Forrester BlogsBusiness Technology Blogs

Q4 2009 IT Market Data As We Expected Shows End of Tech Downturn

Posted by Andrew Bartels on the CIOs Blog on February 1, 2010

  • 224 Recommendations
Andrew Bartels

The first reports on the IT market in Q4 2009 are now in, and they are in line with our prediction that the tech market recession ended in that quarter (see US And Global IT Market Outlook: Q4 2009). Overall, the tech market in Q4 2009 was more or less flat with the same quarter the year before – an improvement from prior quarter when growth was negative, and evidence that the 2010 tech market will post positive growth. 

  • The US economy was stronger than expected, by 5.7% real GDP is an aberration.  The US Department of Commerce released preliminary data on Q4 2009 economic growth, and the results was a surprisingly strong 5.7% in real GDP, 6.4% in nominal GDP from the previous quarter (on a seasonally adjusted annualized basis).  However, about two percentage points of that growth was due to inventory re-stocking, which will not be repeated in future quarters.  And based on prior GDP reports, this growth rate will probably be revised down as new data comes in.  (In Q3 2009, the growth rate in real GDP started at 3.5%, but ended up revised down to 2.2%.)  Still, this report confirms that the US recession is over, and slower by steady growth is likely for the rest of 2010.
Read more

Categories:

Is 3-D Secure Insecure?

Posted by John Kindervag on the Security & Risk Professionals Blog on February 1, 2010

  • 282 Recommendations
John Kindervag

Security Researchers in the UK say that the 3-D Secure (3DS) system for credit card authorization, a protocol that was "developed by Visa to improve the security of Internet payments," has significant security weaknesses. It is used by both of the ginormous card brands, known as "Verified by Visa" and "MasterCard SecureCode."

This could be a big deal.

In a recent paper, the researcher calls out 3-D Secure as a security failure that was pushed on consumers by financially incentivized merchants because, "its use is encouraged by contractual terms on liability: merchants who adopt 3DS have reduced liability for disputed transactions. Previous single sign-on schemes lacked liability agreements, which hampered their take-up."

According to the authors:

"3-D Secure has lousy technology, but got the economics right (at least for banks and merchants); it now boasts hundreds of millions of accounts. We suggest a path towards more robust authentication that is technologically sound and where the economics would work for banks, merchants, and customers - given a gentle regulatory nudge."

Read more

Categories:

Do CIOs Blog — And Should They?

Posted by Sharyn Leaver on the Enterprise Architecture Professionals Blog on January 29, 2010

Sharyn Leaver

We’ve become curious ever since we interviewed Linda Cureton of NASA a few months ago, when we were a bit surprised to discover that she has an active blog (her Thanksgiving entry implores CIOs to give thanks to their “geeks”). And there’s Rob Carey, CIO of the Navy,  who has been blogging for the past two years.  So we decided to look around to see other CIOs who are actively blogging. Active implies recent — which takes quite a bit of time and thought, and is probably not for everyone. So who else besides Linda takes the time and thought? Here are a few who do, though not always frequently.

Read more

Talking ECEM market evolution with PwC

Posted by Chris Mines on the CIOs Blog on January 29, 2010

  • 254 Recommendations
Chris Mines

The market for enterprise carbon and energy management (ECEM) systems continues its rapid evolution. Since publishing our Market Overview report last November, we have interviewed at least a half-dozen additional systems providers coming into this nascent market.

Last week we talked with Dan DeKemper, a director at Pricewaterhouse Coopers who works with the firm's 800-person-strong sustainability practice on large-scale ECEM implementation projects. Dan told us that PwC sees three industry sectors driving ECEM adoption:

  • Utilities and Energy, the traditional "heavy emitter" industries that are focused on monitoring and reducing carbon emissions for regulatory compliance and public perception reasons.
  • Retail and CPG, two verticals where adoption is now growing faster than Energy. These companies are implementing ECEM on a voluntary basis, looking to improve brand equity and align with sustainability initiatives of some of their customers like Walmart.
  • Public sector organizations, looking to be role models for the private sector and also under executive or legislative mandate to improve energy efficiency.
Read more

Virtual Network Segmentation for PCI?

Posted by John Kindervag on the Security & Risk Professionals Blog on January 29, 2010

  • 394 Recommendations
John Kindervag

Several clients have recently been asking about "Virtual Network Segmentation" products that claim to segment networks to reduce PCI compliance. They may use ARP or VLANs to control access to various network segments.  These type of controls work at Layer 2 and the hacker community is well versed at using tools such as Ettercap or Cain & Abel to bypass those controls.  We've recently written about Network Segmentation for PCI as part of the PCI X-Ray series.
While rereading the PCI Wireless Guidance document, I came across this nugget that puts a nail in the coffin of using VLANs as a security control:"Relying on Virtual LAN (VLAN) based segmentation alone is not sufficient. For example, having the CDE on one VLAN and the WLAN on a separate VLAN does not adequately segment the WLAN and take it out of PCI DSS scope. VLANs were designed for managing large LANs efficiently. As such, a hacker can hop across VLANs using several known techniques if adequate access controls between VLANs are not in place. As a general rule, any protocol and traffic that is not necessary in the CDE, i.e., not used or needed for credit card transactions, should be blocked. This will result in reduced risk of attack and will create a CDE that has less traffic and is thus easier to monitor."

Read more

Categories:

Jump On The iPad Before It Is Too Late: 3 Reasons To Develop An iPad App Now

Posted by Mike Gualtieri on the Application Development & Delivery Professionals Blog on January 28, 2010

Mike Gualtieri

Finally, Apple’s latest game-changing, must-have device is ripe - the iPad. The iPad is not a new idea. Tablet PCs were introduced years ago but failed to take off. More recently, the Amazon Kindle proved that a simpler form of the tablet has legs. But what Apple does brilliantly is that they do it better.

Read more

Peace, love, and the IBM System 360s

Posted by John R. Rymer on the Application Development & Delivery Professionals Blog on January 28, 2010

John R. Rymer

"Our vision for 2010 is the same as IBM's for the year 1960." So said Oracle's Larry Ellison from the stage at today's event to celebrate his company's acquisition of Sun Microsystems. With Sun in hand, Oracle will now take us back to the simple virtues of mainframes 50 years ago. Updated, these virtues are:

Read more

Apple's iPad Reaffirms The Changing Mobile Operator Business

Posted by Charles Golvin on the CIOs Blog on January 28, 2010

  • 238 Recommendations
Charles Golvin
In the firestorm of speculation leading up to Apple's debut of its iPad device was a strong thread regarding the company's ability to further accelerate tectonic shifts in the media industry, especially the print industry. Now, following its unveiling, some have pointed to the structure of the relationship between Apple and AT&T and posed similar questions regarding the mobile industry and in particular operators' business models. The iPad deal is just evidence of changes that have been accelerating for the past several years. These changes include:
  • New pricing models. As the U.S. market has saturated operators have reassessed prepaid, elevating it beyond the 'choice of last resort' for consumers, and introducing unlimited voice, data, and messaging plans like Boost Unlimited. They have also enabled prepaid for laptop and netbook data connections — which plans the iPad will exploit. European operators have gone further and introduced session-based pricing, such as per day or week. Devices like Amazon's Kindle rely on a wholesale model to make the cost of transport invisible to consumers (for books and the like, at least).
Read more

Bad news for IT buyers: Oracle sues Rimini Street

Posted by Duncan Jones on the Sourcing & Vendor Management Professionals Blog on January 27, 2010

  • 229 Recommendations
Duncan Jones

January 26th, 2010 was a black day for the enterprise software business.Late yesterday, Oracle launched a lawsuit against independent support provider (ISP) Rimini Street, alleging 'massive theft' of its intellectual property. Industry analysts had been expecting something like this - Oracle is already suing Rimini Street's predecessor TomorrowNow and was clearly worried that a competitive market would force it to cut the price of its hugely profitable maintenance offering.

Read more

Case Study #8: How to Use Twitter for Customer Service: Carphone WareHouse

Posted by Natalie Petouhoff on the Business Process Professionals Blog on January 27, 2010

Many of my clients have asked, "How should I use Twitter for customer service?" There are many applications that are adding Twitter as part of the contact center apps. But today I'd like to talk about the basics of using Twitter. I spoke with Anne Wood, the Head of Knowledge Management at Carphone Warehouse to learn about how they entered into Twitterland.

Read more

Categories:

Syndicate content