There’s Big Data, then there’s really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges.
In her session at 6th Big Data Expo®, Hannah Smalltree, Director at Treasure Data, to discuss how IoT, Big Data and deployments are processing massive data volumes from wearables, utilities and other mach...| By Gilad Parann-Nissany | Article Rating: |
|
| October 10, 2014 02:00 PM EDT | Reads: |
1,495 |
By Lohit Mehta
Every organization should follow a proactive rather than a reactive approach to protect against threats, risks, and vulnerabilities to which if their IT infrastructure is exposed can lead to data loss, regulatory penalties, lawsuits, and damaged reputation. Moving on the same lines, to reduce credit card fraud via its exposure, a standard known as Payment Card Industry Data Security Standard (PCI DSS) was formed.
History
Payment Card Industry Security Standards Council (PCI SSC) had developed a standard known as PCI Data Security Standard (PCI DSS), which comprises 12 core security areas to protect credit card holder data from theft, misuse, etc. These requirements apply to all entities involved in payment card processing, including merchants, processors, and 3rd party service providers that store, process and transmit cardholder data. PCI DSS originally began as five different programs:
- Visa’s Cardholder Information Security Program
- MasterCard’s Site Data Protection
- American Express’ Data Security Operating Policy
- Discover’s Information Security and Compliance
- JCB’s Data Security Program
The motive of the above listed companies was to protect the card holder by providing some guidelines to merchants or any other entity which is involved in storing, processing and transmitting cardholder data. From the above listed companies, a PCI Security Standards Council (SSC) was formed, and the first version of PCI DSS 1.0 was released in December 2004. Because of rapid changes in technology, new mode of payments, attack vectors, regulatory laws, etc., this version got back to back updates from 1.1 to 1.2. PCI subsequent versions 2.0 and 3.0 were released in October 2010 and November 2013 respectively.
One major theme that forms the basis of PCI-DSS 3.0, apart from some notable ones like education and awareness around payment security, increased flexibility to handle risks, and security as a shared responsibility, is to make PCI-DSS a Business As Usual (BAU) practice. The purpose of this document is to outlay the key drivers that led to PCI-DSS 3.0. Below are the key drivers and challenges that lead to PCI-DSS 3.0.
Lack of education and awareness around payment security

Due to lack of education and awareness around payment security, employees usually leave security holes in their developed applications by not following best security practices to code, picking up weak passwords, and sharing company information on public and social platforms. PCI-DSS 3.0 has incorporated requirements such as 8.4 that focus on personnel trainings, guidance around payment security, guidance for selecting and protecting authentication credentials, instructions to change passwords in case of any suspicion detected, etc.
The PCI-DSS council has gone a step ahead and also focuses on major sales points where card data is processed ie. POS terminal and brings these terminals under scope, as attacks on POS devices like cloning, addition of card skimmers, etc. are on a high. Requirement 9.9 which is to “Protect devices that capture card data via direct physical interaction with the card from tampering and substitution” is added to address the POS threat challenge. This requirement will now make organizations maintain an up-to date list of devices deployed at various sites. This list will contain information about POS devices such as:
- Unique serial number of the device
- Make and model of device
- Location details at which it is deployed.
This requirement also focuses on providing training for end-personnel to be aware about the attempted tampering or replacement of authentic POS devices. Organizations need to conduct periodic reviews of devices to check for any evidence of substitution or tampering.
Third party security challenges
As per the security investigation report, 63 percent of security deficiencies that can result in breach or loss of cardholder data falls in the 3rd party IT landscape, whose business function is to process, transmit and store cardholder data received either from merchant or service providers. To handle crises whenever there is a breach resulting in cardholder data loss and no one to take ownership of that, PCI has added requirements 12.8, 12.9 to made it clear that both the engaging parties need to seal the deal with a written agreement, which should state a clear responsibility matrix. This requirement also requires the organization to do a proper due-diligence of the IT landscape, process, services offered, and security controls in place before entering into a formal agreement.
Along with the above stated requirement, PCI has also stated an additional requirement for service providers with requirement number 8.5.1 to maintain unique credentials for each customer when accessing their premises remotely for services like support of POS systems. This requirement will prevent the compromise of multiple customers’ account profiles in case the service provider used the same credentials for all the service providers and that in turn is compromised. Also service providers must set up strong credentials to access customer premises and should adopt best practice policies like a password change policy, etc.
Anti-malware solutions
The earlier PCI-DSS 2.0 standard specifies that there should be an antivirus solution deployed to protect the CDE environment from viruses, malware, etc. and that it should be completely updated with the latest patches and signatures, but the requirement did not specify about the access control settings over the AV software, such as access control over the AV manager, meaning who can only disable the AV solution and who can view its logs and edit the configuration changes. However in PCI-DSS 3.0, requirement 5.3 now requires organizations to deploy tighter policy based controls around antivirus solution that will require authorization to access and alter the configuration settings of the AV solution.
To keep controls deployment and maintenance costs in check, merchants generally come up with a classification of important endpoints that will be covered under security controls deployment like antivirus. Though asset classifications is a good practice, merchants do not generally update these lists with the ever-changing threat landscape. Keeping this in check, PCI-DSS has added a new requirement 5.1.2 which requires merchants to identify and evaluate evolving threats against systems which are not commonly affected by malicious software like mainframes, so as to develop a tighter antivirus security around all the systems in the CDE environment. Merchants can take guidance from vendors to understand the changing threat landscape and to evaluate whether their unprotected systems come under newly discovered vulnerabilities.
Penetration testing
One of the key drivers and significant changes in PCI-DSS 3.0 is addition of the requirement for merchants to conduct penetration testing on their cardholder environment. SSC has laid emphasis on the point that merchants/service providers must adopt an industry wide accepted penetration testing like NIST SP 800-15. PCI requirements also need to conduct penetration tests not only at the application level but also at the network level against devices that are deployed at the perimeter (say for segregation) or deployed inside CDE environment. PCI requirement 13.4 would require providers to conduct:
- Annual penetration tests on the external network and when there is any significant change in infrastructure or applications deployed in CDE environment.
- Annual penetration tests on the internal network and when there is any significant change in infrastructure or applications deployed in CDE environment.
- Annual penetration tests on the boundary defense of CDE environment or around the segmentation controls that are used to isolate the CDE environment to check their effectiveness.
- Adopt the cyclic process of Test (Conduct Penetration testing (PT)) > Remediate (Fix Vulnerabilities) > Re-Test (Conduct PT again) until all the vulnerabilities found are fixed.
- Requires merchants/service providers to retain the Penetration testing results and remediation activities as per the adopted industry driven approach.
Inventory list
PCI has made it mandatory for retailers to maintain an inventory list of all the in-scope devices for CDE environment. With addition of requirement 2.4 which states, “Maintain an inventory of systems components that in scope of PCI DSS”, PCI made sure that retailers keep updating their inventory list with the already in action system components or to any newly added one. To avoid any confusion, PCI has also mentioned in some drilled down requirements what all needs to be put in the inventory list, such as:
- Requirement no 11.1.1 states that “maintain an inventory of authorized wireless access points including a documented business justification ” will require retailers to maintain an inventory list for all access points with a proper business justification.
- Requirement no 9.7.1 states that to “Properly maintain inventory logs of all media and conduct media inventories at least annually” will require retailers to maintain an inventory list of all the media so that stolen or missing media should not go unnoticed.
- Requirement no 12.3.4 requires retailers to maintain an inventory of all physical devices with proper labeling to mark any unapproved installations.
However, the above stated requirement to maintain an inventory list will be very difficult for organizations to maintain until they fully practice the requirement no 1.1.3 which requires organizations to maintain an updated data flow diagram (DFD) to showcase all the controls that are in CDE environment. With an updated DFD, organizations will be able to classify what is in-scope and out of scope for their CDE environment.
Business as Usual (BaU)
One of the major themes of PCI-DSS 3.0 is to make it as a Business as Usual (BAU) Practice rather than compliance. As PCI-DSS covers a majority of mid-sized business that either do not have a large IT department or they have very few information security groups which can work to keep their business PCI-DSS-ready for audits and to incorporate any last minute hiccups. Making PCI-DSS as a BAU will require organizations to keep their PCI-DSS checklist updated regularly with any change in their CDE environment. Merchants should keep a check and document all the changes done in their cardholder data environment (CDE). These includes:
- Regular monitoring of security controls like firewall, AV solutions, access controls, IDS/IPS, Security Incident and Event Management (SIEM), etc. in CDE environment to ensure that they are correct, updated and their functioning is secure.
- Reviewing the security posture of the CDE environment with addition of new systems and devices, changes in configurations of security controls, organizational structure changes, etc.
- Reviewing latest best practices, support issued by vendors for the security devices that are placed in CDE environment to make sure that the cardholder data is secured from evolving threats.
Conclusion
PCI-DSS 3.0 has incorporated some good new requirements as per the changing threat landscape, included the end user to understand about payment security, and clarified some statements for proper understanding of merchants and 3rd party service providers. Some of the changed requirements that are incorporated in PCI DSS 3.0 are termed as best practice for some time now, after which they will become mandatory for every organization to implement. PCI DSS 3.0 will surely make merchants, service providers or any entity that is processing, storing and transmitting cardholder data and is under PCI scope to revisit and enhance their existing strategy for protecting cardholder information.
References
https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf
Author Bio:
Lohit Mehta is a Security Researcher for the InfoSec Institute. He has experience working with RFPs/RFIs; Security HLD and LLD design; Network Security elements like Firewall, IDS/IPS, DLP, Reverse proxy, WAF; in Public Key Infrastructure(PKI); in Application Security testing for OWASP Top 10; in Compliance’s like PCI-DSS 2.0,3.0 , ISO 27k1, HIPPA; with Cloud Service Provider’s such as AWS; in Security Incident and Event Management(SIEM) with tools like Splunk; in Vulnerability Testing.
The post PCI DSS: What You Need to Know appeared first on Porticor Cloud Security.
Published October 10, 2014 Reads 1,495
Copyright © 2014 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
More Stories By Gilad Parann-Nissany
Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.
There’s Big Data, then there’s really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges.
In her session at 6th Big Data Expo®, Hannah Smalltree, Director at Treasure Data, to discuss how IoT, Big Data and deployments are processing massive data volumes from wearables, utilities and other mach...Oct. 11, 2014 05:15 PM EDT Reads: 102 |
By Elizabeth White Where historically app development would require developers to manage device functionality, application environment and application logic, today new platforms are emerging that are IoT focused and arm developers with cloud based connectivity and communications, development, monitoring, management and analytics tools. In her session at Internet of @ThingsExpo, Seema Jethani, Director of Product Management at Basho Technologies, will explore how to rapidly prototype using IoT cloud platforms and choose the right platform to match application requirements, security and privacy needs, data managem...Oct. 11, 2014 05:00 PM EDT Reads: 2,303 |
By Elizabeth White Where historically app development would require developers to manage device functionality, application environment and application logic, today new platforms are emerging that are IoT focused and arm developers with cloud based connectivity and communications, development, monitoring, management and analytics tools.Oct. 11, 2014 05:00 PM EDT Reads: 1,041 |
By Elizabeth White Building low cost wearable devices can enhance the quality of our lives. In his session at Internet of @ThingsExpo, Sai Yamanoor, Embedded Software Engineer at Altschool, will provide an example of putting together a small keychain within a $50 budget that educates the user about the air quality in their surroundings. He will also provide examples such as building a wearable device that provides transit or recreational information. He will review the resources available to build wearable devices at home including open source hardware, the raw materials required and the options available to pow...Oct. 10, 2014 05:00 PM EDT Reads: 1,930 |
By Carmen Gonzalez The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, and physical persons.
Oct. 10, 2014 04:15 PM EDT Reads: 1,694 |
By Roger Strukhoff Noted IoT expert and researcher Joseph di Paolantonio (pictured below) has joined the @ThingsExpo faculty. Joseph, who describes himself as an “Independent Thinker” from DataArchon, will speak on the topic of “Smart Grids & Managing Big Utilities.”
Over his career, Joseph di Paolantonio has worked in the energy, renewables, aerospace, telecommunications, and information technology industries. His expertise is in data analysis, system engineering, Bayesian statistics, data warehouses, business intelligence, data mining, predictive methods, and very large databases (VLDB). Prior to DataArcho...Oct. 10, 2014 04:00 PM EDT Reads: 1,987 |
By Elizabeth White The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech?
In his session at Internet of @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, will discuss the underlying factors that are driving the economics of intelligent systems. Discover how hardware commoditization, the ubiquitous nature of connectivity, and the emergen...Oct. 10, 2014 03:00 PM EDT Reads: 2,265 |
By Carmen Gonzalez Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity. In his session at Internet of @ThingsExpo, Mac Devine, Distinguished Engineer at IBM, will discuss bringing these three elements together via Systems of Discover.Oct. 10, 2014 02:00 PM EDT Reads: 1,709 |
By Elizabeth White The Internet of Things is a misnomer. That implies that everything is on the Internet, and that simply should not be – especially for things that are blurring the line between medical devices that stimulate like a pacemaker and quantified self-sensors like a pedometer or pulse tracker. The mesh of things that we manage must be segmented into zones of trust for sensing data, transmitting data, receiving command and control administrative changes, and peer-to-peer mesh messaging. Oct. 10, 2014 02:00 PM EDT Reads: 1,473 |
By Carmen Gonzalez The Internet of Things (IoT) is going to require a new way of thinking and of developing software for speed, security and innovation. This requires IT leaders to balance business as usual while anticipating for the next market and technology trends. Cloud provides the right IT asset portfolio to help today’s IT leaders manage the old and prepare for the new. Today the cloud conversation is evolving from private and public to hybrid. This session will provide use cases and insights to reinforce the value of the network in helping organizations to maximize their company’s cloud experience.Oct. 10, 2014 01:00 PM EDT Reads: 2,477 |
By Elizabeth White With the addition of new high-bandwidth channels, performance is increased twenty-fold on a single computer producing upwards of 32 million events per second; in a scaled-out architecture, performance can increase massively to billions of events per second. This industry-leading performance is achieved by splitting a data stream into multiple, separate channels to exploit the power of parallel processing pipelines whenever possible; thus ensuring no interactions occur and zero bottlenecks are created. This new capability means developers can structure their applications in such a way that the ...Oct. 10, 2014 12:00 PM EDT Reads: 1,676 |
By Liz McMillan Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy.
How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Architect for the Internet of Things and Intelligent Systems at Red Hat, will describe how to revoluti...Oct. 10, 2014 09:00 AM EDT Reads: 2,364 |
By Carmen Gonzalez Software AG helps organizations transform into Digital Enterprises, so they can differentiate from competitors and better engage customers, partners and employees. Using the Software AG Suite, companies can close the gap between business and IT to create digital systems of differentiation that drive front-line agility. We offer four on-ramps to the Digital Enterprise: alignment through collaborative process analysis; transformation through portfolio management; agility through process automation and
integration; and visibility through intelligent business operations and big data.Oct. 10, 2014 08:00 AM EDT Reads: 2,265 |
By Elizabeth White P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability.
In his session at Internet of @ThingsExpo, Erik Lagerway, Co-founder of Hookflash, will walk through the shifting landscape of traditional telephone and voice s...Oct. 9, 2014 05:00 PM EDT Reads: 2,239 |
By Elizabeth White Predicted by Gartner to add $1.9 trillion to the global economy by 2020, the Internet of Everything (IoE) is based on the idea that devices, systems and services will connect in simple, transparent ways, enabling seamless interactions among devices across brands and sectors. As this vision unfolds, it is clear that no single company can accomplish the level of interoperability required to support the horizontal aspects of the IoE.
The AllSeen Alliance, announced in December 2013, was formed with the goal to advance IoE adoption and innovation in the connected home, healthcare, education, aut...Oct. 9, 2014 04:45 PM EDT Reads: 2,433 |
By Liz McMillan As Platform as a Service (PaaS) matures as a category, developers should have the ability to use the programming language of their choice to build applications and have access to a wide array of services. Bluemix is IBM's open cloud development platform that enables users to easily build cloud-based, creative mobile and web applications without having to spend large amounts of time and resources on configuring infrastructure and multiple software licenses. In this track, you will learn about the array of services to support and accelerate application development, as well as building applicatio...Oct. 9, 2014 02:00 PM EDT Reads: 1,879 |
By Carmen Gonzalez The world's leading 'Internet of Things' event, @ThingsExpo has launched IoT Journal on the SYS-CON.com portal, featuring over 5,500 original articles, news stories, features, and blog entries. IoT Journal becomes the world's leading resource for the Internet of Things. SYS-CON Media CEO Carmen Gonzalez is founder and publisher of IoT Journal, and Roger Strukhoff, long-time SYS-CON editor and the conference chair of @ThingsExpo is the editor of the world's leading IoT resource. IoT Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees bett...Oct. 9, 2014 01:00 PM EDT Reads: 3,632 Replies: 1 |
By Liz McMillan The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open.
The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.Oct. 9, 2014 01:00 PM EDT Reads: 4,155 |
By Elizabeth White Internet of @ThingsExpo announced today a limited time free "Expo Plus" registration option. On site registration price of $600 will be set to 'free' for delegates who register during this period. To take advantage of this opportunity, attendees can use the coupon code "IoTAugust" and secure their "@ThingsExpo Plus" registration to attend all keynotes, as well as limited number of technical sessions each day of the show, in addition to full access to the expo floor and the @ThingsExpo hackathon. Registration page is located at the @ThingsExpo site.Oct. 9, 2014 10:00 AM EDT Reads: 3,226 |
By Liz McMillan The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, data security and privacy.
In his session at 15th Cloud Expo, Dave Duggal, Founder and Managing Dire...Oct. 8, 2014 10:15 PM EDT Reads: 1,832 |

Where historically app development would require developers to manage device functionality, application environment and application logic, today new platforms are emerging that are IoT focused and arm developers with cloud based connectivity and communications, development, monitoring, management and analytics tools. In her session at Internet of @ThingsExpo, Seema Jethani, Director of Product Management at Basho Technologies, will explore how to rapidly prototype using IoT cloud platforms and choose the right platform to match application requirements, security and privacy needs, data managem...
Building low cost wearable devices can enhance the quality of our lives. In his session at Internet of @ThingsExpo, Sai Yamanoor, Embedded Software Engineer at Altschool, will provide an example of putting together a small keychain within a $50 budget that educates the user about the air quality in their surroundings. He will also provide examples such as building a wearable device that provides transit or recreational information. He will review the resources available to build wearable devices at home including open source hardware, the raw materials required and the options available to pow...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, and physical persons.
Noted IoT expert and researcher Joseph di Paolantonio (pictured below) has joined the @ThingsExpo faculty. Joseph, who describes himself as an “Independent Thinker” from DataArchon, will speak on the topic of “Smart Grids & Managing Big Utilities.”
Over his career, Joseph di Paolantonio has worked in the energy, renewables, aerospace, telecommunications, and information technology industries. His expertise is in data analysis, system engineering, Bayesian statistics, data warehouses, business intelligence, data mining, predictive methods, and very large databases (VLDB). Prior to DataArcho...
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech?
In his session at Internet of @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, will discuss the underlying factors that are driving the economics of intelligent systems. Discover how hardware commoditization, the ubiquitous nature of connectivity, and the emergen...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity. In his session at Internet of @ThingsExpo, Mac Devine, Distinguished Engineer at IBM, will discuss bringing these three elements together via Systems of Discover.
The Internet of Things is a misnomer. That implies that everything is on the Internet, and that simply should not be – especially for things that are blurring the line between medical devices that stimulate like a pacemaker and quantified self-sensors like a pedometer or pulse tracker. The mesh of things that we manage must be segmented into zones of trust for sensing data, transmitting data, receiving command and control administrative changes, and peer-to-peer mesh messaging.
The Internet of Things (IoT) is going to require a new way of thinking and of developing software for speed, security and innovation. This requires IT leaders to balance business as usual while anticipating for the next market and technology trends. Cloud provides the right IT asset portfolio to help today’s IT leaders manage the old and prepare for the new. Today the cloud conversation is evolving from private and public to hybrid. This session will provide use cases and insights to reinforce the value of the network in helping organizations to maximize their company’s cloud experience.
With the addition of new high-bandwidth channels, performance is increased twenty-fold on a single computer producing upwards of 32 million events per second; in a scaled-out architecture, performance can increase massively to billions of events per second. This industry-leading performance is achieved by splitting a data stream into multiple, separate channels to exploit the power of parallel processing pipelines whenever possible; thus ensuring no interactions occur and zero bottlenecks are created. This new capability means developers can structure their applications in such a way that the ...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy.
How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Architect for the Internet of Things and Intelligent Systems at Red Hat, will describe how to revoluti...
Software AG helps organizations transform into Digital Enterprises, so they can differentiate from competitors and better engage customers, partners and employees. Using the Software AG Suite, companies can close the gap between business and IT to create digital systems of differentiation that drive front-line agility. We offer four on-ramps to the Digital Enterprise: alignment through collaborative process analysis; transformation through portfolio management; agility through process automation and
integration; and visibility through intelligent business operations and big data.
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability.
In his session at Internet of @ThingsExpo, Erik Lagerway, Co-founder of Hookflash, will walk through the shifting landscape of traditional telephone and voice s...
Predicted by Gartner to add $1.9 trillion to the global economy by 2020, the Internet of Everything (IoE) is based on the idea that devices, systems and services will connect in simple, transparent ways, enabling seamless interactions among devices across brands and sectors. As this vision unfolds, it is clear that no single company can accomplish the level of interoperability required to support the horizontal aspects of the IoE.
The AllSeen Alliance, announced in December 2013, was formed with the goal to advance IoE adoption and innovation in the connected home, healthcare, education, aut...
As Platform as a Service (PaaS) matures as a category, developers should have the ability to use the programming language of their choice to build applications and have access to a wide array of services. Bluemix is IBM's open cloud development platform that enables users to easily build cloud-based, creative mobile and web applications without having to spend large amounts of time and resources on configuring infrastructure and multiple software licenses. In this track, you will learn about the array of services to support and accelerate application development, as well as building applicatio...
The world's leading 'Internet of Things' event, @ThingsExpo has launched IoT Journal on the SYS-CON.com portal, featuring over 5,500 original articles, news stories, features, and blog entries. IoT Journal becomes the world's leading resource for the Internet of Things. SYS-CON Media CEO Carmen Gonzalez is founder and publisher of IoT Journal, and Roger Strukhoff, long-time SYS-CON editor and the conference chair of @ThingsExpo is the editor of the world's leading IoT resource. IoT Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees bett...
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open.
The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
Internet of @ThingsExpo announced today a limited time free "Expo Plus" registration option. On site registration price of $600 will be set to 'free' for delegates who register during this period. To take advantage of this opportunity, attendees can use the coupon code "IoTAugust" and secure their "@ThingsExpo Plus" registration to attend all keynotes, as well as limited number of technical sessions each day of the show, in addition to full access to the expo floor and the @ThingsExpo hackathon. Registration page is located at the @ThingsExpo site.
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, data security and privacy.
In his session at 15th Cloud Expo, Dave Duggal, Founder and Managing Dire...
Most forward-looking CEOs have already made their move to prepare for the future that they foresee – where business technology is a key deciding factor for them to attain ongoing commercial prosperity. This new digital-propelled environment will profoundly change business processes, along with the need for accelerated tech-savvy human capital development across all industries.
‘ALOHA! We’re here at the Red Carpet Event at the 2021 Web Movie Awards! All the stars are here wearing the latest in fashion trends. Oh, here comes DigiTom wearing his underarm sweat blocker shirt that also calculates how much moisture he is losing and how many ounces of water he needs to replace that sweat. Cool stuff. Ah, and here comes Hank Hologram and what is amazing is how his shoes continue to change colors depending on his mood. Ooop…With all those screams, it must be super director Steve Streamer who has 500 little HHDD cameras sown into his clothes and he is making a live action mov...
My favorite writer, Gil Press, sums it up with, “It’s Official: The Internet Of Things Takes Over Big Data As The Most Hyped Technology” where he talks about how Gartner released its latest Hype Cycle for Emerging Technologies, and how big data has moved down the “trough of disillusionment,” replaced by the Internet of Things at the top of the hype cycle.
The term Internet of Things was coined by the British technologist Kevin Ashton in 1999, to describe a system where the Internet is connected to the physical world via ubiquitous sensors.
The goal of any DevOps solution is to optimize multiple processes in an organization. And success does not necessarily require that in executing the strategy everything needs to be automated to produce an effective plan. Yet, it is important that processes are put in place to handle a necessary list of items.
Flux7 is a consulting group with a focus on helping organizations build, maintain and optimize DevOps processes. The group has a wide view across DevOps challenges and benefits.
It's hard to miss the world of opportunities that data collection and analysis have opened up. But how can you avoid having information overload?
It takes a lot of will power, in our data obsessed world to say "too much!" However, there are many ways where too much information is destroying productivity, and actually causing bad decision making, not good. But it is hard to avoid the world of opportunities that has been opened in data collection and analysis. So how do you balance the two? The first step is to understand there is a big difference between data collection, and it's utilization. ...
We were in contact recently with Shrikant Pattathil (pictured below), Executive Vice President of Harbinger Systems. Here are some of his thoughts about healthcare, the IoT, and disruption: IoT Journal: Healthcare, with all of its systems and dataflows, seems an ideal area for IoT solutions. What is Harbinger Systems doing in this area?
Shrikant Pattathil: Being a service provider we work with many product development companies who are building new IoT-based applications to solve problems that plague the healthcare industry. For example, there is a need for applications to manage your medicin...
Yet another retailer has confessed that their systems were breached and an untold number of victims join the growing list of those who have had their data was stolen. This one could be bigger than the infamous Target breach. I wonder if some day we’ll be referring to periods of time by the breach that occurred. ‘What? You don’t remember the Target breach of ’13! Much smaller than the Insert Company Here Breach of 2019!’ Or almost like battles of a long war. ‘The Breach of 2013 was a turning point in the fight against online crime,’ or some other silly notion.
The hype around the wearable tech industry has steered many consumers straight to Amazon in search of a fitness gadget that will tell them how healthy or unhealthy they act on a regular basis. Some feel they can’t become healthier unless they are tracking their progress every step of the way. But as we begin to see through the hype, the wearable tech industry seems to be way behind in one important area – actually making us healthier.
The one thing that all fitness trackers have in common is statistics. Tracking steps, calories, sleep patterns, and everything in between, wearable tech devices...
When we talk about the impact of BYOD and BYOA and the Internet of Things, we often focus on the impact on data center architectures. That's because there will be an increasing need for authentication, for access control, for security, for application delivery as the number of potential endpoints (clients, devices, things) increases. That means scale in the data center.
What we gloss over, what we skip, is that before any of these "things" ever makes a request to access an application it had to execute a DNS query. Every. Single. Thing.
Over the summer Gartner released its much anticipated annual Hype Cycle report and the big news is that Internet of Things has now replaced Big Data as the most hyped technology. Indeed, we’re hearing more and more about this fascinating new technological paradigm. Every other IT news items seems to be about IoT and its implications on the future of…
When it comes to the smart home, big names like Nest and Dropcam have gotten most of the attention due to their product success and lucrative acquisition figures. But as impressive as these products have been, there are a multitude of other unknown products ranging from door locks to basic thermostats that require connectivity and...
It's time to condense all I've seen, heard, and learned about the IoT into a fun, easy-to-remember guide. Without further ado, here are Five (5) Things About the Internet of Things: 1. It's the end-state of Moore's Law.
It's easy enough to debunk the IoT as “nothing new.” After all, we've have embedded systems for years. We've had devices connected to the Internet for decades; the very definition of a network means things are connected to it. But now that the invariable, self-fulfilling prophecy of Moore's Law has resulted in a rise from about 10,000 transistors on a chip in 1980 to more t...
It's the Great Convergence! That is, the convergence of the IoT and WebRTC. “From telemedicine to smart cars, digital homes and industrial monitoring, the explosive growth of IoT has created exciting new business opportunities for WebRTC, real time calls and messaging,” says Ivelin Ivanov, CEO and Co-Founder of Telestar. Ivelin will be one of the featured speakers at our @WebRTCSummit, to be held Nov 4-5 as part of the overall @CloudExpo @ThingsExpo conference and exhibition Nov 4-6, at the Santa Clara Convention Center, Santa Clara, CA.
In his session, Ivelin promises to share “some of the...





















