceptions, Actuarial for real events, and Research for deep analysis:





  • Threat Intelligence Sharing surveyMcAfee Labs Threats Report March 2016
  • 20% jump in cybercrime in the UK since 2014 with nearly two-thirds of businesses expressing no confidence in the ability of law enforcement to deal with it, per PwC
  • 25% Americans believe they have experienced a data breach or cyber attack.  Travelers survey
  • 43% organizations surveyed indicated increases in cybersecurity will drive the most technology spending.  Source 2016 ESG IT spending intentions research report
  • 61% of CEO’s believe cyber threats pose a danger to corporate growth per PwC survey



  • 3 out of 5 Californians were victims of data breaches in 2015 according to the CA Attorney General in the 2016 California Data Breach Report
  • ~35% of the US population. Top 10 Healthcare breaches of 2015, affected almost 35% of the US population.  Source: Office of Civil Rights
  • Data Breach Investigations Report (DBIR) annual report by Verizon
  • 2016 Annual Security Report by Cisco
  • 42 million new unique pieces of malware discovered in Q4 2015, bringing the total known samples to almost 500 million, per McAfee Labs Threat Report  (March 2016, Malware section)
  • Security Intelligence Report (SIR) bi-annual report by Microsoft




By the way, yes, this very blog would be considered Speculation.  Treat it as such. 




Interested in more?  Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.

Security Balance.jpg

Good security is about balancing Risks, Costs, and Usability.  Too much or too little of each can be unhealthy and lead to unintended consequences.  We are entering an era where the risks of connected technology can exceed the inconveniences of interrupted online services or the release of sensitive data.  Failures can create life-safety issues and major economic impacts.  The modernization of healthcare, critical infrastructure, transportation, and defense industries is beginning to push the boundaries and directly impact people’s safety and prosperity.  Lives will hang in the balance and it is up to the technology providers, users, and organizations to ensure the necessary balance of security is present.


We are all cognizant of the risks in situations where insufficient security opens the door to exposure and the compromise of systems.  Vulnerabilities allow threats to undermine the availability of systems, confidentiality of data, and integrity of transactions.  On the other end of the spectrum, too much security can also cause serious issues.


A recent incident described how a piece of medical equipment crashed during a heart procedure due to an overly aggressive anti-virus scan setting.  The device, a Merge Hemo, is used to supervise heart catheterization procedures, while doctors insert a catheter inside blood vesicles to diagnose various types of heart diseases.  The module is connected to a PC that runs software to record and display data.  During a recent procedure, the application crashed due to the security software which began scanning for potential threats.  The patient remained sedated while the system was rebooted, before the procedure could be completed.  Although the patient was not harmed, the mis-configuration of the PC security software caused an interruption during an invasive medical procedure. 


Security is not an absolute.  There is a direct correlation between the increasing integration of highly connected and empowered devices, and the risks of elevated attack frequency with a greater severity of impacts.  The outcome of this particular situation was fortunate, but we should recognize the emerging risks and prepare to adapt as technology rapidly advances.


Striking a balance is important.  It may not seem intuitive, but yes, too much security can be a problem as well.  Protection is not free.  Benefits come with a cost.  Security functions can create overhead to performance, reduce productivity, and ruin users’ experiences.  Additionally, security can increase the overall cost of products and services.  These and other factors can create ripples in complex systems and result in unintended consequences.  We all agree security must also be present, but the reality is, there must be an appropriate balance.  The key is to achieve an optimal level, by tuning the risk management, costs, and usability aspects for any given environment and usage.




Interested in more?  Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.

Verizon 2016 DBIR.jpg

The annual Data Breach Incident Report (DBIR) is out and reinforcing the value of well-established cybersecurity practices.  The good folks at Verizon Enterprise have once again published one of the most respected annual reports in the security industry, the DBIR. 


The report sets itself apart with the author intentionally avoiding unreliable ‘survey’ data and instead striving to truly communicate what is actually happening across the cybersecurity breach landscape.  The perception of security typically differs greatly from reality, so this analysis provides some of the most relevant lessons for the field.


Report data is aggregated from real incidents that the company’s professional security services have responded to for external customers.  Additionally, a large number of security partners now also contribute data for the highly respected report.  Although this is not comprehensive across the industry, it does provide a unique and highly-valuable viewpoint, anchored in real incident response data.


Much of the findings support long-standing opinions on the greatest cybersecurity weaknesses and best practices.  Which is to say, I found nothing too surprising and it does reinforce the current directions for good advice.



Key Report Findings

1. Human Weaknesses

30% of phishing messages were opened by their intended victim

12% of those targets took the next step to open the malicious attachment or web link

2. Ransomware Rises

39% of crime-ware incidents were ransomware

3. Money for Data

95% of data breaches were motivated by financial gain

4. Attackers Sprint, Defenders Crawl

93% of data breaches were compromised in minutes

83% of victims took more than a week to detect breaches

5. Most of the Risk is from a Few Vulnerabilities

85% of successful traffic was attributed to the top 10 CVE vulnerabilities.  Although difficult to quantify and validate, it’s clear that top vulnerabilities should be prioritized



Key Lessons to Apply

1. Train users.  Users with permissions and trust are still the weakest link.  Phishing continues to be highly effective for attackers to leverage poorly trained users to give them access. 

2. Protect financially-valuable data from confidentiality, integrity, and availability attacks.  Expect attacks and be prepared to respond and recover.

3. Speed up detection capabilities.  Defenders must keep pace with attackers.  When preventative controls fail, it is imperative to quickly detect the exploit and maneuver to minimize overall impact.

4. Patch top vulnerabilities in operating systems, applications, and firmware.  Patch quickly or suffer.  It is a race; treat it as such.  Prioritize the work based upon severity ranking Serious vulnerabilities should not languish for months or years!


This is just a quick review.  The report contains much more information and insights.

I recommend reading the Executive Summary or the full DBIR Report.




Interested in more?  Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.

The Cloud is both compelling and alluring, offering benefits that entice many organizations into rapid adoption. The attractiveness of lower operational costs, powering new service offerings, and adaptability to cater to varying demands makes it almost irresistible to rush in.


But caution should be taken.


Leveraging cloud technologies can offer tremendous opportunities, with the caveat of potentially introducing new security problems and business risks.


These risks can include vulnerability to cyber-attacks, jeopardizing the confidentiality of data, and potentially undermining the integrity of transactions. Care must be taken to understand these challenges in order to properly design the environment and establish sustainable management processes to maintain a strong security posture. Information assurance is required.





How can you mitigate risks in the Cloud?

1. Be informed by understanding both the benefits and risks of cloud adoption.

2. Know the threats and types of attacks that put your cloud data and services at risk.

3. Establish practices to cover the Top 10 assurance categories for cloud.

4. Build a quality plan by leveraging expert resources.

5. Establish accountability across the lifecycle.

6. Don’t be afraid to ask. Nobody gets it right alone!


I recently presented strategic recommendations for cloud adoption to a community of application and infrastructure developers. The first step of the journey into the Cloud resides with teams pursuing the benefits and those accountable for maintaining the environment. It is important to follow a path of practical steps for cloud adoption in order to manage the risks while accessing the plethora of benefits. To be successful, teams must understand the security challenges, leverage available expertise and establish a comprehensive plan across the service lifecycle.



Interested in more?  Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.


While at the 2016 OpenStack summit in Austin, TX, I came upon a creative artwork titled the Diversity of Innovation. Marveling at the colorful graphic, I was intrigued by its powerful message that gave me pause.  Open Source, by design is a fertile ground for innovation as an environment that continuously brings complementing perspectives to bear on forward thinking technological concepts.  But, as the graphic implies, add a healthy dose of diversity to it and magic happens - an ecosystem already primed for innovation is injected with the diversity of the practitioners with varying characteristics and backgrounds.  Diversity met Innovation in an environment of Open Source at the OpenStack Summit - a conference where Intel VP Imad Sousou punctuated his keynote with the phrase --Open Stack Open Source Open Mind !!


ImadSouSou Intel.jpg

Little did I know that I would really live the experience of SouSou’s message during the conference.  There were two distinct encounters with a couple of attendees at this summit that characterized this message culminating in the poster on display on the last day of the conference.  Diversity can be manifested through varied representation from different countries, cultures, professions and other demographics.  But, there are ways that we can be diverse ourselves as individuals -- as my two open encounters reinforced at this conference.

I attended a panel session on Open Stack in the Enterprise -- Are we Doing Enough? This panel, moderated by one of the industry analysts had representation from multiple vendors as well as The OpenDaylight Project -- represented by its Executive Director, Neela Jacques


Many of the thoughts that Neela shared about the need for an Open Platform in the Telco world during his panel session resonated with me.  Over lunch, Neela was very cogent and articulate in his passionate thoughts around Open Culture and Open Source making me wonder if this white Caucasian looking guy I just met was born with Open Source in his bloodstream.  I was almost right! 


Neela explained that he spent many years in an Ashram in India where he had seen his mother lead a group of volunteers who always came together to collaborate and do goodness.  People who did this driven by their passion took it upon themselves to drive the community forward.  Based upon their skills and abilities, some of them emerged as experts in different domains. Meritocracy. The environment Neela grew up in exuded a culture that was flat by nature where titles did not mean much.  Sound familiar?


Hello Open Source !!


No wonder Neela was able to articulate his thoughts around Open Source concepts so clearly.  And then, he said that he was originally from France.  Talk about diverse backgrounds !  Remember, the cup of innovation served with a shot of Open Culture at Costa Coffee in downtown Raleigh, NC?


My encounter was with Nithya Ruff, Open Source Strategist at Sandisk.  Nithya shared her background from the state of Karnataka in India and various activities she is engaged with in the Silicon Valley for different causes.  Having exchanged some ideas with her on Social Media, I had a good feel for where she stood on Open Source (hello! Check out her role!) but I was pleasantly surprised to note that she is also a passionate advocate of Diversity.  She was one of the moderators of a discussion at this summit that focused on the vision of a world where the OpenStack community is truly and completely blind to meaningless differences in gender, color, creed and culture. Hello Diversity !! Checkout Nithya's quote in the graphic displayed at the conference: "A Company's Diversity can strengthen the core workforce" !!


People like Nithya and Neela have diversity in their upbringing which is very likely to influence their thought processes. Diversity in representation across color, sex, gender and race within a community is a good first step.  But, there is a lot to be said about the diversity within us which represents our own true mindset. 


Real diversity comes from within.


The OpenStack Summit had 7,500 attendees in 2016 compared to the 75 that it had in 2010.  The community has come a long way with representation from several countries around the world.  I heard so many different languages in the elevators and hallways that it did not quite feel like being in Austin, TX once you entered the Austin Convention Center. 


I am sure the OpenStack community has several individuals like Neela and Nithya from all parts of the world with diversity ingrained in their mindsets.


Which is why it will grow. Because it is such individuals who continuously give shape and form to the culture of Open Source -- one person at a time.


Like somebody I know very well recently said: Culture and Technology can drive the future of OpenStack.


Let the diverse minds prevail.


What say you?

I’ve been in IT a long time, and I can say unequivocally that in all those years I’ve never seen a more exciting array of new technology with so many opportunities to integrate and benefit. The Internet of Things (IoT)—sensors, intelligent gateways and edge processing, cloud and big data analytics, real-time synergy between disparate systems—the possibilities are almost dizzying. Smart factories. Smart data centers. Smart buildings. Smart parking garages and stadiums. Smart cities.


But how do we get from where we are—a tantalizing vision—to reality? How do we merge so many points of view into a cohesive whole that is practical to implement? In other words, how do we bring the Internet of Things to life? In my role as product development chief of staff for Intel IT, I’ve started at the ground floor of the IoT and have had an excellent opportunity to observe and experience both its benefits and its growth pains.


Fig1.pngEvery Thing Needs Interoperability

I propose that interoperability is the key to making the IoT mainstream. For the IoT to really work, “things” need to talk to each other. Facility things need to talk to IT things. IT things need to talk to manufacturing things and vice versa. And if we want interoperability, we need data standards. At Intel, we are working to “break the barriers” between IoT and IT. This work includes projects with our own IT and facilities teams, and with the industry as a whole, to help establish IoT data standards. You can read about some of our early work in our recent white paper, IoT Data Standards Provide the Foundation for Smart Buildings.


And it isn’t just things that need to talk to other things. People, too, need to change how they communicate. There can no longer be “the facility team” and “the IT team” and the “corporate services team.” For the IoT to reach its potential, these historically separate knowledge domains need to collaborate.


Here at Intel, we are making great strides in these areas. For example, we’re investing in a gateway service network and are closing gaps in wireless connectivity—important preparatory work before our factories and buildings can take full advantage of the IoT. In many ways, this early work is like clearing land for a construction project—we’re planning, removing obstacles, and clearing the path so all of Intel has the necessary tools and infrastructure.


Let me tell you about some of the projects at Intel that are building on this work.

  • In our factories, we are conducting proactive vibration analysis—sensors gather vibration data and analysts use that data to make sure silicon wafers aren’t damaged in processing. If the sensors determine that vibrations are outside an acceptable range, an alert is sent to the line manager. This prevents damaged wafers and saves Intel money.
  • In some conference rooms, we have installed sensors that know when someone enters the room and can automatically boot up the Mini PC running the Intel® Unite™ solution (a wireless collaboration tool), turn up the heat, and turn on the lights. These sensors are also connected to an online tool that employees can use to find an unoccupied conference room—boosting productivity and user experience. In the future, we hope to combine the IoT with our “know me/sense me/free me” initiative, so that users can set their personal preferences for heat and light settings, and when they enter a room, these settings are automatically configured.


Intel IT is working closely with Intel’s Corporate Services group—which is responsible for setting design standards for smart buildings. They have asked Intel IT to write the IoT dashboards for their projects, and are working with us to implement data standards. In this way, we can emulate Intel’s factories, which use a Copy Exactly methodology—each factory adheres to a strict, well-defined set of standards, which result in cost savings and high reliability.


In another example, the Intel Smart Building and Venue Experience Center was built on the Intel® IoT Platform and recently implemented in Chandler, Arizona, and is a showcase for the IoT. This center standardized more than a dozen smart stadium capabilities to increase operational efficiency, enhance the fan experience, and provide better security. The center has helped us create a blueprint of the necessary IoT technologies.


So far, we’ve brought about 42 groups through the center (just a few examples are representatives from Arizona State University, Michigan State University, and SAS Institute). When the facility teams saw the IoT in action and how data standards could integrate HVAC, lighting, digital signage—even towel dispensers in the bathrooms—it was like a lightbulb going off over their heads. Their next question is always: So how do we make this happen in our world?


Recipe for IoT Success

In my opinion, the following ingredients are pivotal to implementing IoT solutions on any kind of scale. We are implementing all of these at Intel, even as I write this.

  • Go slow to go fast. If you just start implementing changes rapidly without appropriate planning, you will end up with many legacy systems, some in the cloud, some not, some that will talk to each other, and some that won’t. It’s critical to first consider all implications so that you don’t just create a technological mess. Take the necessary time to plan properly and lay out the proper architecture and infrastructure to support current and future states. Starting with a common set of standards and desired end states can yield results much faster than randomly implementing solutions. The goal is to focus on common use cases, achieve the benefits of data reuse, and remove the majority of interoperability issues with systems that need to talk to each other. Plan the future, then build a foundation for that.
  • Build the right platform. You need a reusable, extensible platform to build on. Start it now. Ask yourself, as you choose projects—“Am I thinking for the future or am I just putting in more things that I will just have to pull out in three years?” For the IoT to be real, solutions need to be as Plug and Play as the ubiquitous USB devices are today. The foundation you build will keep operational expenses under control and will help ensure privacy, security, and manageability. It will support many uses cases and not just the occasional one-off project you’re currently working on.
  • Choose the right projects. Identify the high-priority personas or uses that will make your organization more efficient and that can integrate later with new use cases.
  • Make sure the network is ready. Think of the network as a sensor that can support analytics and manageability.
  • Address the culture challenges. IT departments are used to being autonomous. So are operations teams. But for the IoT to work well, you need to establish a culture of collaboration. We’re using cross-team meetings and other collaboration exercises to bring everyone together to reach a common goal.


Here at Intel, we’re starting with data and aligning that with our enterprise strategic goals. I’m envisioning the future state and goal, then working backwards to figure out how to create a single interoperable system that can make it real.


What Are You Doing to Make It Real?

The IoT can be intimidating. Data standards are still evolving. There’s a lot to be done. But at Intel, we’re already using the IoT to drive efficiency and support business growth. We believe there’s significant value to be gained by using the power of the IoT.


I’d be interested in hearing what other IT professionals are working on in the area of the IoT—what have been your challenges? Share your successes! I encourage you to join the conversation by leaving a comment below.


No one likes passwords, but the reality is we need some form of identification and authentication to protect our digital reputation and information as well as facilitate customized online experiences.  As we celebrate World Password Day 2016, it is time to make passwords both strong and easy to use.


Another year passes by and passwords still remain.  At some point, someone told you passwords were going away.  They lied.  Passwords are here to stay, in one shape or another.  Although unwieldly, they are still the most prevalent means to validate a user. 


The key to reduce the frustration is to streamline their use while still benefitting from the protection they provide.  But there is an inherent conundrum: if you don’t use them correctly, they don’t provide much protection.  If you do use them properly, they are horribly difficult to manage and adversely slow down our digital experiences. 


I may be an anomaly, but the number of login accounts I have now number well over one hundred.  Most I only use sporadically, but I do need them.  As a security advocate, I know better than to reuse passwords or simply increment them in a simple way.  That would be insecure.  To be honest, I don’t have much trust in some of the domains I sign-up for.  I suspect some admins might take a peek at user’s credentials or even worse, their security practices are insufficient and my password may eventually get breached by a malicious hacker.  Either way, I expect several of my passwords to be exposed eventually.  Attackers then like to try those passwords on other accounts and look for easy patterns that the victim might be using to facilitate their ease of use.  If the threats figure it out, it is bad news.  Like dominoes falling, your accounts too will tumble and be in the hands of attackers.  They can login, steal your data, and impersonate you if they wish.  The damage can be serious enough for anyone to regret employing simple shortcuts to save time.


Don’t despair, there is hope.  It is time to take the sting out of password management.


Password Day 2016.jpg

Passwords are only protective if you use them correctly, but they don’t have to be hard to live with.  Get organized, let technology do the work for you, and follow these 4 simple rules:

1. Use strong passwords or even better, a passphrase.

Passwords are useless if they can be guessed or easily succumb to brute-force attacks.  So, make them challenging.  Additionally, when in doubt, change them.  Top web services look for suspicious patterns of activity and will notify users of a possible account breach.  Don’t ignore these warnings!  Change your passwords immediately by opening a new browser window and navigating to the site to change your password (never click on links in emails to do this).

2. Make them unique.

Never reuse the same password across different sites.  That makes it simple for attackers to compromise your entire digital life.  Furthermore, don’t make simple increments when changing passwords.  Moving from Password1 to Password2 is just asking for trouble.

3. Use a password manager.

Retire the post-it notes or spreadsheet file.  Using a reputable password manager is a huge time saver and will actually add more security into the mix.  Integrated password managers can automatically log users into websites and applications, which is tremendously convenient.  They facilitate the use of insanely strong and unique passwords, and make dreaded expiration notices a snap to deal with.  No more trying to navigate and interpret the obscure hieroglyphs as part of your secret code.  Password managers can generate ridiculously complex passwords that you never need to type in.  They can handle the brunt of all the work.  There are secure solutions out there that help take pain out of the process, like True Key by Intel Security.

4. Biometrics and multifactor authentication is better!

Biometrics can greatly reduce the frustration of logging in.  Fingerprint readers are great on phones and facial recognition on PC’s to speed up access.  Such systems are also emerging which can detect when you walk away and then lock the device.  Next generation solutions will take it a step further and unlock it automatically as you return.  Multifactor authentication schemes should be employed in high value situations, where if your password is compromised, the attacker still needs another form of authentication to proceed.  This thwarts all but the most elite types of attack and is well worth the extra effort for financial accounts and very private communications. 


Passwords don’t have to be hard to live with.  Get organized and let technology do the work for you.  Passwords aren’t going away anytime soon.  Reduce the loathing and inconvenience while maintain good security.  Remain vigilant and your passwords can save you from your worst digital day.



Interested in more?  Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.  Also be sure to visit the Intel Security blog for the latest security news.


The New Way To Work

Posted by CHAD CONSTANT Apr 28, 2016


With the rise of today’s increasingly mobile workforce, we’re seeing a shift away from antiquated office environments. Technology advancements are evolving the traditional cubicle into mobile work stations where employees use their device of choice while no longer being chained to their desk. This has been a contributing factor to a massive wave of innovation we are seeing with some of the most well-designed business devices that eliminate physical work barriers of the past.


One of the latest and greatest examples of this is the recently introduced HP Chromebook 13 powered by the 6th Generation Intel® Core™ m processor. Customers considering Chromebooks get a range of productivity and mobility they need to work more efficiently for today’s office environment. A couple of things to highlight from a mobility perspective: with our 6th Generation Intel Core m processor inside, it means that employees can enjoy a long battery life, up to 10 hours, if they’re working on the go. It also means that they can have a great experience multitasking moving quickly across apps and browsing. HP and Google also achieved a first as this the thinnest and lightest Chromebook on the market measuring in at 12.9 mm when closed and weighing 2.86 pounds.


On the heels of our recent launch, businesses of all sizes are reacting positively to our portfolio of businesses solutions—from Intel Unite for conference room collaboration, to Intel Core and Intel Core vPro for business, these solutions are facilitating a new and better way to work. The HP Chromebook 13 is a great example of the continued innovation we’re driving with our partners.


Check out HP’s announcement and Google’s blog to learn more.



As the variety of IT equipment, infrastructure, and facilities equipment has increased, so has the number of data center management products. Over the years, an ideal goal was to have a management solution that would integrate IT equipment management and facility management—resulting in the centralized monitoring, management, and capacity planning of a data center's critical systems.  This concept is referred to as data center infrastructure management (DCIM).


Historically, IT and facilities have worked in separate silos. A DCIM solution can enable those groups to work together more closely to satisfy the needs of the business. Intel developed a data center management solution focused on power and thermal management, which is named Intel® Data Center Manager (Intel® DCM). This solution can be either integrated into a third-party DCIM console or used as a standalone tool.


The three physical resources that have the biggest impact on data center costs are power, cooling, and floor space. With Intel DCM, Intel IT has successfully collaborated with Intel’s facility management teams to manage these costs.


blog.jpgHere is a typical example of this new collaboration using Intel DCM: One day, an Intel data center operations manager received overheating alerts for several servers. The manager checked the Intel DCM console to locate the hot servers. The building’s facilities team had not seen anything abnormal on their monitors.


The data center operation manager found that an air conditioning unit had been accidentally powered off (therefore, it did not trigger a facilities alert). The unit was turned on, and the hotspot was fixed. Without Intel DCM’s rack- and server-level granularity of thermal data, the servers might have shut down, resulting in costly downtime.


In another instance, Intel DCM data in a data center revealed some hotspots. Facilities added another CRAC unit to increase the volume of cold air in the problematic area. Facilities also boosted airflow in the problem area by increasing the square-footage coverage of perforation tiles in the area from 22% to 50%.


By using Intel DCM, Intel IT can now monitor IT equipment and coordinate changes with facility managers across the major systems. Intel DCM is increasing operational efficiency and productivity and reducing human error in our data centers.


Data center management is an evolving and challenging field. I’d be interested in hearing what other IT professionals are doing to better manage their data centers and if you’re using Intel DCM. Please share your success stories and pain points. I encourage you to join the conversation by leaving a comment below.

As an enterprise organization we are facing a tremendous amount of pressure to move fast, enable the business, and address security threats. I am often asked what is different now than in previous years—we have always had technical change, there have always been security concerns, and we have always been asked to move faster and lower costs. The difference is the increase in pace in each one of these areas and the technical capabilities that are available to address them.


Previously, we standardized the client platform and determined the best applications to enable the business. Follow-on work was monitoring the platforms and applications for security and availability, and fine tuning performance. In essence we controlled the computing environment of our users and invested in helping to give them the best solutions possible at the right cost. The days of IT controlling the computing environment are quickly fading. We are now asked to support multiple client computing platforms and even promote it with Bring Your Own Device (BYOD) initiatives. With BYOD, we have seen increased consumer expectations for user experience and content availability. Advancements in cloud architectures are making applications and content available as needed, but this also brings greater security risks.


ApplicationSavings.pngTo address the quick time to market for applications and content, we implemented a strategy of using commercial applications through software as a service (SaaS) and developing internal applications through platform as a service (PaaS). We needed to provide a capability that enabled us to move with velocity, connect to internal systems and data, and provide the appropriate level of security and controls to protect our information. We have named our PaaS solution the Intel Cloud Application Platform.


The Intel Cloud Application Platform provides application and database services so developers can just focus on business functionality and code deployment. We have seen an enthusiastic organic adoption from our development teams with over 800 applications in development and 73.6 percent cost savings compared to infrastructure as a service (IaaS). With the Intel Cloud Application Platform, applications are developed and launched in days, instead of weeks. The adoption of the Intel Cloud Application Platform is minimizing our security risks with cloud-based solutions. This common development platform has enabled us to implement security best practices for environment configuration and management, code scanning, and identity and access control. The security best practices get integrated into new applications and existing solutions that are upgraded on the Intel Cloud Application Platform.


The Intel Cloud Application Platform has proved to be a critical capability for our developers, Intel business, and our information security teams as we adapt to the changing environment. I’d be very interested to hear about how my IT colleagues’ organizations are utilizing PaaS to increase velocity and agility—join the conversation by leaving a comment below!

The financial services sector is not known for making hasty decisions. But the industry is at a critical public perception turning point. Institutions aren't responding fast enough to competition from startups offering new digital services. Intel is already working in the industry to enable scalable standards for technology and security. This blog will highlight three tech segments in particular that will push traditional banking further into the digital age: blockchain currency, the Internet of Things (IoT), and cloud storage.


Blockchain: Regulation, Security, and Privacy


Blockchain currency, or cryptocurrency, is a decentralized, replicated peer-to-peer finance network capable of recording transactions. It's poised to transform payment processing by eliminating opaque and inefficient back-office systems. Major financial players like Visa, Nasdaq, Citi, and Capital One invested in blockchain currency in 2015.

And yet, questions of regulation, security, and privacy continue to surround the implementation of blockchain. Intel is working to implement trusted execution environments on its hardware chips to enhance security and privacy for blockchain users. Further, Intel is looking at developing highly customizable blockchain solutions that can be scaled up to millions of nodes for large-scale use-case scenarios. The first real use-case for blockchain technology would most likely not be used for FinTech, but instead in scenarios such as in-game credits for online games.


The Internet of Things and Money

In the push to adopt cutting edge FinTech solutions, financial services can’t ignore the Internet of Things. Indeed, there have been many failed ideas to come out of this new trend, but there’s also the potential for revolutionary technology. This technology could change how customers use and interact with financial services brands. IoT can connect customers to businesses in new ways. It can also empower them to make better financial decisions throughout their lives.


But the fact that so few established enterprises have yet to adopt these new technologies isn’t a huge surprise. The biggest hurdles to overcome? Regulation, compliance, and customer engagement in a changing environment, and the constant influx of new competition.


As the industry evolves, brands should concentrate on delivering customized and consistent experiences across all channels. Adopting these new methods requires a change in the very operating model of financial services. Brands will need to develop aggressive strategies that proactively participate in and lead digital disruption — rather than waiting and reacting as they’ve done in the past. This will help traditional financial organizations innovate at a pace that keeps them competitive.

In the Cloud

In the digital service economy, a key limiter for financial institutions is the data center infrastructure. Financial services have evolved beyond an era of servers dedicated to a single workload or department. Now, virtualized servers share infrastructure across departments. But the next shift is focusing on agile and efficient service delivery through cloud storage.


The consumer space jumped on cloud solutions fast. Financial services have held back, fearing potential security breaches. Replacing legacy architecture and IT silos with the cloud is helping banks get a 360-degree view of customers and their enterprise. These measures are improving operational efficiency, enhancing customer engagement, and supporting compliance and risk management.


The financial services sector is finally waking up to the innovations that startups have been creating for years. And old financial enterprises are finally ready to tap into this collective innovation. But it’s not that easy.


FinTech is disruptive in both a collaborative and competitive way, leaving traditional financial services with a lot of catching up to do. The good news is that these FinTech startups drive a culture of innovation the industry can leverage to deliver value in new ways. Intel is helping them do just that by delivering solutions for financial organizations to make this shift as easy as possible.


It is important and difficult to stay current with relevant issues in our industry.  Cybersecurity is furiously changing, fast in its pace, and rising in global importance.  Professionals must not only keep abreast of what is happening today, but also what is emerging on the horizon and heading our direction.  Security becomes stronger when professionals collectively explore ideas and actively collaborate on developing better practices.  As a cybersecurity strategist, my eyes are fixed on the future risks and opportunities.  Here is my list of what we all must be learning, discussing, and deliberating about now, so we can be prepared for what lies ahead.



Integrity Attacks will Rise to be the Next Wave in Cyber

One constant in cybersecurity is the continual rise in sophistication and creativity of the threats.  We are seeing the beginnings of a fundamental expansion to attacker’s techniques.  Integrity compromises will rise and join the more familiar Confidentiality (ex. Data Breach) and Availability (ex. Denial-of-Service) attacks.  Integrity attacks undermine the trust of transactions and communications.  Ransomware, Business Email Scams, and financial transaction fraud, are all growing examples of integrity compromises.  This third-wave will drive significantly greater impacts due to their nature, the lack of available security tools, and weak processes to manage the risks.  We are already witnessing savvy attackers making hundreds of millions of dollars in a single campaign and will likely see a billion dollar heist by the end of the year.  Everyone is at risk.

The Great Bank Robbery: Carbanak cybergang steals $1bn from 100 financial institutions worldwide

• $2.3 Billion Lost to CEO Email Scams: FBI Warns of Dramatic Increase in Business E-Mail Scams

• Bangladesh Bank Hack: How a hacker's typo helped stop a billion dollar bank heist



IoT Security:  Where Digital Life-Safety and Privacy Issues meets Consumers

Our insatiable desire to integrate technology with our lives is changing the equation of security and safety.  With the growth of the Internet of Things (IoT) devices going from 15 billion to 200 billion by 2020 and the focus by attackers to get more access to critical capabilities, we may be unwittingly handing life-safety controls to the cyber threats.  Such devices capture our conversations, video, health, activities, location, conversations, relationship connections, interests, and lifestyle.  Will personal discretion and privacy survive?


IoT security is a huge and complex topic in the industry, earning the attention of everyone from researchers to mainstream media.  Although transportation, healthcare, critical infrastructure, and drones are capturing most of the interest, connected devices and sensors are destined to be interwoven throughout businesses and across all walks of life.  The benefits will be tremendous, as will the accompanying risks.

• Growth of global IoT Security Market To Exhibit 55% CAGR As Threat Of Security Breaches Rises

Trust and security fears could hold back the Internet of Things

IoT and Privacy: Keeping Secrets from your Webcam

Police called after 'drone' hits plane landing at Heathrow



Why Ransomware will become the next scourge of security

The rise of ransomware is phenomenal, fleecing hundreds of millions of dollars from consumers, businesses, and even government agencies.  This financial windfall for cyber criminals will fuel continued innovation, creativity, and persistence to victimize as many people as possible.  It has found a soft spot, taking advantage of human frailties while targeting something of meaningful value to the victim, then offering remediation at an acceptable price point. This form of extortion is maturing quickly, exhibiting a high level of professional management, coding, and services.  Ransomware is proving very scalable and difficult to undermine.  It will surely continue because it is successful.  Can it be stopped?  How can everyday people and businesses protect themselves? Will security solutions rally? What will we see next in the rapid evolution of ransomware?

• Cyber Threat Alliance report: Lucrative Ransomware Attacks - Analysis of the CryptoWall Version 3

• US Computer Emergency Readiness Team: Ransomware and Recent Variants

Hospital Declares ‘Internal State of Emergency’ After Ransomware Infection



What are the Hidden Long Term Impacts of Cybersecurity?

The industry looks at cybersecurity as a series of never ending tactical issues to be individually addressed.  This is a symptomatic perspective, when the reality is a systemic problem.  The real impacts of the future are hidden from view and are staggering.  It is time we mature our perspectives and see the strategic problem and opportunities.  Estimates range from $3 trillion to $90 trillion dollars of global economic impact by 2030.  We as a community must understand the scale of the challenges and how addressing security in a tactical manner is simply not sustainable.  This is becoming a deep intellectual discussion topic among cyber strategists.  How do we change the mindset from short-term expensive fixes to a long-term effective treatment at a holistic level across the ecosystem?

The Hidden Costs of Cyber Attacks

Cybercrime may cost$2 trillion by 2019

$90 trillion dollars cyber impact for one scenario affecting the global benefits of Information and Communications Technologies by 2030

3 Trillion Aggregate economic impact of cybersecurity on technology trends, through 2020



The Battle for Security Leads to the Hardware

Stack.jpgAs attackers evolve, they get stronger, smarter, and more resourceful.  It has become a cat-and-mouse game between the threats and the pursuing security capabilities.  The trend is for attackers to move further down the technology stack.  Each successively lower lever affords more control and the ability to hide from the security above.  The most advantageous position is in the hardware, where the root-of-trust originates.  The race is on.  Advanced researchers and attackers are looking to outmaneuver security by compromising hardware and firmware of devices.


Traditional defensive structures must also advance to meet the new challenges.  Security features embedded or enhanced by hardware can be incredibly powerful to support effective defenses and visibility, even against the most advanced attacker.  Control of hardware and firmware will play an ever greater role in protecting technology and users.  Who will win?

The hardware roots of trust

Attackers Seek to Hack Hardware for Ultimate Control

Security on Silicon the Next Big Step in Cyber Protection



Job Crisis in Cybersecurity

Cybersecurity is in dire straits.  There is not enough talented security professionals to fill the need.  In a few years, there will be an estimated 1 ½-2 million unfilled cybersecurity positions.  This will have a catastrophic effect on securing people and technology.  Organizations have two problems; finding candidates to fill open positions and retaining the professionals they currently have from lucrative competitive offers.  The disparity between supply and growing demand drives up salaries, spurs aggressive headhunting, increases the costs of security operations, limits the overall comprehensiveness of shorthanded teams, and artificially extends the windows of opportunity for attackers.  It’s like trying to play competitive soccer without a full team in the field. 


The best way to correct the problem is to address the supply side of the equation.  More cybersecurity professionals are needed.  Long term, only academia can save cybersecurity and they are struggling to retool, to sufficiently prepare the next generation of security professionals.  Until then, this problem will affect every organization who needs security staff, potentially for years to come, and may drive up the use of Managed Security Service Providers (MSSP’s).

• The Center for Cyber Safety and Education report: 2020 predictions expecting the shortfall of information security positions to reach 1.5 million

One Million Cybersecurity Job Openings In 2016

Higher Education Must Save Cybersecurity

Job Market Intelligence: Cybersecurity Jobs 2015 report published by Burning Glass Technologies



Cybersecurity Predictions for 2016

Top 10 Cybersecurity Predictions for 2016.jpgA slew of expert predictions is now available from a variety of sources.  They typically come out by the end of the first quarter and although some are better than others, all of them provide perspectives for 2016 and beyond.  Peering into the future of cybersecurity provides valuable insights around the challenges and opportunities.  The industry is changing rapidly and attackers seem to always be one step ahead.  Take advantage of what the experts are taking about, but beware some are trying to sell you their wares.  Understand how anticipated trends will affect your organization, customers, and partners in the industry.  Plan how you can adapt to find a sustainable balance in managing the security of computing capabilities and technology.

Intel Security McAfee Labs 2016 Threat Predictions whitepaper 

Top 10 Cybersecurity Predictions for 2016 and Beyond

The Top 16 Security Predictions from Companies and Magazines



How versed are you in these topics?  I believe they will have far reaching repercussions and every cybersecurity professional should understand these areas.  Those who benefit from the insights of the future, can be better prepared to adapt to the changes.




Interested in more?  Follow me on Twitter (@Matt_Rosenquist) and LinkedIn to hear insights and what is going on in cybersecurity.

Imagine a device that could fit in the palm of your hand that allowed you to stream content, play light games, and check your social media or email on any HDMI television.  That would be pretty convenient, wouldn’t it? Welcome to the new Intel®-based compute stick.

Get More Out of Your TV



From living rooms to hotel rooms, big screen HDTVs are practically everywhere. But what if your television could do more? With a new compute stick—featuring an Intel® processor, built-in Windows 10 OS, on-board storage, Wi-Fi, and Bluetooth, you can stream content, access rich media, play light games, and even check your favorite social media sites on the biggest screen in the house. Picture richer experiences and limitless entertainment options as an extension of your regular TV, which also lets you stay connected to the rest of the world.


“With the compute stick, there are virtually no limits to what you can get on your TV as far as the type of entertainment you want to access,” said Xavier Lauwaert, category manager at Intel Client Computing Group. “It’s one of the rare devices that enables you to easily connect online and start watching your favorite movies or soap operas, anywhere in the world, from the comfort of your couch or your hotel room.”


Given its size, you can also take your personal content with you and safely store your personal files locally with built-in storage and a Micro SD slot so always-on Internet is not required to enjoy your content.

“I like to say a Compute stick gives your TV a college degree and your smart TV a PhD. As long as it has a website, you can access almost anything, anywhere,” Lauwaert adds.


Enrich Streaming and Gaming



The compute stick lets you access the full universe of streaming entertainment services that you can watch on any web browser. Fans of Netflix or YouTube can live stream movies, music, or video. That’s pretty useful if you’re on the road and need to catch up on the latest zombie apocalypse drama or have free time at home to binge watch an entire season.

“As a Windows device, you can even access premium content through iTunes,” adds Lauwaert. “It’s the only non-iOS device that enables access to that type of content on something that’s smaller than the size of your palm.”

For light gamers, the compute stick connects easily to the Windows Store, which boasts a pretty exhaustive library of Windows 10 titles such as Minecraft: Windows 10 Edition Beta, Age of Empires: Castle Siege and Angry Birds. More and more titles are added to the store every day, so now, consumers can enjoy light gaming in any room of the house and rack up those Xbox Achievements along the way.


“Windows 10 includes a dedicated Xbox app, which is the gateway to the Xbox Live ecosystem,” Lauwaert said. “Whether you own an Xbox One or not, the app provides a tool to connect gamers and sharing content through the compute stick. For example, gamers can also record and clip their most epic gaming moments with built-in Game DVR and then share them with their Xbox Live friends.”


Multitask MassivelyCompute_Social_TwitterContent.png


Stream content, check email, browse the web, and stay connected on social media—all at the same time and on the same huge HDTV screen. The Intel®-based compute stick with Windows 10 includes a feature to split your TV screen or monitor so you can multitask to your heart’s content.


“One of the cool things about Windows 10 is the updated Snap Assist feature,” adds Lauwaert. “You can snap a window and resize it to two-thirds of your TV screen for the content you’re watching, and then snap a second window to automatically fill in the available space for your social media profiles.”


“For example, anyone can watch the national basketball tournament on one side, and on the other side, you’ve got your Twitter feed so you can follow the online conversation about the game.”


If you’re ready to get more out of your HDTV, download this handy Flash Card to learn more.


Filter Blog

By date: By tag: