Forrester BlogsBusiness Technology Blogs

Virtual Network Segmentation for PCI?

Posted by John Kindervag on January 29, 2010

  • 353 Recommendations

Several clients have recently been asking about "Virtual Network Segmentation" products that claim to segment networks to reduce PCI compliance. They may use ARP or VLANs to control access to various network segments.  These type of controls work at Layer 2 and the hacker community is well versed at using tools such as Ettercap or Cain & Abel to bypass those controls.  We've recently written about Network Segmentation for PCI as part of the PCI X-Ray series.
While rereading the PCI Wireless Guidance document, I came across this nugget that puts a nail in the coffin of using VLANs as a security control:"Relying on Virtual LAN (VLAN) based segmentation alone is not sufficient. For example, having the CDE on one VLAN and the WLAN on a separate VLAN does not adequately segment the WLAN and take it out of PCI DSS scope. VLANs were designed for managing large LANs efficiently. As such, a hacker can hop across VLANs using several known techniques if adequate access controls between VLANs are not in place. As a general rule, any protocol and traffic that is not necessary in the CDE, i.e., not used or needed for credit card transactions, should be blocked. This will result in reduced risk of attack and will create a CDE that has less traffic and is thus easier to monitor."

Read more

Categories:

Talking ECEM market evolution with PwC

Posted by Chris Mines on January 29, 2010

  • 238 Recommendations

The market for enterprise carbon and energy management (ECEM) systems continues its rapid evolution. Since publishing our Market Overview report last November, we have interviewed at least a half-dozen additional systems providers coming into this nascent market.

Last week we talked with Dan DeKemper, a director at Pricewaterhouse Coopers who works with the firm's 800-person-strong sustainability practice on large-scale ECEM implementation projects. Dan told us that PwC sees three industry sectors driving ECEM adoption:

  • Utilities and Energy, the traditional "heavy emitter" industries that are focused on monitoring and reducing carbon emissions for regulatory compliance and public perception reasons.
  • Retail and CPG, two verticals where adoption is now growing faster than Energy. These companies are implementing ECEM on a voluntary basis, looking to improve brand equity and align with sustainability initiatives of some of their customers like Walmart.
  • Public sector organizations, looking to be role models for the private sector and also under executive or legislative mandate to improve energy efficiency.
Read more

Do CIOs Blog — And Should They?

Posted by Sharyn Leaver on January 29, 2010

We’ve become curious ever since we interviewed Linda Cureton of NASA a few months ago, when we were a bit surprised to discover that she has an active blog (her Thanksgiving entry implores CIOs to give thanks to their “geeks”). And there’s Rob Carey, CIO of the Navy,  who has been blogging for the past two years.  So we decided to look around to see other CIOs who are actively blogging. Active implies recent — which takes quite a bit of time and thought, and is probably not for everyone. So who else besides Linda takes the time and thought? Here are a few who do, though not always frequently.

Read more

Apple's iPad Reaffirms The Changing Mobile Operator Business

Posted by Charles Golvin on January 28, 2010

  • 227 Recommendations
In the firestorm of speculation leading up to Apple's debut of its iPad device was a strong thread regarding the company's ability to further accelerate tectonic shifts in the media industry, especially the print industry. Now, following its unveiling, some have pointed to the structure of the relationship between Apple and AT&T and posed similar questions regarding the mobile industry and in particular operators' business models. The iPad deal is just evidence of changes that have been accelerating for the past several years. These changes include:
  • New pricing models. As the U.S. market has saturated operators have reassessed prepaid, elevating it beyond the 'choice of last resort' for consumers, and introducing unlimited voice, data, and messaging plans like Boost Unlimited. They have also enabled prepaid for laptop and netbook data connections — which plans the iPad will exploit. European operators have gone further and introduced session-based pricing, such as per day or week. Devices like Amazon's Kindle rely on a wholesale model to make the cost of transport invisible to consumers (for books and the like, at least).
Read more

Peace, love, and the IBM System 360s

Posted by John R. Rymer on January 28, 2010

"Our vision for 2010 is the same as IBM's for the year 1960." So said Oracle's Larry Ellison from the stage at today's event to celebrate his company's acquisition of Sun Microsystems. With Sun in hand, Oracle will now take us back to the simple virtues of mainframes 50 years ago. Updated, these virtues are:

Read more

Introducing The MDM Market’s Newest 800lb Gorilla: Informatica Acquires Siperian!

Posted by Rob Karel on January 28, 2010

Look out IBM, Oracle and SAP — you’re about to lose a bit of your dominance in the master data management (MDM) market to Informatica. On January 28, 2010, Informatica announced that it acquired Siperian for $130 million (representing the largest acquisition Informatica has made to date). Siperian is a multi-domain operational MDM vendor that Forrester named as a leader in our last Forrester Wave for Customer Hubs in Q3 of 2008 (see graphic).

Read more

Categories:

iPad - Not A Game Changer For Enterprises... Yet

Posted by Chris Silva on January 28, 2010

I'm going to strive to keep this short since I'm sure that most readers who've been drawn to this post by the inclusion of "iPad" in the title have a long line of stories and reviews to read about Apple's newest device; there's clearly no shortage.

Read more

Categories:

Jump On The iPad Before It Is Too Late: 3 Reasons To Develop An iPad App Now

Posted by Mike Gualtieri on January 28, 2010

Finally, Apple’s latest game-changing, must-have device is ripe - the iPad. The iPad is not a new idea. Tablet PCs were introduced years ago but failed to take off. More recently, the Amazon Kindle proved that a simpler form of the tablet has legs. But what Apple does brilliantly is that they do it better.

Read more

But Who Need An Avatar, Anyway?

Posted by Connie Moore on January 28, 2010

  • 219 Recommendations

James Cameron's blockbuster hit Avatar viscerally depicts the power of an avatar in a way that software geeks couldn't begin to communicate or illustrate in code. Nothing in Second Life, The Sims or other virtual worlds comes close to the movie for illustrating the power of an avatar to insert a person into another environment or "world." In fact, if you haven't seen the movie, I can say that it's hard to leave the cinema without wishing — darn it — why can't we really do that??? (Sort of like, "beam me up Scottie," why can't we do that too???) [If you are like me, I wonder . . . when will we be able to do that because surely sometime in the future we'll be able to. But, I digress.]

Last week some of my colleagues and I had a completely different experience that leaves me thinking that avatars aren't really the future. Instead, literally being there — yourself — in a virtual fashion is a more human and natural way of interacting than using an avatar to represent yourself. What am I talking about? It's telepresence — the high resolution, life-size video conferencing tool that, in this situation, was provided by Cisco.

Here's what happened. Last year we decided to bring our Business Technology Forum not only to the real world in Chicago but also to the virtual world over telepresence. Last Friday, Mike Gilpin, Clay Richardson, Ted Schadler and I got to deliver that virtual event by spending 3 hours interacting with 14 clients in 7 cities using telepresence. The cities were: Atlanta, Boston, Herndon VA, Irving, New York, San Jose, and Washington, D.C. In addition, we had one company that dialed in from its own telepresence facility.

Read more

Categories:

Apple's iPad Will Come Into The Enterprise Through The Consumer Door. Again.

Posted by Ted Schadler on January 27, 2010

Apple just announced its media tablet (we coined these things mobile media tablets in 2005 in private client conversations and ) amidst much excitement and surprisingly little secrecy. There wasn't much if anything in the announcement that the bloggers hadn't anticipated.

This product will appear in 60 days with WiFi and in 90 days unlocked with AT&T data plan for $629 and $29/month. It will catch on quickly as an employee-provisioned third device, particularly for Mobile Professionals, 28% of the workforce. IT will support it in many organizations. After all, it's just a big iPhone to them and already 20% of firms support them.

Most of the media coverage will discuss the impact on consumer markets. I'm going to talk about the impact on businesses and on information & knowledge management professionals, the IT executive responsible for making the workforce successful with technology.

Make no mistake, this is an attractive business tool. Laptops will be left at home.

One thing's for sure, Apple knows how to time the market. And the market it's timed this time around is an important one: information workers self-provisioning what they need rather than what their employers provide. We have called this trend Technology Populism(AKA consumerization of IT), and it's important enough that we're writing a book called Groundswell Heroes about how to harness it.

Read more

Categories: