Skip navigation

Last month, I posted a long overdue update on the Energy Use in the Office Proof of Concept we’ve been working on. I wanted to give you quick status update as we’ve reached a major milestone. As I mentioned last month, for this proof of concept, we’re using a third party tool to “soft meter” individual’s PCs. The client portion of that tool was pushed to the proof of concept population this week and we’ll be starting the baseline collection period on Monday! This has been a long time coming and I’m very excited about finally reaching this stage of the project.


We’ll establish the baseline over the following 30 days and then formally launch the employee interaction phase of the PoC. Stay tuned for another update at that point.



By the way, I hope to release an external paper fully covering the project and results in early Q3.



-Mike Breton

IT Technology Evangelist

Announced on Earth Day 2010, InfoWorld recognized the Green IT Stars of 2010. We are excited to announce that Intel made the list for a 2nd year in a row.  Intel IT established an IT sustainabilty program office internally in 2008 to support Corporate Social Responsibility initiatives.  We realize in Intel IT that we play an important role in both supporting corporate responsibiilty and improving IT cost efficiency by pursuing innovation with an eye on sustainability.


In 2009, Intel IT was awarded Green 15 recognition for innovative cooling strategies in our data centers.


In 2010, Intel IT was recognized for the business benefits we deilvered to intel server refresh and innovative ways to measure utilization. Intel IT used an iSHARP (Interactive System Health and Resource Productivity) tool to identify and remove 5,000 servers from Intel’s computing environment, eliminating 8 million kWh and saving $645,000 in energy costs. Use these resources to share Intel IT’s best practices around energy efficiency, server refresh and IT Sustainability. Read more about this project here


Explore some of our other key projects supporting IT sustainability:

  • Having fun with Earth Day: Explore and share this fun video about the other projects that helped Intel IT reduce carbon footprint by 26,000 metric tons while saving a total of 49 million kWh in power consumption

  • Justifying Refresh to Business leaders.  This was a barrier we had to overcome internally.  Explore the model we used and customize it for your business with this online tool.

  • Discover how we extend Intel datacenter life by deploying innovative approaches in our facilities.  We used a Lean Six Sigma methodoloty to reduce energy consumption in a mature data center, saving money and extending the life of that data center


Read more about IT Sustainability from Intel at



As a security professional, I may have a heightened sense of awareness to the challenges that can result from not defining security requirements in a solution or product from the start. This is why I commonly describe security as everyone’s job to some extent, not just a responsibility within the security group of an organization. it is most important for an organization to prepare for and define possible security related events as a solution or product is in development and more specifically, as the requirements are being defined. It is a common mistake to assume these will be added on at a later date.


Security requirements may not be like those features requested by your customer and to formally define it, they must be actionable, measurable, and testable. But Security requirements are different from other requirements in that they are specifically based on mitigating threats such as those defined in the threat model. Security requirements should also be defined by what the corporate policy states within an organization and/or the classification of information processed by the solution or product.


As I described in one of my previous blogs - How and why to integrate security into the development of a solution or product, one important task for increased security is to create a threat model. The threat model is a task that allows a team to consider the current requirements and start predicting why and how a threat agent (who) would try to compromise the confidentiality, availability and integrity of the data and the application based on the data access control that should be enforced. Once a threat model has been completed, define the security objectives which may evolve throughout the development of the product. These security objectives can also describe what the solution will not do as a security non-goal, thus allowing the development team to finalize on the security requirements that are part of security objectives.


It should be considered an expectation that changes will take place during the product development lifecycle. The threat model and security objectives/requirements can be updated throughout the lifecycle so that as changes are approved for the current or next iteration, those changes are properly evaluated for security related risks and properly mitigated if deemed necessary. This phased approach also allows for an overall security strategy in consideration of communication flows and how each component may have different levels of access restrictions to create a security defense-in-depth strategy during the architecture and design phases.

Even robust enterprise anti-virus solutions do not fully protect systems from malware.  At any given time, anti-virus software will fend off only a certain percentage of new malicious code, and the numbers may surprise you.  The metrics reinforce the notion of establishing a comprehensive set of security capabilities in combination with strong anti-virus tools.

False sense of security

Do you feel safe from malware because you are diligent with your anti-virus(AV) deployment and frequent updates?  Ever wonder how effective anti-virus tools are at preventing malware?  Well here is the hard truth.  Expect a well managed anti-virus deployment to prevent against approximately 75% of malware landing on enterprise clients.


Hard Truth About AV.jpg

Still feeling warm and fuzzy?

The graph shows over a 6 month period, malware was prevented by up-to-date host anti-virus only ~75% of the time.  For approximately a quarter of the events, AV products did not identify the malware and failed to protect the system, even with currently available updates.

Systems get infected with new malicious code and unless you are actively looking, you will not know.  Eventually, the AV vendors track key markers and update their products which then clean the systems.  But that could be after the damage is done.  If you rely solely on AV, you are taking a gamble with terrible odds.

It's a malware race out there!

Over a million new specimens of malware are created every month!  AV vendors take on the momentous effort of detecting the code and updating their products with the means to prevent and remove such malware.  It is a relentless race between malicious code authors and the AV industry.  Malware is growing and the numbers will continue to increase over time with no end in sight.  The security of our systems and data hang in the balance.

Don’t laugh, but ~75% prevention is pretty good given the outpouring of new malicious code.  Without such protection, all hope is lost.  AV is important, but obviously it is not enough by itself.  Organizations must establish a more robust security service to pick up the slack.

Some believe, due to the effectiveness, AV is a thing of the past.  A small security community advocates abandoning client AV.  They are a minority.  I just don't see the sense in that stratagem.  In fact, I believe it is borderline insane.  Host based AV/malware agents sit at the right location to maximize protection, even if it is not 100%.  For now, no solution can match the contributions of a host based capability to monitor and counter malware.


A Defense in Depth strategy is important in considering the strengths and limitations of different controls, to establish a proper mix which delivers the optimal level of security.  Intel maintains a very strong capability to defeat malware, which includes predictive, preventative, detective and responsive aspects.  An enterprise managed host based anti-virus product is just one link in the chain of protection.


1. Employ other methods to keep malware at bay.  A good security strategy will include both behavior and technical controls.  Network and other communication based tools can block significant attacks before they get a chance to test the client AV. 
2. Keep AV current on the clients.  Don’t give up on AV.  Instead push for better processes to keep it up to date.  Eventually the AV researchers track down malware and release product updates to combat the threat.  Be ready to rapidly deploy those updates.
3. Purposefully look for the other ~25% (it is out there).  Knowing your AV is missing malware is half the battle.  Armed with your new field-intelligence, establish mechanisms to detect them.  A variety of options exists, including network scans, honey-pot systems, end-user reporting, and log monitoring for anomalies. 
4. Be proficient in response capabilities.  Effectively reacting to malware infections enables rapid removal and restoration of service for the infected host.

Real data for serious security

At Intel, we take security very seriously.  This graph is a real reflection of the state of client AV security.  For those of you who are interested in facts behind the metric:
1. This data represents ~100k hosts
2. The X axis are Work Week numbers for 2009/2010
3. This data is malware at the host.  Assume we have very strong measures which filter much of the malware before it can land on the hosts
4. The blue is malware detected by a commercial AV/HIPS solution using current signatures (therefore Prevented by the product)
5. Signatures are typically deployed to the environment within 2 hours of release by the vendor
6. The red bars are infections not protected by signatures but subsequently detected by our dedicated Threat Analysis team.  Once our team detects the malware we work with the vendor to get signature updates (which will subsequently turn them to Blue once the signatures are pushed)
7. Ballpark numbers: Over a 6 month period, on average ~25% of malware is NOT detected by standard signatures

Next Thursday April 22, 2010 marks the 40th anniversary of Earth Day. Once a year, people around the world think “green” on Earth Day.  However, many Business and IT professionals are thinking about green IT every day (#4 on Gartner's list of top 10 2010 technology trends), and are taking steps to innovate and invest in ways to improve IT Sustainability.


In my opinion, Earth Day and being “green” was created to challenge the way society manages available resources and the way individuals behave (recycle, reuse, …) .  The goals of Earth Day are strategic … and for these same reasons why green IT makes the list of top technology trends – the goals are strategic and benefits are far reaching across businesses and corporations.


Within the Intel IT organization, IT Sustainability is a core initiative.  In 2009, Intel IT implemented projects that reduced our consumption of IT-related and office energy by 49 million kHW, saving nearly $4 million for Intel and reducing our CO2 footprint by an estimated 26,000 metric tons.


The strategic relationship and benefits of IT Sustainability are shown in these results.


Less Energy Consumed (kWH) = Reduced Operating Costs ($) = Smaller Carbon Footprint (lbs CO2)


Our IT sustainability framework has taken time and commitment to create and embraces innovation across Data Centers, compute infrastructure as well as our employee compute offerings.  And as we innovate for sustainability we find benefits in other aspects of our business.  In the area of Green Print (we call it Secure Print), we have reduced the amount of paper within our enterprise while eliminating the number of abandoned print jobs lying unsecured at the public printer.  In the area of video conferencing we have dramatically impacted the ability for employees to collaborate across sites and eliminated thousands of hours of unnecessary travel.


I invite you to use these resources to learn more about what we at Intel IT are doing within our IT Sustainability initiative.


  • A CIO’s Perspective: Watch this video of Diane Bryant, Intel CIO, talking about IT’s Role and the strategic importance of both Corporate and IT Sustainability
  • Building a Sustainability Strategy: This whitepaper [pdf] titled “Building a Long Term Strategy for IT Sustainability” highlights the proactive steps Intel IT is taking across all aspects of our business from the way be build and operate data centers to the solutions we deliver to our employees.
  • Innovation in the Office: This whitepaper [pdf] titled “Reducing Energy Use in Offices” covers our adoption of SSDs, Intel vPRo Technology, deployment of and user training on PC Power Management as ways to reduce power consumption.
  • Measuring Environmental Impact: This whitepaper [pdf] discusses How Intel IT Measures our CO2 impact, using it as a Baseline for Innovation and Investment.

For those skeptics in the audience who might think green is just a fad or buzzword, I will have to admit, I wasn’t always a believer – however, now I can see the light … And I’ll give you one guess at what color the light is.



Filter Blog

By date: By tag: