BizTech - Technology Solutions That Drive Business en Manufacturing Companies Reinvent Themselves with Advanced Technology <span>Manufacturing Companies Reinvent Themselves with Advanced Technology</span> <span><span lang="" about="/user/3" typeof="schema:Person" property="schema:name" datatype="">ricky.ribeiro</span></span> <span>Wed, 05/23/2018 - 23:17</span> <div><p>When the networking infrastructure at <a href="" target="_blank" title="Daimler Trucks North America">Daimler Trucks North America</a>’s Western Star facility in Portland, Ore., was reaching its end of life a few years ago, the company’s leadership decided it was time to make big changes.</p> <p>“We wanted to invest in an infrastructure that would support modern connectivity solutions, including the Internet of Things, flexible work and automated production technologies that enhanced the capabilities of the existing workforce,” says Susan Moote, DTNA’s director of IT infrastructure.</p> <p>The company deployed a suite of networking components, including <a href="" target="_blank" title="Cisco">Cisco</a> Aironet access points and Cisco Unified Computing System servers, which include compute, switching fabric and management software. Now, employees can access human resources functionality at work, as well as key metrics and engineering collaboration tools.</p> <p>The new infrastructure provides a base network that enables wireless and nonwireless solutions, more wireless LAN and LAN capacity to move data, and more security, Moote says. “Additionally, the design allows the introduction of software-defined networks and other automated deployment technologies that leverage a programmable infrastructure. With the expansion of the wireless capabilities, the plant has enabled the use of radio frequency identification for a number of logistics and plant production applications.”</p> <p>Plus, the <strong>technology’s modular design allows for expansion and reconfiguration as the company grows</strong>, and the enhanced connectivity lets employees use mobile devices, tablets and other wireless equipment on the factory floor.</p> <p>Many companies are embracing digital transformation that, like DTNA’s, allows employees to work remotely. In “<a href="" target="_blank" title="Modern Workplace Insight Report">The Modern Workplace Insight Report</a>,” Preston Harris, a CDW mobile field solution architect, writes: “Organizations are beginning to understand that workers expect the same type of connectivity at work that they enjoy in their personal lives. If employees are empowered with the freedom to work anywhere, anytime — and they’re effective at it — that can’t help but create a modern workplace that’s better for everyone.”</p> <p>And for manufacturers, focusing on back-office technology to change daily processes is a key trend, according to Deloitte’s Tech Trends 2018: “Though savvy organizations are approaching the digital mandate from a number of angles, one issue remains consistently ­important: the interconnectedness of front- and back-office systems.”</p> <p>DTNA is not alone among manufacturing companies that are transforming operations with advanced technology. IDC estimates that global <strong>spending on digital transformation will hit $1.7 trillion</strong> this year — a <strong>42 percent increase from 2017</strong>.</p> <p>By the end of next year, IDC predicts, three-fourths of large manufacturers worldwide will deploy IoT and analytics-based situational awareness; and by the end of 2020, half will start seeing business value from the integration of supply chain, plant operations, and product and service ­lifecycle management.</p> <p>Benjamin Moses, technical director at the <a href="" target="_blank" title="association for manufacturing technology">Association for Manufacturing Technology</a>, says those goals are common in the manufacturing world, where everyone is looking to automate and collect data from machines: “Companies may start out small, but once they see the value of data, they can use it as a multiplier so they can add new projects.”</p> <p><img alt="Q0218-BT-Feat-Bannan-quote.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <h2 id="toc_0">A Complete Digital Transformation Overhaul</h2> <p>John Peterson’s first days on the job at automotive parts manufacturer <a href="" target="_blank" title="AW North Carolina">AW North Carolina</a> weren’t easy. As general manager of IT, Peterson knew he was charged with implementing AWNC’s new systems — he just didn’t realize how much work lay ahead.</p> <p>“Literally on my first day here, the phone system stopped working,” says Peterson, who started his position in January 2016. “Within two months, about 15 percent of our servers failed or were in the process of failing. It became clear to me very quickly that there would be no way to put in enterprise-class systems that could support a $1 billion ­factory and the volume we do here.”</p> <p>Based in Durham, N.C., AWNC manufactures more than 650,000 automatic transmissions each year, yet <strong>until a few years ago it used Excel to track crucial information</strong>. Its digital transformation plans included new enterprise resource planning, manufacturing execution and inventory management systems, among other upgrades.</p> <p>During the project, the AWNC team and a contractor installed a new Cisco ­network infrastructure with wireless access points, switches and controllers that cover more than 1 million square feet of factory floor.</p> <p>At the time, AWNC tapped the cloud for its ERP and other applications. Those resources were moved back on-­premises during the first quarter of this year.</p> <p>“We’re finally able to get more timely information out of our equipment so maintenance and production can work more efficiently,” Peterson says. “We’re also reducing overtime. Everything improves when you have access to data because parts show up when they need to, and that keeps the line flowing.”</p> <p>Hard cost savings for the upgrades exceeded $1 million: <strong>$655,000 in cost avoidance and $400,000 in cost reductions</strong>, he says.</p> <p><img alt="Q0218-BT-Feat-Bannan-elpunto_0.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <h2 id="toc_1">Revamped Call Center Saves Money, Frees Up Staff</h2> <p><a href="" target="_blank" title="Bob Barker Company Manufacturing">Bob Barker Company</a>, a ­manufacturer and supplier of products to correctional facilities, is a good example of the start-small approach. The company recently was able to leverage a small pilot into a big-bang project for the company: a digital transformation designed to bolster its call center, which processes more than 60 percent of its orders, and the internal phone and communication systems for its back-office and management teams.</p> <p>The company looked at several options but decided on a hybrid cloud strategy. Today, <strong>it runs about 30 ­servers in a private cloud configuration</strong> and uses <a href=";searchscope=all&amp;sr=1" target="_blank" title="Skype for Business">Skype for Business</a> via <a href=";searchscope=all&amp;sr=1" target="_blank" title="Microsoft Surface Tablets">Microsoft Surface tablets</a>.</p> <p>Its call ­center application, native to Skype for Business, adds performance insight for managers and flexibility for workers, says IT Director Dan Callari.</p> <p>“We have much better visibility into the performance of the call center,” Callari says, noting that the company now receives real-time reporting. “And working from home is a much easier process now. It used to be manual, but now you can work from anywhere, with no additional effort. Our old solution required a hard phone versus a soft phone configuration that had to be manually switched over.”</p> <p>Perhaps the greatest win has been the savings realized in moving away from the company’s old private branch exchange system. The new infrastructure <strong>helped the company save $200,000 per year</strong> and also freed staff to perform other tasks. An employee who used to spend more than 20 hours maintaining the communication system is now dedicated to cybersecurity.</p> <p>“Especially in manufacturing, where there is low margin and IT is looked at as a cost center, we were able to get high value and cost savings,” Callari says. Such careful planning and forward thinking helps companies in all industries succeed, according to Deloitte: “Creating a new technology core is neither a marathon nor a sprint — rather, it’s a series of sprints toward an overall destination.”</p> </div> <div> <div class="field-author"><a href="/author/karen-j-bannan" hreflang="en">Karen J. Bannan</a></div> </div> Thu, 24 May 2018 03:17:13 +0000 ricky.ribeiro 41201 at Why You Should Conduct Risk Assessments Before Buying New Cybersecurity Products <span>Why You Should Conduct Risk Assessments Before Buying New Cybersecurity Products</span> <span><span lang="" about="/user/3" typeof="schema:Person" property="schema:name" datatype="">ricky.ribeiro</span></span> <span>Wed, 05/23/2018 - 17:54</span> <div><p>The worldwide market for cybersecurity products and services will surpass $95 billion this year, according to Gartner. That’s a staggering amount of money, and it represents an ­8­ percent increase in the size of the market since the beginning of 2017.</p> <p>Is all of that spending really necessary? Much of it is, of course. But in my experience, <strong>many organizations purchase new security solutions without first conducting a thorough risk assessment</strong> and gap analysis to identify and prioritize their security needs. Some never evaluate their ability to meet emerging threats with existing resources.</p> <p>Following such an assessment, an organization may conclude that new controls are required, but they may also discover that upgrades and configuration changes to existing controls are also needed — or, perhaps, are all that’s needed — to provide a solid, layered defense.</p> <h2 id="toc_0">Ensure You Truly Assess the Risks</h2> <p>A good risk assessment rigorously evaluates an organization’s current cybersecurity environment. It begins by identifying potential threats to the organization and rating each threat based on its likelihood of occurrence as well as the potential impact if it occurs.</p> <p>Risk assessments are specific to an individual organization and its operating environment. For example, a major news media outlet may rate the risk of a denial of service attack against its website as high because it is an attractive target to attackers and a successful attack would cripple its operations. On the other hand, a small business selling industrial components may evaluate that same risk at a much lower level because it considers itself an unlikely target for such an attack and the loss of its website would have minimal impact on its daily business.</p> <p>After flagging potential threats, the next step is to identify vulnerabilities that could cause a threat to occur, such as <strong>a web server running an unpatched operating system with known security flaws</strong>, or insufficient network bandwidth to absorb a small-scale denial of service attack. Risks occur only when there is a combination of a threat against an organization and a vulnerability that the threat could exploit. Next comes a gap analysis, which identifies deficiencies in security controls that may allow a cybersecurity incident to occur. The assessment normally recommends security controls to fill those gaps.</p> <p><img alt="Q0218-BT-SecSave-Chapple-elpunto.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <h2 id="toc_1">You Should Tailor Controls to Risks</h2> <p>The risk assessment can guide both scanning and remediation schedules of an organization’s entire vulnerability management program. Systems and applications with higher risk levels should be scanned more frequently, receiving priority when remediation is planned. Scan results also provide criticality ratings, which can supplement the likelihood and impact ratings found in the risk assessment and help managers make more informed decisions.</p> <p>High-risk systems should receive extra scrutiny when performing system patching and hardening efforts. Rather than distributing security resources evenly across all systems, <strong>organizations should spend the majority of their time and money working on the systems that pose the greatest risk to the organization</strong>. For example, a system involved in credit card processing that is missing a security patch should receive a much higher remediation priority than a system that hosts an internal message board.</p> <p><img alt="Q0218-BT-SecSave-Chapple-quote.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <h2 id="toc_2">Try to Use Existing Products First</h2> <p>Most organizations have already made a significant investment in security products over the years and continue to pay maintenance and support fees for those products. Typically, those solutions were purchased to meet a specific need in an organization’s security program, and went through a planned implementation in which administrators carefully configured the product to meet the organization’s existing security goals.</p> <p>If the analysis that led to the acquisition of that solution took place several years ago, both the organization and the product may have changed significantly during the ­intervening time. It is very common for an organization to be completely unaware of new capabilities rolled out by vendors after a product deploys.</p> <p>When conducting a risk assessment and evaluating gaps in existing controls, look first to products already deployed on the network before considering new solutions. <strong>It’s possible that an existing product has an unused capability that might fill one or more gaps</strong>. If an upgrade is needed, it may be covered by a support contract or available as an add-on module, which would be less expensive than purchasing a new solution.</p> <p>As business leaders are bombarded with messaging about new security controls, it’s important to keep the basics in mind. Any security decisions should be made based on well-reasoned assessment, and purchases should ideally fill high-priority control gaps. Before making any purchase, consider whether upgrading or reconfiguring existing controls might fill the same need.</p> <p> </p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank" title="CDW Cybersecurity Insight Report"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> </div> <div> <div class="field-author"><a href="/author/mike-chapple" hreflang="en">Mike Chapple</a></div> </div> Wed, 23 May 2018 21:54:02 +0000 ricky.ribeiro 41196 at Review: The Crucial MX300 SSD Is an Adrenaline Shot for PCs <span>Review: The Crucial MX300 SSD Is an Adrenaline Shot for PCs</span> <span><span lang="" about="/user/8196" typeof="schema:Person" property="schema:name" datatype="">david.vogin_8196</span></span> <span>Tue, 05/22/2018 - 12:54</span> <div><p>Most PCs, even those that are a few years old, have enough horsepower to get through the average user’s day. But users may find themselves frustrated by an older PC if its performance starts to degrade quickly.</p> <p>The most effective way to enhance an older system is to <strong>replace its aging hard-disk drive with a new solid-state drive</strong>, such as the <a href="" target="_blank">Crucial MX300 SSD</a>. While HDDs are more affordable, a 1-terabyte or 2TB SSD is not terribly expensive for what it offers: up to <strong>10 times the performance of an HDD</strong> in both sequential read/write and input/output operations per second. Boot time for Windows can decrease by a factor of three or four, dropping from more than <strong>60 seconds with an HDD to about 15 seconds with an SSD</strong>.</p> <h2><img alt="Q0218-BT-PR-Harbaugh-product.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></h2> <h2>The Crucial MX300 Offers an Easy Transition to a Faster PC</h2> <p>The Crucial MX300 is available in <strong>275 gigabytes, 525GB, 1TB and 2TB capacities</strong>, in both the M.2 SATA standard and the 2.5-inch SATA format.</p> <p>The SATA version also comes with an adapter to ensure a snug fit in laptops built for <strong>9.5-millimeter drives</strong>. For desktop systems that don’t include 2.5-inch drive mounting cages, a bracket can be purchased for less than $10.</p> <p>In addition to the drive itself, the MX300 comes with Acronis True Image HD software for easy data ­migration. With True Image, an existing system can be moved from the old HDD to the new SSD in less than an hour. The two drives don’t need to be the same size; the software can handle a larger or smaller drive, as long as there’s enough space to hold all the files on the old drive. All that’s needed is a second SATA connection for the new drive, or a USB-to-SATA adapter to temporarily connect the new drive via a USB port until the files are transferred.</p> <p>Once the True Image software finishes transferring files, the user simply replaces the old HDD with the new SSD, and after a reboot, the PC should run much faster. The MX300 offers a simple, inexpensive way to substantially upgrade a PC’s performance. With the new SSD in place, systems will boot up and software will load <strong>four to 10 times faster</strong>, and finding files through the OS or applications such as Outlook will be speedier too. Plus, encryption support ensures that if a l­aptop or PC is stolen, the data can’t be accessed without a password.</p> <div class="callout"> <h3>Crucial MX300 SSD</h3> <p><strong>Format: </strong>M.2 and 2.5-inch internal SSD<br /><strong>Capacity:</strong> 275GB, 525GB, 1TB and 2TB/b/g/n/ac<br /><strong>Speed: </strong>Sequential read/write up to 530/510MBps<br /><strong>Security: </strong>256-bit AES<br /><strong>CDW Price: </strong>$297.99</p> </div> </div> <div> <div class="field-author"><a href="/author/logan-harbaugh" hreflang="en">Logan Harbaugh</a></div> </div> Tue, 22 May 2018 16:54:52 +0000 david.vogin_8196 41186 at How Technology Is Delivering the Future of Retail Today <span>How Technology Is Delivering the Future of Retail Today</span> <span><span lang="" about="/user/8196" typeof="schema:Person" property="schema:name" datatype="">david.vogin_8196</span></span> <span>Tue, 05/22/2018 - 11:46</span> <div><p>Vacationers and tourists visit <a href="" target="_blank">Pebble Beach Resorts</a> year-round for its famous golf courses, luxurious spa, fine dining and other sports activities — all with breathtaking ocean views of California’s Central Coast as a backdrop. Visitors also browse through Pebble Beach’s <strong>16 boutiques</strong> to shop for gifts and souvenirs, from golf and lifestyle apparel to home spa products and wineglasses, many featuring the Pebble Beach logo.</p> <p>To maximize sales, Pebble Beach’s retail operations recently implemented <a href="" target="_blank">IBM Planning Analytics</a> software to gather sales information that’s updated daily, so they can better evaluate ­inventory needs and replenish the most popular items before they are sold out.</p> <p>“If we do our jobs right, and this new system helps us get there, then the customer walks away with a great experience at our retail stores,” says Kevin Kakalow, director of retail at Pebble Beach Company, which owns Pebble Beach Resorts. “They are not frustrated because we were out of stock or could not find what they were looking for.”</p> <p>These are challenging times for brick-and-mortar retailers, who are feeling the sting of online competitors more than ever. In the first months of 2018 alone, longtime retailer Toys R Us announced it was closing its doors, while mall-based chains Nine West and Claire’s both filed for bankruptcy.</p> <p>In response,<strong> forward-looking retailers are deploying technology to create new in-store experiences</strong>, bolster customer loyalty and retention, and ultimately boost sales. Some gather customer data to drive better business decisions, while others take advantage of augmented or virtual reality and mobile apps to merge the online and in-store shopping experience.</p> <p>“We will always have brick-and-mortar stores, just not as many,” says retail expert Jan Rogers Kniffen. “The fewer ones will have to be more accurate, entertaining and exciting, and provide much better customer service if they are to be successful.”</p> <p><img alt="Q0218-BT-Feat-Wong-Secondary_0.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <p><i>Pebble Beach Company deploys advanced analytics to manage inventory at its pro shop and other retail outlets.</i></p> <h2>Retailers Tap Data for Insights</h2> <p>Apparel and accessory retailers had their best year managing inventory ­control in 2017, and that’s due to Big Data, Kniffen says. By deploying data analytics, they were able to stock shelves more accurately, which led to fewer markdowns and improved ­profits, he says.</p> <p>Pebble Beach Company, with its three hotels and four golf courses, offers a perfect example. Its retail department implemented cloud-based IBM Planning Analytics in late 2016 to <strong>gain faster insights into the company’s vibrant 16-store retail operation</strong>.</p> <p>Anchored by the scenic 17-Mile Drive, the resort also attracts tourists passing through on day trips and bus tours. For them, the most popular store is the Lone Cypress Shop, featuring clothes, golf accessories and knickknacks that carry the Pebble Beach logo.</p> <p>Kakalow says IBM Planning Analytics <strong>automated what used to be largely a manual process</strong>.</p> <p><img alt="Q0218-BT-Feat-Wong-quote.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <p>A detailed inventory report or sales forecast that might take three hours to produce can now be had in minutes.</p> <p>In the past, Kakalow and his finance manager manually exported data from an inventory management system, a point-of-sale system and ­general ledger software onto an Excel spreadsheet. Each time, they’d have to massage the data. “It was a weird data dump with dashes, spaces and different columns not lined up, so <strong>we had to clean it up and get it to the point where we could actually use it</strong>,” he says.</p> <p>Pebble Beach’s IT and retail departments worked with a third-party consultant to implement IBM Planning Analytics over a nine-month period. Working together, the companies integrated the inventory management, point-of-sale and general ledger systems. Sales data is now uploaded automatically to the IBM software each day. “Now that the data is housed in one platform, we can build models and slice and dice the data much more quickly,” Kakalow says.</p> <p>The retail department can review inventory on the sales floor, spot trends in customer ­preferences, improve their merchandizing decisions and choose the most effective pricing for each product.</p> <p>That’s where <strong>technology supports old-fashioned customer service</strong>, Kakalow says. When employees check out customers, they strike up conversations, asking if the customer is a resort guest, bus tour guest or day visitor. The sales staff can then classify the buyer with the press of a button on the point-of-sale system. The retail division can then analyze the information about what each type of guest buys, helping the company make smarter decisions on what to stock in individual stores — and for the first time, the company can also compare historical inventory data by day.</p> <p>“It lets us know if we are buying the right products,” Kakalow says. “If we are buying smarter, we will have a lot fewer discounts, and that has a direct positive impact on our cost of sales.”</p> <h2>Analytics Illuminate Customer Behavior</h2> <p>Retailers capture all kinds of data to ­better understand their customers’ preferences, so they can create better ­customer experiences.</p> <p><a href="" target="_blank">Santana Row</a>, an upscale mixed-use shopping center with retail stores, restaurants, office space, condos and apartments in San Jose, Calif., installed <a href="" target="_blank">Cisco</a> networking gear to provide fast, free amenity-based Wi-Fi to customers and residents. Combined with <a href="" target="_blank">Cisco’s Connected Mobile Exchange</a> (CMX) Cloud software, the wireless network also allows property owner <a href="" target="_blank">Federal Realty Investment Trust</a> to gain what it calls “path intelligence,” or the ability to <strong>see and analyze visitors’ foot ­traffic patterns</strong>.</p> <p>This geolocation data allows the company to discover customers’ behavioral patterns, which helps with merchandising, property management and targeted marketing campaigns, says Abbas Rizvi, Federal Realty’s senior network manager.</p> <p>“We can build an understanding of what the traffic patterns are on the property, get information on dwell times, where visitors go when they are here, what path they take, and how many times they come back,” he explains. Retail leasing staff, for example, can use foot traffic information to negotiate better lease terms for retail spaces or property management can determine the appropriate security levels for planned events. The marketing department can use the data to develop marketing plans for specific ­customer demographics or work with retailers on cross-promotions and gauge the success of events, Rizvi says. Federal Realty deployed 35 <a href="" target="_blank">Cisco Aironet 802.11ac</a> outdoor access points on rooftops. About two years ago, Rizvi implemented Cisco’s CMX Cloud to ­<strong>register and connect customers to the wireless network</strong> to build data on path analysis and customer demographics.</p> <p><img alt="Q0218-BT-Feat-Wong-elpunto.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <p>Customers sign in to Santana Row’s Wi-Fi using their email address or by logging in through Facebook. Individual information stays anonymous. The ­information is aggregated monthly, ­allowing the company to analyze the data, he adds.</p> <p>Federal Realty engages the customers with specialized email campaigns about upcoming events and promotions.</p> <p>“It’s about <strong>finding the right balanc</strong>e on how we use technology to engage customers while providing a great visitor experience,” Rizvi says.</p> <h2>Stores Experiment With Emerging Tech</h2> <p>Retailers are also experimenting with new technologies to <strong>marry the online and in-store shopping experiences</strong>. Home improvement chain <a href="" target="_blank">Lowe’s</a>, for example, has developed two mobile apps that take advantage of augmented reality. The company’s “View In Your Space” AR feature on its mobile app allows Android smartphone users to preview what patio furniture, grills, smokers and appliances would look like in their own home spaces. Lowe’s has also developed an in-store navigation app that allows customers to find products faster by giving them step-by-step directions to the products, says Josh Shabtai, director of labs productions and operations for <a href="" target="_blank">Lowe’s Innovation Labs</a>.</p> <p>Shabtai and his team have also created in-store virtual reality experiences at select stores. One immersive VR experience gives customers interactive instructions on do-it-yourself projects, such as how to tile a bathroom. Customers who receive the instruction using a VR headset remember <strong>40 percent more</strong> of the project’s steps than those who watch an instructional video, Shabtai says. Another experience allows customers to try a cordless hedge trimmer in a virtual environment. A team of video game developers, technical artists and experts in computer vision create the AR and VR experiences, Shabtai says.</p> <p>“<strong>Customer response has been extremely positive</strong>,” he says. “Virtual and augmented reality are giving us powerful new ways to help our customers gain the vision, confidence and skills to begin their next project.” </p> </div> <div> <div class="field-author"><a href="/author/wylie-wong" hreflang="en">Wylie Wong</a></div> </div> Tue, 22 May 2018 15:46:49 +0000 david.vogin_8196 41181 at 4 Ways to Get the Most Out of Microsoft Teams <span>4 Ways to Get the Most Out of Microsoft Teams</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Mon, 05/21/2018 - 10:30</span> <div><p><a href="" target="_blank">Microsoft Teams</a>, the new ­collaborative messaging app in <a href="" target="_blank">Office 365</a>, has proved popular with early adopters, and <a href="" target="_blank">Microsoft</a> says it will eventually <a href="">replace Skype for Business</a> as Office 365’s primary communication tool.</p> <p>Teams is included with Office 365 business software licenses, so many companies already have the app, but may not fully use it. Teams brings together user data and features from <strong>SharePoint, Office 365 Groups, Skype and Outlook in an easy-to-use interface.</strong> Users can access Teams from <strong>a browser, the desktop app, and mobile apps for Android and iOS</strong>. Here are four tips for using Microsoft Teams to jump-start collaboration:</p> <p><a href=""><strong>SIGN UP: </strong>Get more news from the <em>BizTech</em> newsletter in your inbox every two weeks!</a></p> <h2>1. Follow New Channels to Get Notifications</h2> <p>When users create a new channel in Teams, by default they won’t receive notifications when another user adds content. To receive notifications, click the ellipsis to the right of the channel and select <strong>Follow this channel</strong>. Notifications can be customized in Settings, located in the account avatar in the top right of Teams. <strong>Install the desktop app to receive notifications</strong> when you’re not working in Teams.</p> <h2>2. Add Custom Tabs and Schedule Meetings </h2> <p>Add your own tabs to channels to organize different types of content. Tabs can provide access to a single document or a complete application. For example, you could <strong>add a Microsoft Planner or SharePoint tab to a channel</strong>. You can also schedule and hold meetings using Skype in Teams. Any scheduled meetings will appear in attendees’ Outlook calendar.</p> <h2>3. Send Emails to Channels in Teams</h2> <p>Users can generate an email address for a channel and use that to send messages, including file attachments. That’s useful for a variety of situations,<strong> such as for an ­automated process or for a user who needs to contribute to a channel but doesn’t have access to Teams</strong>.</p> <p>To add an email address to a channel, click the ellipsis to the right of the channel and select<strong> Get email address</strong> from the menu.</p> <h2>4. Invite Outside Users to Your Team</h2> <p>Projects often involve working with people external to an organization. Guest access in Teams allows users to<strong> invite people from other organizations that also use Teams</strong>. To add a guest, click the ellipsis to the right of the team name and select <strong>Add members</strong> from the menu. In the dialog, type the new team member’s email address, click <strong>Add</strong> and then <strong>Close.</strong></p> <p>Be sure guest access for Teams is enabled in the Office 365 Admin Portal. If external users are part of an Office 365 tenant, their system administrator must also enable guest access.</p> </div> <div> <div class="field-author"><a href="/author/russell-smith" hreflang="en">Russell Smith</a></div> </div> Mon, 21 May 2018 14:30:00 +0000 phil.goldstein_6191 41176 at Businesses Transform Their Wi-Fi Management in the Cloud <span>Businesses Transform Their Wi-Fi Management in the Cloud</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Mon, 05/21/2018 - 09:00</span> <div><p>When Blaine Crawford joined <a href="" target="_blank">C.W. Driver</a> as IT director five years ago, the Pasadena, Calif.-based builder’s IT ­network was a “big mess of disparate equipment and systems,” he says.</p> <p>With seven regional offices, C.W. Driver has at least <strong>60</strong> active construction sites at any given time, <strong>each of which requires robust wireless connectivity.</strong> Previously, that meant the company’s IT staff was often tied up traveling from site to site, configuring access points and troubleshooting when problems arose. But today, Crawford says, the wireless network requires so little onsite attention that he sends his team on site visits<strong> simply to remind users that the IT staff is there to help</strong>, whenever needed.</p> <p>The difference: C.W. Driver upgraded to <strong>a software-defined WAN and cloud-managed wireless network</strong> from <a href=";enkwrd=cisco+meraki" target="_blank">Cisco Meraki</a>.</p> <p>“We’re sending people out to the job sites just to show them that, ‘Hey, we’re here. Yes, we do care,’” laughs Crawford. “We’ve had to do a little bit of a PR campaign. It’s funny, because we went from always having to go out to job sites to fix things, to now doing everything from a chair at headquarters.”</p> <p>While the increased visibility and ease of management enabled by cloud-managed Wi-Fi systems are attractive to many different types of organizations, this value is multiplied for companies like C.W. Driver, which must support <strong>geographically dispersed users across a number of disparate job sites </strong>— most of which have no dedicated IT staff.</p> <p>“We see sort of a sweet spot for organizations that have a distributed enterprise infrastructure,” says <a href="" target="_blank">Brandon Butler</a>, senior research analyst in the network infrastructure group at IDC. “If you have centralized IT operations, but a lot of distributed locations you want to manage, it makes sense to do that from the cloud.”</p> <p>While cloud-managed Wi-Fi is experiencing steady growth, Butler says that it is likely to remain less common than on-premises solutions for the foreseeable future. In 2017, cloud-managed solutions made up just <strong>26 percent </strong>of the worldwide wireless LAN market, he says. IDC estimates that this number will <strong>grow to 30 percent this year, and will hit 38 percent in 2021</strong>.</p> <p><a href=""><strong>SIGN UP: </strong>Get more news from the <em>BizTech</em> newsletter in your inbox every two weeks!</a></p> <h2>Cloud-Managed Wi-Fi Offers IT Teams Instant Configuration</h2> <p>Users of cloud-managed Wi-Fi solutions consistently cite the <strong>plug-and-play configuration of access points as one of the principal advantages of the solutions</strong>. “You plug in the AP, you activate it on the Meraki network, you push a license out to it, and you associate it with your SSIDs,” says Crawford. “It’s literally minutes from the time you unbox it and plug it in.”</p> <p><img alt="Q0218-BT-Feat-Hennick-quote_0.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <p>Perhaps even more important, though, is the ability to remotely manage the wireless network from a central location. “Many times, we’ll get calls from job sites saying, ‘The network is slow, what’s going on?’” Crawford says. “We can jump into the Meraki console and see that we may have a contractor doing some massive download, or an infected computer sending out a blast of data. We can just disconnect the machine from the network, right on the spot.”</p> <p>San Diego-based <a href="" target="_blank">Chuze Fitness</a> ­operates about two dozen health clubs across three states, but the organization lacks onsite IT staffing at nearly all of its branches, and co-founder Kris Peterson serves as both CIO and chief marketing officer for the company.</p> <p>Before ­upgrading to <a href="" target="_blank">Ruckus</a> <a href=";searchscope=all&amp;sr=1" target="_blank">Cloud Wi-Fi</a>, Peterson says, he and other staffers lacked the ability to troubleshoot problems from headquarters.</p> <p><strong>“When the Wi-Fi went down, lord, would we hear about it,” </strong>Peterson says. “People like coming in, listening to music, watching YouTube — that can be a make or break for a lot of people. But we had to do a lot of over-the-phone troubleshooting, including three-way calling between us, the branch and the service provider. Sometimes it would take a couple of days to get a technician out to a site.”</p> <p>Now, though, Peterson says, Chuze can <strong>throttle the connection speeds</strong> of users who engage in intensive movies. The organization has also configured the system to automatically disconnect users after 60 minutes, freeing up seats on the APs. “Before, I felt like every week we were getting a call about our Wi-Fi,” Peterson says. “A lot of those issues have vanished. We’ve gotten to a point where what we’re providing is a lot more reliable and steady.”</p> <h2>Businesses Gain Increased Network Visibility</h2> <p>Before insurance company <a href="" target="_blank">Penn Mutual</a> adopted cloud-managed Wi-Fi from Cisco Meraki several years ago, its IT shop was “in a crucible,” says Enterprise Networking Director Andy McInerney. The existing legacy network was antiquated, he says, and <strong>wireless network management processes were “cumbersome, rudimentary and archaic.”</strong></p> <p>“You had to be really skilled to squeeze out some analysis, and even then, it was really basic,” he says.</p> <p>Fast-forward to today, and the IT staff at Penn Mutual’s Horsham, Pa., headquarters can instantly see what’s happening on the network across the company’s nearly 60 local offices around the country.</p> <p><strong>“You jump on the console, and it pops right out at you,” </strong>says McInerney. “You can see everything about that user, that machine, what applications they’re hitting. You can ­create policies to curtail application-based issues. It’s an ­incredible amount of data that’s easy to see and digest, and that allows you to troubleshoot.”</p> <p>IDC’s Butler says this increased ­visibility does more than just simplify network management. It also helps organizations plan out their entire network strategies.</p> <p>“We’re increasingly seeing vendors talk about machine learning to predict future usage patterns,” he says. “That’s not to say that can’t be done on-­premises, but it’s typically easier for cloud-managed systems, because they’re updated more frequently.”</p> <p><img alt="Q0218-BT-Feat-Hennick-elpunto_0.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <p>Data from cloud-managed Wi-Fi systems is<strong> already helping to provide automated, push-button resolution for technical issues</strong>, Butler says. He adds that “the next logical step” would be data-powered network solutions that provide fully automated resolutions to problems.</p> <p>Crawford says that C.W. Driver’s move to a unified, cloud-managed wireless network has resulted in a complete 180 for the IT staff — taking them from an environment where technicians scrambled to locate the passwords needed to troubleshoot network components, to one with point-and-click resolution from a central management portal.</p> <p>“We have so much insight into the traffic that’s going across those access points,” Crawford says. “The wealth of information that’s available to us now is unparalleled.</p> </div> <div> <div class="field-author"><a href="/author/calvin-hennick" hreflang="en">Calvin Hennick</a></div> </div> Mon, 21 May 2018 13:00:00 +0000 phil.goldstein_6191 41171 at Small Businesses Redouble Defenses to Combat Growing DDoS Attacks <span>Small Businesses Redouble Defenses to Combat Growing DDoS Attacks</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Fri, 05/18/2018 - 14:41</span> <div><p>They’re out there. Ben Warriner has seen them storming the firewall at <a href="" target="_blank">Wade Ford</a>. But the business operations manager at the Smyrna, Ga., car dealership has managed to<strong> keep the distributed denial of service attacks off his network using strong border security tools</strong>.</p> <p>“They’ve kept us safe,” he says, “so far.”</p> <p>DDoS attacks have been around for decades, and while they might not generate the headlines today that <a href="">ransomware</a> and <a href="" target="_blank">data theft</a> do, they are a growing threat due in part to the ­explosion of <a href="" target="_blank">the Internet of Things</a>.</p> <p>The attacks use malware or exploit weak or absent authentication credentials to take over computers, then <strong>direct them to generate enough traffic to slow or crash their targets</strong>.</p> <p>Since IoT devices are essentially internet-connected computers — often lacking basic security — <strong>the volume of potentially exploitable equipment has mushroomed</strong>. Anything from a watch or camera to a baby monitor or thermostat can be <a href="">hijacked into a DDoS botnet</a>.</p> <p>“There’s no big red siren on top of our building showing that these attacks are flying left and right,” says Brian Mengel, CTO for <a href="" target="_blank">PenTeleData</a>, a broadband internet service provider based in Palmerton, Pa. “But you never know when the next exploit of some IoT device is going to send traffic from 5 million smart devices to this target network to knock them offline.”</p> <p>Another growth driver is<strong> the booming Malware as a Service market</strong>.</p> <p>Cybercriminals sell DDoS attack kits for as little as $100, says Laura DiDio, principal analyst at <a href="" target="_blank">Information Technology Intelligence Consulting</a>.</p> <p>“I don’t think people are taking it as seriously as they should be, because it’s really easy to find yourself under attack,” says Mengel. “It doesn’t cost an attacker very much to do this.”</p> <p><strong>Any organization is susceptible to a DDoS attack — or can become a pawn in one.</strong> Mengel tells customers in all industries to weigh the price of security measures against the cost of losing internet access for an extended period. Do employees sit idle?</p> <p>Can remote doctors upload images to a hospital? Can bank branches process transactions? “What’s the real risk there?” Mengel asks.</p> <p>With a layered defense, even a small business can thwart or mitigate an attack. DiDio likens it to protecting a home: A locked door, barking dog and blaring alarm can scare off a would-be burglar, but only if they’re in place before the thief arrives.</p> <p>“If you’re not prepared, your network is going down, and it’s going down fast,” she warns.</p> <p><a href=""><strong>SIGN UP: </strong>Get more news from the <em>BizTech</em> newsletter in your inbox every two weeks!</a></p> <h2>Segment Networks to Guard Against DDoS Attacks</h2> <p><a href="" target="_blank">Future Link IT</a>, an Elgin, Ill.-based ISP, has seen plenty of DDoS attacks, particularly against its clients’ upstream providers. Then, in 2015, Future Link itself fell victim to one.</p> <p>Fortunately, the company’s administrators were able to <strong>observe the traffic and identify the IP addresses (including one for its DNS server) </strong>affected by the attack, so they shut them down. They rerouted unused IP addresses to those services, but it still took more than two hours to get back online, recalls Future Link Sales Manager Chris Higgins.</p> <p><img alt="Q0218-BT-Feat-Delaney-quote.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /><br /><span style="font-size: 11px; line-height: 20.8px;">Photography by Ryan Gibson </span></p> <p>After that, the company <strong>installed multiple DNS servers and segmented its network so that if it were attacked again</strong>, it could stay online and limit the number of customers affected.</p> <p>DDoS attacks hit businesses of all sizes across all industries, but because corporations often have stronger security, SMBs can be more attractive targets.</p> <p>“We’ve definitely seen a rise in small and midsized businesses getting hit,” Higgins says. “It’s keeping us busy.”</p> <p>He advises clients to <strong>have a redundant internet solution to fall back on</strong> if they’re attacked.</p> <p>Higgins also stresses that all but the smallest businesses need a business-class firewall to ­differentiate legitimate traffic from cyberthreats.</p> <p>As a managed service provider, Future Link offers its clients the <a href="" target="_blank">Barracuda</a> CloudGen MSP firewall, which Higgins says is good for SMBs because it’s a scalable solution that <strong>includes all the modules and subscriptions they need inside the firewall rather than charging for each piece separately</strong>. “If you’re not doing email or web or VPN security, you’re leaving pretty big holes in your network,” he says.</p> <h2>Upgrade Firewalls to Enhance Security </h2> <p>At Wade Ford, Warriner uncovered a big hole in the network: The old dealership management system was <strong>using public IP addresses</strong> — a good-enough reason to pull the network in-house.</p> <p>As a dealership with a steady stream of financial transactions, Warriner wanted to build a business-class network — one with a security posture akin to that of a bank, but with flexibility. <strong>“The most secure system in the world is the most insecure one because everyone has to work around it since they can’t work within it,”</strong> he says.</p> <p>The biggest problem with Wade Ford’s old network was that the dealership kept winding up on email blacklists. Warriner put a spam filter on the company’s outbound email server, so if a computer is infected, he can block it before it gets to anyone else on the network or onto a blacklist.</p> <p>In August 2017, Warriner upgraded to the <a href="" target="_blank">WatchGuard</a> <a href=";ctlgfilter=&amp;searchscope=all&amp;sr=1" target="_blank">Firebox</a> when his old firewall reached end of life after nearly four years. His advice when upgrading firewalls: <strong>“Figure out what you need, then get the next size up,” so it can handle the exponential growth of data without impeding performance.</strong> He also likes WatchGuard’s georestriction tool, which lets him block traffic from entire continents where the company doesn’t do business. “My firewall just rejects out of hand” any such traffic, he says.</p> <p>Since taking control of the network and implementing security best practices, Warriner’s email woes have disappeared. “I’ve gone past the three-year mark now without turning up on a single email blacklist,” he boasts.</p> <p>But, he adds, <strong>security is a moving target</strong>. Threats such as the <a href="" target="_blank">Equifax breach</a> and the March <a href="" target="_blank">ransomware attack against the city of Atlanta</a> — both in his neighborhood — are reminders that he can’t let down his guard. That’s what drove him to earn his Certified Ethical Hacker credential last year. “The whole concept is to try to attack your own ­network and then fix it and patch it,” he explains.</p> <p><img alt="Q0218-BT-Feat-Delaney-elpunto.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <p>Businesses can hire such experts on a contract or project basis. One of the best defenses against a DDoS attack is a security audit, Warriner says.</p> <p>He runs <a href="" target="_blank">Tenable</a>’s <a href=";ctlgfilter=&amp;searchscope=all&amp;sr=1" target="_blank">Nessus Professional</a> ­vulnerability scanner internally and conducts external Payment Card Industry (PCI) audits. “Having that outside third party makes a huge difference,” Warriner says. And while the cost of that extra security can be a burden to small and midsized business, it’s money well spent. “The cost of an audit doesn’t even weigh into the cost of remediation if there is some sort of big breach.”</p> <h2>DDoS Attacks Evolve to Target Random Businesses </h2> <p>Working with PenTeleData’s ISP subscribers, Mengel has seen a shift in the types of DDoS attacks being launched. Four years ago, they tended to be small, targeted toward tech-savvy individuals (the result of an argument over online gaming, for instance) and easy to mitigate. <strong>Today’s attacks are larger and often aimed at random businesses.</strong></p> <p>“These all tend to be volumetric attacks where the goal is to overwhelm the capacity of the customer — our end user,” he explains. “Take a cable modem customer who has a 100-megabit-per-second downstream pipe. You send 101 megabits per second — well, you’ve basically knocked them offline.”</p> <p>To provide relief for customers, <strong>PenTeleData began offering DDoS-mitigation capabilities to clients</strong>. “It’s kind of a two-pronged thing,” Mengel explains. “We’re protecting the end user who’s the target of the attack, but if the attack is of sufficient size — many multiple times what that customer’s capacity is — it runs the risk of overwhelming our backbone capacity.”</p> <p>PenTeleData uses a service that <strong>analyzes traffic patterns to optimize its network</strong>. If it detects an attack in progress, it signals to <a href=";searchscope=all&amp;sr=1" target="_blank">Radware’s DefensePro client</a> to begin a mitigation for that ­customer. The system then scrubs the traffic from the DDoS attack in Radware’s cloud-based data centers before passing the clean traffic back down to PenTeleData’s customer.</p> <p>That has eliminated the drive-by effect of having an attack against one customer overwhelm PenTeleData’s backbone to the point of impacting other customers, says Mengel. Plus, he adds, the systems are all automated, so a mitigation can happen without a customer even knowing about an attack.</p> <p>“That’s the goal,” he says. “To give that customer uninterrupted service.”</p> </div> <div> <div class="field-author"><a href="/author/melissa-delaney" hreflang="en">Melissa Delaney</a></div> </div> Fri, 18 May 2018 18:41:10 +0000 phil.goldstein_6191 41166 at How to Conquer Software Sprawl in Your Business <span>How to Conquer Software Sprawl in Your Business </span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Thu, 05/17/2018 - 13:04</span> <div><p><strong>Software proliferates.</strong> It grows out of control, with applications seemingly appearing out of nowhere. Old applications often don’t run well, or at all, on modern operating systems. And even when they do, the skill needed to operate and support them tends to decline over time.</p> <p>A case in point: When <a href="" target="_blank">Microsoft</a> released Windows Vista in 2006, the company seemed pretty pleased that <strong>80 percent </strong>of existing applications would run on it. It seemed <strong>unconcerned that 1 in 5 would not</strong>. But many organizations saw things differently, and responded by running old Windows systems alongside Vista to support what were thought to be mission-critical applications that weren’t compatible with the new OS.</p> <p>For a small or medium-sized business, that could be disastrous. While employees may believe that every ­application should be maintained to keep a business running, that is rarely the case. I strongly advise t<strong>aking steps to sort out software clutter, in order to provide a more suitable platform for the future</strong>.</p> <p>But how? Many organizations do not have an inventory of their software — or if they do, it exists only on an Excel spreadsheet somewhere. Let’s get started on a better plan of attack.</p> <p><a href=""><strong>SIGN UP: </strong>Get more news from the <em>BizTech</em> newsletter in your inbox every two weeks!</a></p> <h2>Small Businesses Should Create Software Inventories </h2> <p>Start by creating a complete, living <strong>inventory of what software is used across the entire organization</strong>. For a small company with a few dozen PCs running Windows, that may be relatively simple to do: Someone can sit down at each PC and use the functions within Windows to create a list of known installed software.</p> <p>Note the word “known”: Rather than being installed via the OS, <strong>some old software applications may just be sitting on top of Windows without any sign of their existence within the registry or the Windows lists</strong>. And employees increasingly use cloud-based applications in addition to installed software, so be sure to identify those apps as well.</p> <p><img alt="Q0218-BT-GetSmart-Longfellow-quote_0.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <p>Where that is the case, and for organizations with too many PCs and client/server applications, it would be worth investing in technology that can scan the entire network and list all applications in use. That is where <a href="" target="_blank">IT Asset Management tools</a> come in, and there are many to choose from.</p> <h2>3 Questions to Help Decide Which Software Is Worth Keeping </h2> <p>Once an inventory has been created, work on rationalizing and updating it. Ask three questions about each piece of software in your environment:</p> <p><strong>1. Is the application still working and doing what the business needs</strong>, and will it continue to work under a modern OS such as <a href="" target="_blank">Windows 10</a>?</p> <p>If yes, great; the software can be deemed as fit-for-purpose. Just ensure it can be supported (preferably by the original vendor, or at least by existing staff or a suitable outsourced resource) and carry on.</p> <p><strong>2. </strong>Is the business <strong>struggling to maintain the level of functionality required, or is it dependent on an old version of Windows to support a business-critical application</strong>? If either of these is the case, first see if there is newer software available to replace the existing application.</p> <p>Typically, that is possible — whether through a cloud-based system or by installing new software on-premises. Of course, when you change a business-critical application, you must import old data and train your staff on the new tool. While transitions can be difficult, the effort should soon pay for itself. If all else fails and the existing application must be run but needs a specific operating system, use virtualization software, such as <a href="" target="_blank">Oracle VirtualBox</a>. That ensures the OS and application are abstracted above a more modern and secure physical operating system.</p> <p><strong>3.</strong> Is the application <strong>holding the business back due to a lack of functionality</strong>, or is it so dependent on a specific OS or hardware configuration that its use<strong> presents a security issue</strong>?</p> <p>Remember that older versions of Windows are generally pretty nonsecure now. Layering on third-party systems to enhance security is both dangerous and expensive. If an application has become a constraint to the business, it must be replaced. Find a replacement and use it, as quickly as possible.</p> <p>Through a reasonably simple approach to software asset management, any organization can rationalize its inventory and create a more solid foundation that supports the business,<strong> while also saving money on licenses and support </strong>and enabling a fully standardized OS strategy.</p> </div> <div> <div class="field-author"><a href="/taxonomy/term/11566" hreflang="en">Clive Longbottom </a></div> </div> Thu, 17 May 2018 17:04:52 +0000 phil.goldstein_6191 41156 at Near-Field Communication Technology Starts to Transform Retail <span>Near-Field Communication Technology Starts to Transform Retail</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Wed, 05/16/2018 - 11:47</span> <div><p>While beacon technology remains popular among retailers, <strong>near-field communication (NFC) </strong>has emerged as another valuable tool for gathering customer insights and transforming the shopping experience.</p> <p>By embedding <strong>shelf tags, packages or products with NFC chips</strong>, retailers enable one- or two-way communication between those items and customers’ NFC-capable smartphones. <a href="" target="_blank">Unlike beacons</a>, which push information to shoppers via Bluetooth, NFC technology allows customers to <strong>decide how and when to interact with a store’s smart packaging or displays</strong>. That’s because customers must hold their phone within just a few centimeters of the chip to activate the transfer, <a href="" target="_blank">TechRadar explains</a>.</p> <p><a href=""><strong>SIGN UP: </strong>Get more news from the <em>BizTech</em> newsletter in your inbox every two weeks!</a></p> <h2>Mobile Payments Adoption Is On the Rise</h2> <p>According to an article on <a href="" target="_blank">Digital Trends</a>, the close proximity required for NFC to function contributes to the technology’s reputation as a secure mobile payment option. Three major platforms — <a href=";searchscope=all&amp;sr=1" target="_blank">Android</a> Pay, <a href="" target="_blank">Apple</a> Pay and <a href="" target="_blank">Samsung</a> Pay — rely on NFC capabilities to facilitate wireless transactions between a user’s phone and a chip reader, and are all accepted <a href="" target="_blank">at a wide variety of stores</a>.</p> <p>With <a href="" target="_blank">more and more retailers accepting digital wallet payments</a>, the technology’s future is bright. “Over the next year or two, it will increasingly become mainstream, certainly with younger, more tech-savvy groups,” predicts Steve King, partner at Emergent Research, in an interview with <a href=""><em>BizTech</em></a>.</p> <p>Already, the value of NFC-enabled payments in the U.S. has<strong> risen from $3.5 billion in 2014 to $118 billion in 2018</strong>, <a href="" target="_blank">Statista reports</a>, noting that the growth likely reflects consumer satisfaction with the speed, convenience and security of proximity payments.</p> <h2>NFC Enhances the Customer Experiences and Drives Sales</h2> <p>Beyond streamlining payments, NFC-enabled technology <strong>creates noninvasive opportunities for retailers to inform and persuade shoppers</strong>. For instance, national supermarket chain Kroger Co. piloted smart shelf tags as a way to display product information, but the technology also enables customers to view personalized prices and activate instant promotions, <a href="" target="_blank">Adweek reports</a>.</p> <p><a href="" target="_blank">Chambers’ Apothecary</a>, a pharmacy and wellness center located in Chambersburg, Pa., likewise i<strong>mplemented NFC-enabled tags to drive customer engagement</strong>. In doing so, the team gained another benefit: <strong>greater visibility into shopping trends</strong>.</p> <p>According to a <a href="" target="_blank">press release</a> from Purple Deck, the company behind Chambers’ NFC solution, retailers can learn a lot by comparing the number of times different tags are read. "This information lets [managers] know which products are attracting the most attention and which products should be moved to a more visible shelf,” Purple Deck CEO James Sulfare said in the statement. “Most importantly, they can now see which products were interacted with in the store but not purchased, and they can adjust their marketing accordingly."</p> <h2>L.L. Bean Embeds NFC into Products to Track How They Are Used </h2> <p>Finding an even more novel use for the technology, L.L. Bean has plans to <a href="" target="_blank">embed blockchain and NFC hardware into certain products</a>, such as coats and boots, to track how often customers use and wash them. The outdoor outfitter will then put that information to work.</p> <p>“If we can see that the customer really is utilizing [a product] in the way we intended, if they’re wearing it in the right climate or on a daily basis, that helps us decide whether it’s still viable in a market,” said Chad Leeder, an innovation specialist at L.L. Bean, in an interview <a href="" target="_blank">with <em>The Wall Street Journal</em>.</a> <strong>“If we see a high return rate, we’ll analyze why.”</strong></p> <p>The <em>WSJ</em> explains how the process works:</p> <blockquote><p>To move information from a coat or boot to L.L. Bean, a customer first must download a mobile app from the retailer. After opening the app, the customer passes his smartphone over his garment to let Loomia’s NFC device in the garment offload its data to the phone, which then transmits it to Ethereum, where L.L. Bean will access it. Customers could also perform a similar process without a smartphone by using an NFC reader connected to a desktop or laptop computer through a USB port. The data would be offloaded to a web application.</p> </blockquote> <p>According to Leeder, the NFC-powered opt-in program will give L.L. Bean access to <strong>quantifiable data that it has never before been able to collect</strong>, offering unprecedented benefits for product development, marketing and even supplier negotiations.</p> </div> <div> <div class="field-author"><a href="/author/meg-conlan" hreflang="en">Meg Conlan-Donnelly</a></div> </div> Wed, 16 May 2018 15:47:00 +0000 phil.goldstein_6191 41151 at How Retailers Can Improve Their PCI DSS Compliance <span>How Retailers Can Improve Their PCI DSS Compliance</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Tue, 05/15/2018 - 08:00</span> <div><p>People typically don’t get into retail to be IT experts, says Kathy Troknya, the president and chief operating officer of <a href="" target="_blank">Learning Express Toys</a>.</p> <p>The company has 115 franchises, each independently owned and operated by entrepreneurs whose hopes and dreams never revolved around protecting shoppers’ payment card data. But now, they find themselves tasked with complying with <a href="" target="_blank">the Payment Card Industry Data Security Standard </a>(PCI DSS) — <strong>not only to avoid fines from financial institutions, but to maintain the trust of their customers</strong>.</p> <p>“Compliance rests solely on their shoulders,” notes Troknya. “It is very challenging for small business owners to navigate through that and understand all of the compliance rules and guidelines. Our owners are everything all wrapped into one. They’re CEOs, they’re buying departments, they’re accounting, they’re human resources. <strong>And then, with PCI compliance, they have to be IT people as well</strong>.”</p> <p>For many retailers, the obstacles to compliance can feel overwhelming — to the point that, until recently, <a href="" target="_blank">fewer than half of organizations were in full compliance with PCI DSS</a>. However, with the right tools, careful planning and knowledge of the requirements, retailers can set themselves up to <strong>not only follow the rules, but to even provide additional security around their customers’ payment data</strong>.</p> <p>“PCI compliance, just like a single security assessment, is a point in time,” says <a href="" target="_blank">Rocco Grillo</a>, executive managing director of the cybersecurity consulting firm Stroz Friedberg. “When there’s a change to the network, a merger or acquisition or even the standard being updated, it’s a whole other story. That causes frustration to companies. Just because you’re compliant this year doesn’t mean you’ll be compliant next year.”</p> <p>“There are awesome technologies out there, but technology alone doesn’t solve it,” Grillo adds. “<strong>One of the big fallacies is the idea that there’s a silver bullet technology. </strong>If you rely on a silver bullet, you’re going to run into a lot of problems.”</p> <p><a href=""><strong>SIGN UP: </strong>Get more news from the <em>BizTech</em> newsletter in your inbox every two weeks!</a></p> <h2>How to Make PCI DSS Compliance Manageable</h2> <p>Among best practices and tools recommended by Grillo are <strong>network segmentation and tokenization</strong>. Network segmentation prevents payment card data from interacting with other IT systems, helping to keep the information isolated and less vulnerable. “If you have to test every system in your organization, it’s almost an insurmountable task,” Grillo says. “When you segment the card data environment, you narrow things down.”</p> <p>Grillo says that tokenization — a practice that uses nonsensitive values to replace credit card data — <strong>“immediately” improves merchants’ security posture</strong>. But, he adds, retailers should be wary of viewing any technology as a complete solution to PCI compliance and payment card data security. “If you look at the standard, it’s not just about making the credit card data unreadable,” he notes. <strong>“You have to think about people, processes </strong><strong>and</strong><strong> technology.”</strong></p> <p>That means <strong>planning not just for routine business, but for unexpected events, as well</strong>. Learning Express Toys works with a third-party vendor that provides <strong>point-to-point encryption</strong> (P2PE). The solution not only encrypts payment data at the time the card is swiped, but it also sets the company’s network — and even its point-of-sale system — outside the scope of PCI compliance. Still, Troknya notes, franchisees sometimes have to manually record card numbers when payment systems are down, and they need to devise PCI-compliant processes for these situations.</p> <p>“Retailers need to make sure they have things in place so that information is secure, or shredded,” she says. “There are instances when [manual recording of payment data] is necessary if your systems are down. It’s about making sure you<strong> don’t make small mistakes that are going to cause problems that could end up hurting you in a big way</strong>.”</p> <p><a href="" target="_blank">WalletGear</a>, an online retailer of men’s wallets and accessories, uses a solution from <a href="" target="_blank">Trustwave</a>, which scans the company’s servers and alerts the organization about any vulnerabilities. But, the retailer also takes steps to <strong>ensure that payment card data is never stored on the company’s servers in the first place</strong>, says WalletGear founder Mike Lindamood. “It is best to outsource your credit card processing to a validated third-party service provider,” he says. “That way, all credit card information stays off of your server. Also, there are e-commerce services that are PCI compliant, and they make all the necessary updates, so you can concentrate on sales.”</p> <p>Especially for smaller and medium-sized retailers, this combination of simplicity and compliance is key. Part of the reason Learning Express Toys went with its current provider, Troknya says, is because it allowed the company to <strong>adopt EMV chip technology without slowing down payment processing </strong>— which would have had a negative impact on customer service.</p> <p>“First and foremost, retailers need to be educated about what their responsibility is,” advises Troknya. “Beyond that, they should work with whoever is providing their credit card processing. I would suggest finding the simplest solution that allows them to operate their business in a way that works for them.”</p> <h2>Retailers Must Think About Security Beyond Compliance</h2> <p>“I know of retailers who were doing everything they knew how to do, and still had a breach,” Troknya warns. “It’s possible to think you’re doing everything correctly, and one little thing could cause a breach. It’s not easy for a company that doesn’t have millions of dollars to invest.”</p> <p><strong>“Compliance doesn’t give you immunity from being compromised,” </strong>says Grillo. He warns that, if a breach occurs when a retailer works with third parties, the merchant is still responsible for the data loss.</p> <p>Grillo says he’s encouraged to see that retailers are increasingly <strong>adopting robust incident response plans to help them recover if hackers are able to breach their systems</strong>. “We advise until we’re blue in the face, to go beyond compliance and strive for security,” he says. “Do your due diligence. Compliance has to be the bare minimum. All too often, companies are in the mindset of, you make it past this year, and go to the next year. The more mature companies don’t make this an annual initiative. It’s a 12-month process. You continue the journey.”</p> <h2>Retailers Set the Stage for Customer Data Security</h2> <p>Payment card security issues can arise — and be quashed — anytime between when data is collected to the moment a security breach is spotted. Here’s a look at ways retailers have tended to make their customers’ data more, or less, secure.</p> <table border="1" cellpadding="10" cellspacing="0" style="border: 1px solid #888888; border-collapse: collapse;" width="100%"><tbody><tr><td align="center" bgcolor="#c70d00" valign="center"><span style="color: #ffffff; font-weight: bold;">Less Secure </span></td> <td align="center" bgcolor="#c70d00" valign="center"><span style="color: #ffffff; font-weight: bold;">More Secure </span></td> </tr><tr><td valign="center" width="50%"> <p> </p> <p> </p> <p> Data is stored, processed or transmitted to, from and within various networked system environments.</p> <p> </p> </td> <td valign="center" width="50%"> <p> </p> <p> Data is protected through tokenization or strong encryption.</p> <p> </p> </td> </tr><tr><td valign="center" width="50%"> <p> </p> <p> Data environments allow ingress and egress.</p> <p> </p> </td> <td valign="center" width="50%"> <p> </p> <p> Authentication controls and isolation of environments and system components prevent compromise.</p> <p> </p> </td> </tr><tr><td valign="center" width="50%"> <p> </p> <p> Security controls are implemented, but are not monitored and maintained.</p> <p> </p> </td> <td valign="center" width="50%"> <p> </p> <p> The performance of all controls is evaluated frequently, including through a comprehensive evaluation of the control environment.</p> <p> </p> </td> </tr><tr><td valign="center" width="50%"> <p> </p> <p> Inherent or residual weaknesses in controls expose system components that allow access to payment data.</p> <p> </p> </td> <td valign="center" width="50%"> <p> </p> <p> The resilience of the control environment is increased to allow it to “bounce back” from unexpected changes.</p> <p> </p> </td> </tr></tbody></table></div> <div> <div class="field-author"><a href="/author/calvin-hennick" hreflang="en">Calvin Hennick</a></div> </div> Tue, 15 May 2018 12:00:00 +0000 phil.goldstein_6191 41116 at