Q4 2009 IT Market Data As We Expected Shows End of Tech Downturn

Andrew Bartels

The first reports on the IT market in Q4 2009 are now in, and they are in line with our prediction that the tech market recession ended in that quarter (see US And Global IT Market Outlook: Q4 2009). Overall, the tech market in Q4 2009 was more or less flat with the same quarter the year before – an improvement from prior quarter when growth was negative, and evidence that the 2010 tech market will post positive growth. 

  • The US economy was stronger than expected, by 5.7% real GDP is an aberration.  The US Department of Commerce released preliminary data on Q4 2009 economic growth, and the results was a surprisingly strong 5.7% in real GDP, 6.4% in nominal GDP from the previous quarter (on a seasonally adjusted annualized basis).  However, about two percentage points of that growth was due to inventory re-stocking, which will not be repeated in future quarters.  And based on prior GDP reports, this growth rate will probably be revised down as new data comes in.  (In Q3 2009, the growth rate in real GDP started at 3.5%, but ended up revised down to 2.2%.)  Still, this report confirms that the US recession is over, and slower by steady growth is likely for the rest of 2010.
Read more

Is 3-D Secure Insecure?

John Kindervag

Security Researchers in the UK say that the 3-D Secure (3DS) system for credit card authorization, a protocol that was "developed by Visa to improve the security of Internet payments," has significant security weaknesses. It is used by both of the ginormous card brands, known as "Verified by Visa" and "MasterCard SecureCode."

This could be a big deal.

In a recent paper, the researcher calls out 3-D Secure as a security failure that was pushed on consumers by financially incentivized merchants because, "its use is encouraged by contractual terms on liability: merchants who adopt 3DS have reduced liability for disputed transactions. Previous single sign-on schemes lacked liability agreements, which hampered their take-up."

According to the authors:

"3-D Secure has lousy technology, but got the economics right (at least for banks and merchants); it now boasts hundreds of millions of accounts. We suggest a path towards more robust authentication that is technologically sound and where the economics would work for banks, merchants, and customers - given a gentle regulatory nudge."

Read more

Do CIOs Blog — And Should They?

Sharyn Leaver

We’ve become curious ever since we interviewed Linda Cureton of NASA a few months ago, when we were a bit surprised to discover that she has an active blog (her Thanksgiving entry implores CIOs to give thanks to their “geeks”). And there’s Rob Carey, CIO of the Navy,  who has been blogging for the past two years.  So we decided to look around to see other CIOs who are actively blogging. Active implies recent — which takes quite a bit of time and thought, and is probably not for everyone. So who else besides Linda takes the time and thought? Here are a few who do, though not always frequently.

Read more

Talking ECEM market evolution with PwC

Chris Mines

The market for enterprise carbon and energy management (ECEM) systems continues its rapid evolution. Since publishing our Market Overview report last November, we have interviewed at least a half-dozen additional systems providers coming into this nascent market.

Last week we talked with Dan DeKemper, a director at Pricewaterhouse Coopers who works with the firm's 800-person-strong sustainability practice on large-scale ECEM implementation projects. Dan told us that PwC sees three industry sectors driving ECEM adoption:

  • Utilities and Energy, the traditional "heavy emitter" industries that are focused on monitoring and reducing carbon emissions for regulatory compliance and public perception reasons.
  • Retail and CPG, two verticals where adoption is now growing faster than Energy. These companies are implementing ECEM on a voluntary basis, looking to improve brand equity and align with sustainability initiatives of some of their customers like Walmart.
  • Public sector organizations, looking to be role models for the private sector and also under executive or legislative mandate to improve energy efficiency.
Read more

Virtual Network Segmentation for PCI?

John Kindervag

Several clients have recently been asking about "Virtual Network Segmentation" products that claim to segment networks to reduce PCI compliance. They may use ARP or VLANs to control access to various network segments.  These type of controls work at Layer 2 and the hacker community is well versed at using tools such as Ettercap or Cain & Abel to bypass those controls.  We've recently written about Network Segmentation for PCI as part of the PCI X-Ray series.
While rereading the PCI Wireless Guidance document, I came across this nugget that puts a nail in the coffin of using VLANs as a security control:"Relying on Virtual LAN (VLAN) based segmentation alone is not sufficient. For example, having the CDE on one VLAN and the WLAN on a separate VLAN does not adequately segment the WLAN and take it out of PCI DSS scope. VLANs were designed for managing large LANs efficiently. As such, a hacker can hop across VLANs using several known techniques if adequate access controls between VLANs are not in place. As a general rule, any protocol and traffic that is not necessary in the CDE, i.e., not used or needed for credit card transactions, should be blocked. This will result in reduced risk of attack and will create a CDE that has less traffic and is thus easier to monitor."

Read more

Categories:

Jump On The iPad Before It Is Too Late: 3 Reasons To Develop An iPad App Now

Mike Gualtieri

Finally, Apple’s latest game-changing, must-have device is ripe - the iPad. The iPad is not a new idea. Tablet PCs were introduced years ago but failed to take off. More recently, the Amazon Kindle proved that a simpler form of the tablet has legs. But what Apple does brilliantly is that they do it better.

Read more

Peace, love, and the IBM System 360s

John R. Rymer

"Our vision for 2010 is the same as IBM's for the year 1960." So said Oracle's Larry Ellison from the stage at today's event to celebrate his company's acquisition of Sun Microsystems. With Sun in hand, Oracle will now take us back to the simple virtues of mainframes 50 years ago. Updated, these virtues are:

Read more

Bad news for IT buyers: Oracle sues Rimini Street

Duncan Jones

January 26th, 2010 was a black day for the enterprise software business.Late yesterday, Oracle launched a lawsuit against independent support provider (ISP) Rimini Street, alleging 'massive theft' of its intellectual property. Industry analysts had been expecting something like this - Oracle is already suing Rimini Street's predecessor TomorrowNow and was clearly worried that a competitive market would force it to cut the price of its hugely profitable maintenance offering.

Read more

Case Study #8: How to Use Twitter for Customer Service: Carphone WareHouse

Many of my clients have asked, "How should I use Twitter for customer service?" There are many applications that are adding Twitter as part of the contact center apps. But today I'd like to talk about the basics of using Twitter. I spoke with Anne Wood, the Head of Knowledge Management at Carphone Warehouse to learn about how they entered into Twitterland.

Read more

Pros and cons of using a vendor provided analytical data model in your BI implementation

Boris Evelson

The following question comes from many of our clients: what are some of the advantages and risks of implementing a vendor provided analytical logical data model at the start of any Business Intelligence, Data Warehousing or other Information Management initiatives? Some quick thoughts on pros and cons:

Pros:

  • Leverage vendor knowledge from prior experience and other customers
  • May fill in the gaps in enterprise domain knowledge
  • Best if your IT dept does not have experienced data modelers 
  • May sometimes serve as a project, initiative, solution accelerator
  • May sometimes break through a stalemate between stakeholders failing to agree on metrics, definitions

Cons

 

  • May sometimes require more customization effort, than building a model from scratch
  • May create difference of opinion arguments and potential road blocks from your own experienced data modelers
  • May reduce competitive advantage of business intelligence and analytics (since competitors may be using the same model)
  • Goes against “agile” BI principles that call for small, quick, tangible deliverables
  • Goes against top down performance management design and modeling best practices, where one does not start with a logical data model but rather
    • Defines departmental, line of business strategies  
    • Links goals and objectives needed to fulfill these strategies  
    • Defines metrics needed to measure the progress against goals and objectives  
    • Defines strategic, tactical and operational decisions that need to be made based on metrics
Read more