BizTech Magazine - Technology Solutions That Drive Business en How to Accelerate Digital Transformation <span>How to Accelerate Digital Transformation</span> <div><p>Most organizational leaders acknowledge the importance of digital transformation to their future effectiveness and competitiveness. But many organizations are still in the earliest stages of their digital transformation efforts, and some leaders struggle to even define the term itself.</p> <p>In practice, it’s typically most helpful for decision-makers to define digital transformation in terms of their own organization’s business goals. By identifying opportunities to create value for customers and employees through investments in new technologies and processes, organizations can demystify the concept and achieve concrete benefits.</p> <p>Often, it makes sense to pursue low-risk, high-reward successes to demonstrate the value of digital transformation to skeptical stakeholders before attempting to implement an organizationwide strategy. While business goals should be at the center of any digital transformation effort, these initiatives will inevitably require new IT investments, potentially including solutions such as Internet of Things (IoT) sensors and gateways, data analytics, automation and increased mobility. A third-party partner can help organizations to deploy, integrate and manage these new technologies — and provide an objective, external eye to make sure they don’t slide back into business as usual.</p> <p>To learn more download our white paper "How to Accelerate Digital Transformation."</p> </div> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Mon, 11/12/2018 - 11:28</span> <div> <div>Document File</div> <div><span class="file file--mime-application-pdf file--application-pdf"><a href="" type="application/pdf; length=214693">accelerate-digital-transformation.pdf</a></span> </div> </div> Mon, 12 Nov 2018 16:28:42 +0000 juliet.vanwagenen_22746 42671 at 7 Ways to Ensure Safety and Privacy for Nonprofit Donors <span>7 Ways to Ensure Safety and Privacy for Nonprofit Donors </span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Fri, 11/09/2018 - 14:08</span> <div><p>For years, important nonprofit donors would make decisions on where to put their money based on how much money went to programs. If one nonprofit spent 15 percent on overhead and a competing agency spent 12 percent, then the prevailing by-the-numbers mentality dictated that the donors would go with the nonprofit that spent <strong>12 percent</strong>.</p> <p>In the nonprofit world, they call this the “<a href="" target="_blank">overhead myth</a>.” </p> <p>Karl Hedstrom, IT director for <a href="" target="_blank">NTEN</a>, a Portland, Ore., organization that works with nonprofits to improve their technology, says times are changing, as more large donors recognize that spending money on technology to make the nonprofit more efficient and secure makes good business sense.</p> <p>“I think people are beginning to recognize that small overhead will make the nonprofit less efficient than if they <strong>spent some money on technology to help with the organization’s marketing and communications</strong>, as well as to improve security,” Hedstrom says.</p> <p>Rick Cohen, COO at the <a href="" target="_blank">National Council of Nonprofits</a> in Washington, D.C., adds that the process can be so bottom-line driven that nonprofits don’t always have an opportunity to tell donors about their recent technology improvements. He recommends that nonprofits spell out these investments in their annual reports.</p> <p>While Hedstrom and Cohen point out that there’s a lot of attention paid to the bottom-line approach, the <a href="" target="_blank">2018 Global Trends in Giving Report</a> found that <strong>donors are becoming more concerned about security and privacy</strong>.</p> <p>According to the report, <strong>83 percent </strong>of North American donors do not want the nonprofit to share their contact information with other organizations. And, <strong>93 percent</strong> say they want nonprofits to make a concerted effort to protect their contact and financial information from data breaches.</p> <p>So, it’s time for nonprofits to focus and get more serious about privacy and security. Here are some tips based on interviews with Hedstrom and Cohen:</p> <p><a href="" target="_blank"><em><strong>MORE FROM BIZTECH: </strong>These steps can help keep nonprofit online donations safer!</em></a></p> <h2 id="toc_0">1. Restrict Access to Data</h2> <p>Cohen says <strong>not everyone in the organization needs access to important donor information</strong>. He says that quite often, only the executive director or person in charge of fund-raising will have access to donor information. </p> <p>Hedstrom adds that NTEN’s customer service staff are not allowed to share donor information with the public, and nobody on the staff can access donor credit card information.</p> <h2 id="toc_1">2. Use Password Managers and Multifactor Authentication</h2> <p>Hedstrom believes that only password managers can consistently update unique passwords efficiently. Cohen says while many nonprofits cannot afford multifactor authentication, <strong>if it’s at all possible they should consider it.</strong></p> <h2 id="toc_2">3. Make Sure Third-Party Processors Conform to Best Practices</h2> <p>Cohen says whether the organization uses PayPal or Network for Good for its payment processing, ask them about compliance with the <a href="" target="_blank">Payment Card Industry Data Security Standard</a> and what they’ve done to meet best practices. Hedstrom says as part of NTEN going through its PCI checklist, the organization decided to make PCI DSS compliance easier by no longer taking credit card payments over the phone. </p> <h2 id="toc_3">4. Practice a Defense-in-Depth Strategy</h2> <p>Hedstrom says NTEN adheres to all security best practices, such as <strong>deploying anti-virus, anti-malware, firewalls and intrusion prevention systems</strong>. And when NTEN employees travel, they use a VPN to connect to the corporate network instead of using Starbuck’s or the airport’s Wi-Fi network. </p> <h2 id="toc_4">5. Deploy SSL Certificates</h2> <p>Cohen says nonprofits must be sure that their website has SSL certificates, and when users log on to the site they are logging in to a secure (https://) connection. He says sites should offer a secure connection for every page on the website, not just the home page, but certainly any page where information is collected, whether it’s for a newsletter sign-up or for donations. </p> <h2 id="toc_5">6. Adjust to GDPR Regulations</h2> <p>As part of <a href="" target="_blank">General Data Protection Regulation</a><a href=""> compliance</a>, NTEN has made its opt-in process more transparent. In addition, NTEN’s database vendor now <strong>makes data available to donors upon request</strong>. And when website visitors accept the organization’s cookie policy, NTEN clearly spells out which cookies they use.</p> <h2 id="toc_6">7. Check Out New GDPR Tools</h2> <p>There are a number of software tools nonprofits can choose from today to comply with GDPR. For example, <a href=";ctlgfilter=&amp;searchscope=all&amp;sr=1&amp;ln=0&amp;b=SF2" target="_blank">Salesforce</a> has a product geared toward nonprofits and universities that gives organizations 360-degree visibility into their constituents. </p> <p><a href="" target="_blank">Varonis GDPR Patterns</a> lets organizations run classification patterns that look for European Union citizen data. Organizations can<strong> detect and respond to security events </strong>based on the Varonis GDPR Risk Assessment. </p> <p><a href=";searchscope=all&amp;sr=1" target="_blank">Snow Software</a> also has a GDPR Risk Assessment tool that offers complete visibility into all devices, users and applications across on-premises, cloud and mobile platforms. It helps organizations <strong>build a GDPR plan and offers visibility into how many devices are in use across the enterprise</strong>, where the devices are and who has access to them, what applications are installed on each device and if those applications contain personal data. </p> <p>The <a href=";searchscope=all&amp;sr=1" target="_blank">Symantec Control Compliance Suite</a> includes a GDPR Readiness Assessment as well as compliance automation. This helps nonprofits<strong> implement a cost-effective, holistic approach to GDPR compliance</strong> that includes compliance automation, monitoring and data tracking.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"></a><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="" /></a></p> </div> <div> <div class="field-author"><a href="/author/biztech-staff" hreflang="en">BizTech Staff</a></div> </div> Fri, 09 Nov 2018 19:08:42 +0000 phil.goldstein_6191 42651 at Review: HP EliteDesk Mini PC Is a Big Force in a Small Package <span>Review: HP EliteDesk Mini PC Is a Big Force in a Small Package</span> <span><span lang="" about="/user/9856" typeof="schema:Person" property="schema:name" datatype="">eli.zimmerman_9856</span></span> <span>Fri, 11/09/2018 - 10:42</span> <div><p>The <a href="" target="_blank">HP</a> <a href="" target="_blank">EliteDesk 800 G4 Desktop Mini Business PC</a> carries a lot of power in a small package. The version I tested measures about 7 inches by 7 inches and is 1.35 inches thick, but has as much expandability as many larger systems, with seven USB ports, Gigabit Ethernet and two DisplayPort 1.2 monitor ports.</p> <p>The Mini also includes a slot to add a USB Type-C display, a Thunderbolt cable, fiber network card and more. There are also two internal NVMe M.2 slots for storage and one for WLAN, as well as room for a 2.5-inch SATA solid-state drive. The PC can be mounted on the back of a monitor or in a vertical stand.</p> <p>The system I tested came with an Intel Core<strong> i5/8500 processor, 8 gigabytes of RAM and a 256GB NVMe SSD</strong>, but it can be equipped with a Core i7 CPU, up to 32GB of RAM and two NVMe M.2 SSDs (or a SATA SSD at lower cost), as well as a discrete video card, which means it can handle content creation for high-resolution graphics, virtual reality or other high-performance tasks. Configuration was very straightforward, with HP-specific update apps and enhanced security capabilities, as well.</p> <p>The system was responsive and snappy, with the pre­installed <a href=";ctlgfilter=&amp;searchscope=all&amp;sr=1" target="_blank">Microsoft Office</a> apps and other test applications working well at the 4k resolution of the DisplayPort monitor. The NVMe SSD provided very <strong>quick data transfers and low latency</strong>, with updates and reboots happening very quickly. </p> <p><a href="" target="_blank"><em><strong>MORE FROM BIZTECH:</strong> Find out whether your business would benefit most from thick, thin or zero clients!</em></a></p> <h2 id="toc_0">EliteDesk 800 Offers Plenty of Security</h2> <p>Along with the EliteDesk 800 and <a href=";searchscope=all&amp;sr=1" target="_blank">Windows</a>, HP offers a set of security tools that go well beyond the basics, including HP Sure Click, HP Sure Start Gen4, HP Sure Run, HP Sure Recover, HP BIOSphere Gen4, Intel Identity Protection Technology, and multifactor authentication features. These include an optional fingerprint reader or webcam, both Windows Hello certified.</p> <p>Taken together, the apps provide <strong>an excellent suite of security tools to update</strong>, protect and recover the operating system, preinstalled apps and user data in the event of hardware failure, user error or malware. </p> <p><img alt="Q0418-BT_PR-Harbaugh-HP-EliteDesk-Mini-PC_product.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></p> <p>The suite protects applications from malware and other types of security problems, offers <strong>several options for multifactor security and biometrics</strong>, and can manage passwords across all the sites a user might visit — ensuring that, even if an external service provider or other type of website is compromised, only that site’s credentials will be exposed, since the system helps the user ensure that no two sites have the same password.</p> <p>The system provides a lot of performance, and in a quiet office environment, the nearly noiseless operation will be appreciated. It can handle all the usual office tasks and then some.</p> <h3 id="toc_0">HP EliteDesk 800 G4 Specifications</h3> <p><strong>Models</strong>: Mini, SFF, Tower, All-in-one<br /><strong>Dimensions</strong>: 6.97x1.35x6.88 inches<br /><strong>Processor</strong>: Intel Core i5 8500<br /><strong>Memory</strong>: 8GB as tested<br /><strong>Hard Drive</strong>: 250GB NVMe SSD<br /><strong>Weight</strong>: 2.13 pounds<br /><strong>Graphics</strong>: UHD Graphics 630</p> </div> <div> <div class="field-author"><a href="/author/logan-g-harbaugh" hreflang="en">Logan G. Harbaugh</a></div> </div> Fri, 09 Nov 2018 15:42:43 +0000 eli.zimmerman_9856 42646 at How Will 5G Impact Traditional Data Centers? <span>How Will 5G Impact Traditional Data Centers?</span> <span><span lang="" about="/user/87276" typeof="schema:Person" property="schema:name" datatype="">Bob.Keaveney_u64t</span></span> <span>Thu, 11/08/2018 - 17:15</span> <div><p>The hype about 5G, the next generation of wireless networking, continues to accelerate, with an endless flow of announcements from carriers, communication service providers, equipment manufacturers and standards bodies. There’s no question 5G holds tremendous promise, delivering major advances in data transfer speeds, latency, connectivity, capacity, reliability and mobility.</p> <p>Beyond that, questions abound.</p> <p><strong>For instance, when will carriers be able to offer organizations 5G capabilities, coverage and services that 4G LTE can’t deliver?</strong> To prepare for 5G, they’ve been furiously working to shift to software-defined infrastructure, and they consider B2B markets critical to recouping these investments and creating new revenue streams. On the buy side, when will use cases be sufficiently compelling to convince businesses to upgrade to 5G, particularly when they’re still getting good traction with 4G LTE?</p> <p>In its 2017 “<a href="">Industry Impact of 5G</a>” survey, Ericsson asked C-suite executives to list key barriers to 5G adoption. <strong>Sixty-two percent said it was too soon to know 5G’s real benefits. Other noteworthy hurdles included the lack of standards (cited by 76 percent) and use cases (47 percent).</strong></p> <p>At this point, there are a lot of “ifs” with 5G, says Mike Fratto, senior analyst at 451 Research. “Carriers are just now starting to run trials, while providers have deployed some 5G radio frequency equipment, based on cell locations,” he says. <strong>“</strong><strong>But carriers are still trying figure out how to run a 5G wireless network.” </strong></p> <p>In June 2018, the 3rd Generation Partnership Project, or 3GPP, approved the first standard specs for standalone 5G NR, on the heels of 2017’s nonstandalone standard release. Initially, 5G will lean on 4G LTE, which IT staff has used effectively to gain some of the functionality that 5G is designed to deliver.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="Digital%20Transformation_IR_1.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> <h2>5G Use Cases on the Horizon</h2> <p>“There’s no doubt that much of the 5G activity has been focused on investments from service providers and equipment manufacturers,” says Nick Lippis, co-founder and co-chairman of the Open Networking User Group. <strong>“</strong><strong>However, more IT leaders are starting to make plans for 5G, which include determining its impact on their data center architecture,</strong> procurement strategies and the solutions they’ll roll out.”</p> <p>Industry observers expect 5G’s speed, capacity and latency attributes, and services such as network slicing — which allots users a virtual piece of the network with personalized properties — to eventually play big in Internet of Things communications, artificial intelligence services and advanced analytics.</p> <p>“The first thing IT sees is the ability to accelerate the elimination of a lot of server, storage and network hardware from their data centers,” says Lippis.</p> <p>The combination provides a flexible path to Infrastructure as a Service, while freeing IT departments from the resource-intensive job of managing hardware-centric infrastructure. Instead, Lippis says, IT ops teams can focus on work that impacts business outcomes, from integrating solutions, strengthening security and creating new business models to automation and orchestration projects.</p> <p>Already substantial, the number of organizations using cloud-native services and cloud-enabling technologies continues to grow. Public, private and hybrid cloud models and the wealth of cloud services give IT teams the flexibility to run applications and workloads where they make the most sense<strong>. 5G’s contribution, meanwhile, is to eliminate the latency issues that plague WANs, speeding wireless connectivity to cloud-based assets,</strong> as well as data transfer and download rates.</p> <h2>IT Spending Is Shifting to the Cloud</h2> <p>According to a 2018 Gartner report, <a href="">28 percent of investments in four key enterprise IT segments</a> — system infrastructure, infrastructure software, applications software and business process outsourcing — will shift to the cloud by the end of 2022.</p> <p>Not surprisingly, application software will continue to make up the biggest chunk of cloud shift through 2022, but system infrastructure will be the most rapid cloud-shift segment over the forecast period, jumping from 11 percent in 2018 to 22 percent in 2022.</p> <p>Earlier investments in data center hardware, server operating system software and virtualization can impede more immediate moves, but as contracts come up for renewal, more IT ops teams will make the leap to the cloud. Gartner estimates that, <a href=""><strong>by the end of 2020, IaaS investments will account for 39 percent of total data center system spending</strong></a><strong>. </strong></p> <h2>5G Will Compel Data Management Strategies</h2> <p>Given 5G’s potential role in fueling IoT, AI and advanced analytics initiatives, organizations that upgrade will also need an upgraded data management strategy. Businesses will need to be able to pull actionable, on-the-fly insights from the voluminous data they’ll generate, not only to justify investments, but to advance business objectives.</p> <p><strong>As early as the end of 2019, the IoT will be cranking out upwards of 500 zettabytes of data annually. </strong>To conduct real-time analysis, organizations need to reverse the analytics workflow and take compute and analysis to the data rather than waiting for it to come home. </p> <p>Enter edge computing, a key element of a distributed data center architecture that exploits 5G bandwidth and new service stations located between on-premises and cloud computing resources. In this model, endpoints or nodes sit at the very edge of the network, collecting data transmitted from local IoT devices and sensors. They then process or analyze it on the spot, save it and push it up to the data center.</p> <p>Organizations can also purchase edge computing as a cloud service. Consider, says Fratto, an oil and gas company that has IoT sensors on all its rigs. They’ll typically send their data to the cloud for processing rather than to their own data centers.</p> <p><strong>Edge endpoints range from highly intelligent devices to nodes that wake up only when called upon to perform simple tasks.</strong> Taking a page from branch models, which today typically rely on a whitebox server or similar device for computing needs, providers are working to consolidate functions for edge computing. For example, says Fratto, they might consolidate software-defined WAN, firewall services, Active Directory and Private Branch Exchange functions on a single appliance, or run two appliances in high-availability mode.</p> <p>By 2022, according to a 2018 IDC report, <a href=""><strong>more than 40 percent of cloud deployments will leverage edge computing</strong></a>. Analysts say AI services will be among the earliest functions distributed across cloud and edge platforms, with 25 percent of endpoints that go live by the end of 2022 running AI algorithms.</p> </div> <div> <div class="field-author"><a href="/author/kym-gilhooly" hreflang="en">Kym Gilhooly</a></div> </div> Thu, 08 Nov 2018 22:15:23 +0000 Bob.Keaveney_u64t 42636 at Sports Face Off Against Cybersecurity Threats <span>Sports Face Off Against Cybersecurity Threats</span> <span><span lang="" about="/user/81" typeof="schema:Person" property="schema:name" datatype="">matt.mclaughlin</span></span> <span>Thu, 11/08/2018 - 14:48</span> <div><p>Defense is a critical part of many sports, but it’s also becoming essential for sports organizations that need to <strong>protect their data and systems</strong> from a variety of cyberthreats.</p> <p>Cybersecurity is a crucial consideration for nearly every business and organization. In recent years, teams and leagues — even individual athletes — have become affected by this development. The motives behind cyberattacks on sports organizations vary widely, ranging from industrial espionage and sabotage to simple identity theft. Teams and sports leaders recognize that they are increasingly targeted by these threats, and they are taking steps to <strong>beef up their defenses and protect themselves</strong>.</p> <p><a href="" target="_blank"><em><strong>VIDEO: </strong>Discover the value of taking a holistic approach to security! </em></a></p> <h2 id="toc_0">Cyberattacks on Sports Organizations Come from All Angles</h2> <p>One of the most <strong>high-profile cyberattacks</strong> in sports occurred in 2013, when employees of the St. Louis Cardinals infiltrated the computer network of the Houston Astros. Using the credentials of a former Cardinals general manager who had moved to the Astros, the employees were able to steal proprietary information, including Astros player data and statistics, according to a <a href="" target="_blank">2017 report from Tufts University</a>.</p> <p>Political motivations appear to have been behind a 2014 attack on the World Anti-Doping Agency (WADA). The Russian government-sponsored hacker group known as <a href="" target="_blank">Fancy Bear</a> (which also has been accused of attacks on U.S. election security in 2016) reportedly stole and released the private medical information of 41 Olympic athletes. The attack was retaliation against investigations into the use of performance-enhancing drugs by Russian athletes, which resulted in some athletes being barred from the 2016 Olympic Games. The hackers gained access to WADA systems after a successful <strong>spearphishing attack.</strong></p> <p>The Milwaukee Bucks were also victims of a <a href="" target="_blank">phishing attack</a> in 2016, when a team employee sent personal tax information for team staff and players to attackers who reportedly spoofed the email address of Bucks President Peter Feigin.</p> <h2 id="toc_1">Organizations Work Together to Address Cyberthreats</h2> <p>The significant number of cybersecurity incidents has increased the <a href="" target="_blank">visibility of cybersecurity among sports organizations</a>. In 2016, security professionals established an <strong>information sharing and analysis organization</strong> based in Colorado Springs, Colo., to address the issue. This sports ISAO monitors and reports on attacks aimed at sports organizations and sports-related data.</p> <p>The organization supported the U.S. Olympic Committee at the 2016 Summer Olympics in Rio de Janeiro. It integrates cyberthreat intelligence information provided by the Department of Homeland Security and other sources and provides this data to sports organizations at the professional, college and high school levels.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="CTA%20cyber.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> <h2 id="toc_2">How Sports Organizations Can Protect Themselves</h2> <p>As organizations in other industries do, sports teams and leagues should take steps to protect themselves against cyberattacks.</p> <p>In a <a href="" target="_blank">2017 column</a> in SportsBusiness Journal, Christopher LaVigne and Jeewon Kim Serrato of the law firm Shearman &amp; Sterling recommended that sports organizations develop an <strong>incident response plan</strong> to quickly and effectively deal with breaches. “The best offense is a strong defense, and effective incident response plans are critical in helping the organization calmly navigate its reaction to a cybersecurity breach,” they wrote.</p> <p>The 2017 Tufts report recommended steps that sports organizations can take to improve their security posture. These include:</p> <ul><li>Routine <strong>security audits</strong></li> <li><strong>Encryption</strong> of all data transmitted over a wirelesses connection</li> <li><strong>Robust authentication</strong> to authorize the use of data</li> <li><strong>Security training</strong> for coaches, athletes and staff</li> </ul></div> <div> <div class="field-author"><a href="/author/matt-mclaughlin" hreflang="en">Matt McLaughlin</a></div> </div> Thu, 08 Nov 2018 19:48:15 +0000 matt.mclaughlin 42641 at Why Retailers Must Prioritize Cybersecurity in the Mobile Era <span>Why Retailers Must Prioritize Cybersecurity in the Mobile Era</span> <span><span lang="" about="/user/26806" typeof="schema:Person" property="schema:name" datatype="">daniel.bowman_26806</span></span> <span>Thu, 11/08/2018 - 10:23</span> <div><p>By 2025, <strong>60 percent of U.S. consumers believe that the average shopper will carry a phone but no physical wallet</strong>, according to <a href="" target="_blank">data</a> published by consumer financial services company Synchrony. What’s more, 67 percent of respondents to the Synchrony Retailer Survey said that they’ve downloaded a retailer’s application, findings that are indicative of a culture dominated by use of mobile devices, particularly smartphones.</p> <p>At the same time, a <a href="" target="_blank">report</a> published by ThreatMetrix finds that one-third of all fraud now targets mobile channels. In the first half of 2018 alone, <strong>mobile attack rates increased 24 percent</strong> compared with 2017, according to the report.</p> <p>“Mobile is quickly becoming the <strong>predominant way people access online goods and services</strong>, and as a result, organizations need to anticipate that the barrage of mobile attacks will only increase,” noted <a href=";ctlgfilter=&amp;searchscope=all&amp;sr=1" target="_blank">LexisNexis</a> Risk Solutions Chief Identity Officer Alisdair Faulkner.</p> <p><em><a href="" target="_blank"><strong>MORE FROM BIZTECH:</strong> Discover four ways to defend against POS malware!</a></em></p> <h2>Retailers Face Distinctive Challenges for Mobile Security</h2> <p>Increasingly, retailers must focus on how to keep their mobile customers safe from growing cyberthreats. According to the <a href="" target="_blank">Verizon Mobile Security Index 2018 Report</a>, <strong>82 percent </strong>of retail and hospitality professionals surveyed said mobile devices are a risk, with <strong>22 percent</strong> of respondents calling that risk significant, in large part due to the temporary nature of many in the workforce.</p> <p>“Retail and hospitality <strong>companies face distinctive challenges when it comes to mobile security</strong>,” the report states. “Many of them have large numbers of employees, often employed on part-time or seasonal contracts. These employees may not take security precautions as seriously as full-time or permanent employees.”</p> <p>Still, the report also finds that nearly <strong>90 percent of enterprises</strong> surveyed have only one of four basic mobile security measures (changing all default passwords; encrypting data sent over public networks; restricting access on a need-to-know basis, regularly testing security systems) in place; conversely, <strong>only 1 in 7 companies</strong> had all four practices in place.</p> <h2>Mobile Payment Providers Are Taking Appropriate Measures</h2> <p>For their part, mobile payment providers have ensured that their services are just as secure as other forms of payment, CDW’s Scott Schulman <a href="" target="_blank">writes</a> in a blog post. Their <strong>solutions use tokenization</strong> — a process that involves replacing one sensitive data element with a nonsensitive element, or token — to replace credit card numbers. What’s more, he writes, “none of the major mobile payment options work unless a device’s screen-locking capability is enabled and the device is unlocked when the payment occurs, or unless the user’s identity is confirmed through biometric authentication, making it difficult for a thief to pay for purchases with someone else’s phone.”</p> <p>However retailers still must shoulder some of the security load by <strong>reviewing their susceptibility to data breaches</strong> and taking steps to ensure that the solutions they deploy are secure, <a href="" target="_blank">writes</a> Susannah Magers of employee communication app developer Beekeeper in a blog post on</p> <p>Additionally, “retail workforces need to be familiar with <strong>navigating mobile technology</strong> to be adept at handling mobile payments,” she notes.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="" /></a></p> </div> <div> <div class="field-author"><a href="/author/dan-bowman" hreflang="en">Dan Bowman</a></div> </div> Thu, 08 Nov 2018 15:23:05 +0000 daniel.bowman_26806 42631 at Software-Defined Storage: The Next Step for Data Center Digital Transformation <span>Software-Defined Storage: The Next Step for Data Center Digital Transformation</span> <span><span lang="" about="/user/87276" typeof="schema:Person" property="schema:name" datatype="">Bob.Keaveney_u64t</span></span> <span>Wed, 11/07/2018 - 13:42</span> <div><p>Digital transformation is taking businesses by storm. And as these businesses begin to adopt beneficial, new technologies like the Internet of Things, artificial intelligence, mobility and more, underlying IT will need to undergo a revolution of its own to support these new operations.</p> <p>A number of companies find cloud-based and software-defined options can offer the scalability and flexibility necessary to support new customer-facing and operational solutions.</p> <p>Still, businesses aren’t blind to this need, with 66 percent of organizations reporting in “<a href="">The Digital Transformation Insight Report</a>” by CDW they have made “process, operational and/or technology changes on their own to support digital transformation.”</p> <p>The question then becomes where to start when approaching these changes to the data center. And while it may not seem like the shiniest tech on the block, software-defined storage solutions have a lot to offer businesses seeking to prioritize digital transformation.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"></a><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="Digital%20Transformation_IR_1.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> <h2 id="toc_0">What is Software-Defined Storage?</h2> <p>Let’s start with the basics: What is SDS?</p> <p>“SDS solutions collect storage elements into a pool of resources that can be managed centrally and controlled via automation, allowing IT teams to use their storage capacity more strategically,” a <a href="">CDW trend article notes</a>.</p> <p>Already, SDS is taking hold at organizations across the country. “The Digital Transformation Insight Report” shows that 18 percent of organizations currently deployed SDS at an enterprise-wide level, while 22 percent rolled out SDS in business units. The report also states 17 percent of organizations are piloting the tech and 20 percent of organizations are actively researching adoption.</p> <p>“Cloud-based platforms and storage solutions, such as SDS, IaaS and SDN, have become go-to technologies as organizations look for cost-effective ways to store data, scale quickly and achieve greater agility,” CDW’s report notes.</p> <h2 id="toc_0">The Benefits of Adopting SDS for Digital Transformation</h2> <p>What’s the advantage to SDS? Essentially, it lays the groundwork for organizations to deploy new cloud resources that go on to protect future operations and solutions.</p> <p>“For enterprises, SDS is really an on-ramp to deploying a hybrid cloud — one that allows a metered on-demand consumption of private and public cloud resources,” according to a <a href="">recent white paper from IDC and IBM</a>. “Deploying SDS therefore is not a question of ‘if’ but a question of ‘when.’”</p> <p>There are still gains to be made in SDS offerings, particularly when it comes to educating businesses on cost savings, ease of management, vendor support and application support available for SDS, the IDC report points out. But SDS can offer businesses several benefits, the report notes, including:</p> <p><strong>Flexible delivery models:</strong> “From the compute layer to disk storage mechanisms and from local open object interfaces to cloud-based interfaces, buyers need to have a wide range of options for data storage,” according to the report. While users will begin by migrating noncritical workloads to SDS platforms, once they build trust in it, mission-critical workloads will soon follow.</p> <p><strong>Service-based infrastructure:</strong> As businesses seek to provision resources from both local and remote locations, SDS will allow them to do this while maintaining a “seamless presentation layer.”</p> <p>Essentially, by turning to SDS, organizations can break out of the mold that kept their infrastructures and workloads siloed for so long.</p> <p>“By adopting newer software platform models that break the traditional barriers between what are considered the compute, storage, and network components of the infrastructure, they will be better positioned to support their business' digital transformation,” the IDC report concludes.</p> <p><em>This article is part of </em>BizTech<em>'s <a href="">AgilITy blog series</a>. Please join the discussion on Twitter <em>by</em></em><em> using the <a href=";src=typd">#SmallBizIT </a>hashtag</em>.</p> <p><a data-entity-type="" data-entity-uuid="" href=""><img alt="Agility_Logo_sized.jpg" data-entity-type="" data-entity-uuid="" src="" /></a></p> </div> <div> <div class="field-author"><a href="/taxonomy/term/11306" hreflang="en">Larry Burt </a></div> </div> Wed, 07 Nov 2018 18:42:23 +0000 Bob.Keaveney_u64t 42626 at How to Get Management Buy-In on Tech Upgrades <span>How to Get Management Buy-In on Tech Upgrades</span> <span><span lang="" about="/user/22746" typeof="schema:Person" property="schema:name" datatype="" content="juliet.vanwagenen_22746">juliet.vanwage…</span></span> <span>Tue, 11/06/2018 - 11:20</span> <div><p>We’re living in heady days when it comes to business investment in IT. Corporate leaders understand better than ever that having the right technology in place is essential to achieving their business objectives, and that the need for technology upgrades, especially around security and digital transformation projects, has never been greater.</p> <p>That’s why IT spending will hit<strong> $3.7 trillion</strong> worldwide this year, an increase of <strong>6.2 percent</strong>, and will keep growing next year, according to Gartner. In fact, “<a href="" target="_blank">The Digital Transformation Insight Report</a>” by CDW found that <strong>86 percent </strong>of organizations have initiated or piloted technology changes to support digital transformations.</p> <p>Yet surveys of IT leaders continue to indicate that they’d be doing even more were it not for budget limitations. In a <a href="" target="_blank">recent survey by Tech Pro Research</a>, for example, <strong>54 percent</strong> of IT leaders identified budget constraints to be a top digital transformation ­challenge, while 47 ­percent also cited ­difficulties in getting management buy-in for projects.</p> <p><a href="" target="_blank"><em><strong>VIDEO: </strong>See how businesses are meeting changing user demands!</em></a></p> <h2 id="toc_0">Prepare for Common IT Questions in Advance</h2> <p>Most IT leaders know that making their case in business (rather than technical) terms gives them the best chance of ­getting their projects approved. But how can they get there?</p> <p>When proposing a new project, the IT leader will likely face most or all of the following questions, so <strong>have answers for them in advance</strong>:</p> <ul><li>Will the project help the company make more money? How?</li> <li>Will it help the company spend less money — at least over time?</li> <li>Will it help the business improve the customer experience? In what way?</li> <li>Will it change the way the business’s employees work?</li> <li>How will the upgrade help the company reduce or manage risk?</li> </ul><p>Once the opportunity is clear, it’s important to map it back to the company’s objectives. A business that’s satisfied with its work environment, for example, may not be ready for an <a href="" target="_blank">ambitious digital workspace solution</a>. But if the need is to upgrade customer experiences and mine more and better data about those customers, now might be the time to make the case for <a href="" target="_blank">software-defined networking</a>.</p> </div> <div> <div class="field-author"><a href="/author/mike-grisamore" hreflang="en">Mike Grisamore</a></div> </div> Tue, 06 Nov 2018 16:20:24 +0000 juliet.vanwagenen_22746 42621 at 5 Tips to Help Nonprofits Stay GDPR-Compliant <span>5 Tips to Help Nonprofits Stay GDPR-Compliant</span> <span><span lang="" about="/user/26341" typeof="schema:Person" property="schema:name" datatype="">amy.burroughs_26341</span></span> <span>Tue, 11/06/2018 - 08:22</span> <div><p>Nonprofits in the United States may think that because the vast majority of their donors are in the U.S., the <a href="" target="_blank">General Data Protection Regulation</a> that went into effect in May doesn’t apply to them. The GDPR is a European Union law, but it <strong>does have ramifications for organizations here</strong>.</p> <p>Tal Frankfurt, founder and CEO of <a href="" target="_blank">Cloud for Good</a>, says that even though U.S. nonprofits may not have any donors from the EU, it’s possible that <strong>EU citizens may have done some research on their website</strong> or signed up for an e-newsletter.</p> <p>“It doesn’t have to be donor information,” Frankfurt says. “If a U.S. nonprofit stores any information about an EU resident, that EU resident has rights under GDPR.” </p> <p>Karl Hedstrom, IT director at the <a href="" target="_blank">Nonprofit Technology Enterprise Network</a>, an organization that works with nonprofits to improve their technology, says that as GDPR is deployed across the world, <strong>donors will grow to expect that U.S.-based nonprofits will comply</strong>. “Nonprofits will want to stay in the good graces of the donors,” he says.</p> <p>Based on interviews with Frankfurt and Hedstrom, here are five GDPR tips for nonprofits.</p> <p><em><strong><a href="" target="_blank">MORE FROM BIZTECH: </a></strong><a href="" target="_blank">Find out how nonprofits can keep online donations safe!</a></em></p> <h2 id="toc_0">1. Create Awareness of GDPR Among Your Nonprofit Staff</h2> <p>Get started, Frankfurt recommends, by <a href="" target="_blank">bringing staff together to explain the basics of GDPR</a>. Leaders should explain how the organization’s security and privacy policies need to change and make sure people leave the meeting understanding that they are responsible for protecting the client’s data.</p> <h2 id="toc_1">2. Review Privacy Policies That May Affect Nonprofit Donors</h2> <p>Take a look at how the organization explains its privacy policies on its website and e-newsletter. The organization should develop a clear opt-in policy and use clear language about the cookies it collects when users visit the website or apply to receive the e-newsletter. Many of <a href="" target="_blank">the recent cookie notices that users may have seen</a> as they browse websites are a response to comply with GDPR. </p> <h2 id="toc_2">3. Decide How the Nonprofit Will Anonymize Data</h2> <p>Under GDPR, clients have what’s known as “the right to be forgotten,” which means that if a client asks for anonymity, <a href="" target="_blank">the organization must delete or “anonymize” the data</a>. NTEN’s Hedstrom says many organizations will choose to anonymize data, which in most cases will mean they will assign a number to a client as opposed to retaining their name in the database. With this approach, the nonprofit still has access to transaction data but the donor stays anonymous. </p> <h2 id="toc_3">4. Rethink How the Organization Manages Its Systems</h2> <p>Cloud for Good’s Frankfurt says that when nonprofits do start to anonymize data, many will have a major challenge ahead of them. Many organizations have separate systems for the newsletter, online donations, a donor management system, program management and even volunteer management, he says. When a client asks to anonymize data, the nonprofit might have to execute the request multiple times. As a result, Frankfurt encourages nonprofits to use GDPR as an opportunity to integrate these disparate systems. Moving forward, staffers won’t have to look in different places for information about a donor, and the integration will make it easier for organizations to comply when donors request to be forgotten. </p> <h2 id="toc_4">5. Look at GDPR as an Opportunity, Not an Obstacle</h2> <p>Cloud for Good’s Frankfurt says that U.S. nonprofits should see GDPR as an opportunity to revamp how the organization handles data and privacy. It can also present a <a href="" target="_blank">valuable opportunity to re-engage with donors</a> the nonprofit hasn’t had contact with in a long time, he says. Nonprofits should send out an email to donors on their list explaining their rights under GDPR and finish by asking them how the organization can more effectively serve them.</p> <p><a data-entity-type="" data-entity-uuid="" href="undefined" target="_blank"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> </div> <div> <div class="field-author"><a href="/author/steve-zurier" hreflang="en">Steve Zurier</a></div> </div> Tue, 06 Nov 2018 13:22:18 +0000 amy.burroughs_26341 42616 at NIST Creates New Guidelines for Managing Privileged Accounts <span>NIST Creates New Guidelines for Managing Privileged Accounts </span> <span><span lang="" about="/user/62836" typeof="schema:Person" property="schema:name" datatype="">Elizabeth_Neus_pdwC</span></span> <span>Mon, 11/05/2018 - 13:58</span> <div><p>Developed with industry partners, <a href="" target="_blank" title="NIST PAM draft guidelines">government draft guidelines for privileged account management</a> are already being used in the financial sector to harden defenses against cyberattacks and misuse.</p> <p>The draft guidelines from the <a href="" target="_blank" title="NCCoE home page">National Cybersecurity Center of Excellence</a>, part of the National Institute of Standards and Technology, are <strong>available for public comment until Nov. 30</strong>, but are solid enough that organizations can <strong>take advantage of them now</strong>, said two of the publication’s authors.</p> <p>“We view it as a how-to guide,” says <a href="" target="_blank" title="Harry Perper">Harry Perper</a>, a cybersecurity engineer for the NCCoE and co-author of the guidelines. “You can apply it in whatever way makes sense in your organization, in each organization, because every organization is different.”</p> <p><a href="" target="_blank" title="Cantor Colburn case study"><em><strong>MORE FROM BIZTECH:</strong> Find out how intellectual property firm Cantor Colburn assessed its security to protect its valuable information against hackers! </em></a></p> <h2 id="toc_0">How Organizations Can Effectively Manage Privileged Accounts</h2> <p>The draft guidelines outline a system that organizations can use to manage privileged accounts, which can be difficult to control and frequently have little oversight — those who control the accounts by definition have broader access and authority than the average user. </p> <p>Such accounts are “often described as the ‘keys to the kingdom,’” the guidelines’ <a href="" target="_blank" title="NIST draft guidelines executive summary">executive summary</a> notes. These can include accounts that permit the transfer of funds, that contain personally identifiable information on employees or are simply the passwords to a company’s social media page.</p> <p>“I daresay we all have accounts that have high-value data that you would want privileged access only to it,” says <a href="" target="_blank" title="Karen Waltermire">Karen Waltermire</a>, an NCCoE cybersecurity engineer and lead author. “We don’t dictate what is considered privileged.”</p> <p>NCCoE’s draft guidelines apply to nearly any sector, Waltermire says, “but we focused on financial services because privileged account management there is mature, and they’re a very aware sector.”</p> <p>The draft guidelines were developed in collaboration with financial service industry experts and <a href="" target="_blank" title="Tech company partners">technology companies</a>, such as <a href="" target="_blank" title="RSA">RSA</a> and <a href="" target="_blank" title="Splunk">Splunk</a>, and tested in a hybrid virtual/physical space. </p> <p>Implementing the privileged access management (PAM) solution involves <strong>adding a new layer of security </strong>between the users and the accounts; organizations can also read scenarios that outline the challenges presented by privileged access accounts and propose solutions.</p> <h2 id="toc_1">Put Privileged Access Management into Practice</h2> <p>In one scenario, a company develops a new app that needs access to a database. The directory administrator — who may be one of several people with privileged access — adds the app via a shared account, but there’s no record of which admin made that change or how.</p> <p>A PAM solution for this would <strong>include strong authentication procedures</strong>, possibly even changing the password after each session, so that if mistakes are made, they can be more easily investigated without having to search through logs or rely on administrators’ memories.</p> <p>The solutions are designed to work with a company’s available resources and not with any specific products, Waltermire says, even though they were developed with the assistance of specific commercial partners. </p> <p>“We make these practice guides modular so that <strong>it is <em>a</em> solution, not <em>the</em> solution</strong>,” she says. “So you would be able to read the document and swap out Cisco for Juniper if your organization already has Juniper.”</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank" title="CDW Cybersecurity Insight Report"><img alt="Cybersecurity_IR_stayprotected_700x220.jpg" data-entity-type="" data-entity-uuid="" src="/sites/" /></a></p> </div> <div> <div class="field-author"><a href="/taxonomy/term/11776" hreflang="en">Elizabeth Neus </a></div> </div> Mon, 05 Nov 2018 18:58:47 +0000 Elizabeth_Neus_pdwC 42611 at