TechNotestag:www.webtorials.com,2009-10-09:/discussions/62012-05-16T13:38:49ZMovable Type Pro 4.32-enTelecom Contracts: Dodging the Potholestag:www.webtorials.com,2012:/discussions//6.14142012-05-16T13:29:02Z2012-05-16T13:38:49ZA TechNote on Unified CommunicationsGary Audin, Delphi, Inc....Gary Audin, Delphi, Inc.http://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=137
]]>
Contract terms and conditions for payment and commitments are riddled with potholes for the enterprise. Let the buyer beware, for the agreements are typically biased toward the vendor.
Contract Fairness
Contract fairness was one of the major topics presented last week at the Center for Communications Management Information (CCMI) Telecom Negotiation Conference in Washington, D.C. Hank Levine, founding partner in the communications and technology law firm Levine, Blaszak, Block & Boothby, LLP (LB3), revealed a series of "gotchas" that can be mitigated by judicious negotiations with the telecom carrier.
Levine's starting point was this equation: Good RFP + Bad Contract = Bad Deal
While a good request for proposal (RFP) can spell out what the enterprise wants, said Levine, it in no way guarantees that what is requested is what will be delivered. And, once the price is set, negotiations are not necessarily finished.
A carrier will commonly offer short standard contract forms regardless of what the RFP specifies. This is usually very unfavorable to the enterprise. Rather than the verbally agreed-upon terms, the contract will include terms that the enterprise never agreed to or even knew about during the procurement process, Levine warned.
The forms will include capitalized terms ("Line" vs. "line," "Termination" vs. "termination," for example) that the vendor defines very differently from the way the enterprise might assume. So the enterprise must learn the vendor definitions, not use its own definitions, to understand the contract.
Service Guide Trumps All
All vendors use a master agreement structure. At the bottom is the service guide, which can be hundreds of pages long. Above that are the general terms and conditions. At the top are the rates, service-level agreements (SLAs) and other service-specific terms spelled out in attachments, exhibits and schedules. The enterprise negotiator needs to understand that the service guide overrides everything else. For example:
If the negotiated portions of the contract are silent on a given issue, then the service guide provisions will apply.
If a term or condition is removed from the contract but is in the service guide, the provision removal is not valid. This could apply to contract renewal or even individual circuit terms.
Resolving an issue in the master agreement will not end the matter if the vendor's version comes back via an attachment. This could mean that the vendor can use the enterprise's logo, trademarks, trade names and service marks in the vendor's internal and external communications - even against the enterprise's wishes.
Ensuring Rate Stability
The enterprise enters into a contract for services with the expectation rate stability during the contract term. About 80 percent of purchased services can be stabilized by:
Setting out the rates in the contract.
Ensuring rate descriptions are NOT defined as "illustrative" or "current." If these terms are used, there is no guarantee of rate stability.
Avoiding discounts off the service guide rates. These can be changed without the enterprise's consent and will usually increase over time.
In international agreements, ensuring that the vendor cannot move a customer from a low- to high-priced zone or band.
Insist on Rate Reviews
The contract should have a provision for rate reviews, with clauses that give the vendor an incentive to keep rates competitive and give the enterprise an incentive to set realistic expectations. Read the review clauses carefully, for they can be obtuse and hard to comprehend. In fact, once the complex language is removed, it is more than likely that the enterprise will have a guarantee of nothing. Something to watch out for: sometimes a contract will allow the enterprise to request an increase in commitment in return for a capped temporary rate reduction. However, a very short decision time for the commitment could be difficult for the enterprise to meet, thereby eliminating the cap.
]]>
Careful: 4G Could Fuel Data Overagestag:www.webtorials.com,2012:/discussions//6.14102012-05-14T18:44:39Z2012-05-14T22:45:21ZA TechNote on Wireless and MobilityJoanie M. WexlerTechnology Analyst/EditorEditorial Director, TechNotes...Joanie Wexler, Analyst/Editorhttp://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=226
]]>
And the U.S. is expected to have coverage across most of the country by late 2013. Sounds great. But what will 4G do to your wireless monthly data expenses? Let's face it: the bigger the pipe, the more content users can consume. And the more they consume, the bigger the bill.
Some startling math: A March 2012 blog by online researcher GigaOM about 4G pricing for the iPad noted that at maximum 4G speeds that an iPad could handle (73Mbps), a 5GB data plan would be drained in around nine minutes. Unfortunately, the days of unlimited data plans are dwindling, with Sprint hanging on as the sole U.S. nationwide carrier still offering unlimited plans. So you could conclude, simplistically, that if iPad users are on a 5GB plan and want to use the mobile network for more than nine minutes, overages are in their future.
Employers can just turn on the 4G hose and let their workers drink their fill of mobile bandwidth. Or they can attempt to manage expenses by creating structured policies augmented by real-time usage-tracking tools.
Won't BYOD Ease Costs?
Hold the phone, you might be thinking. With the popular bring-your-own-device (BYOD) model, won't most employers just pay a flat payroll stipend to employees, who will then pick up the rest of the cost?
Ojas Rege, vice president of strategy at mobile device management (MDM) company MobileIron, holds this view. He believes that because of BYOD, employers' cost focus has shifted to taming hefty international roaming costs.
"As more companies adopt BYOD, the enterprise interest in managing service costs drops dramatically," Rege asserts. MobileIron's mobile expense management component tracks user location and, via policy, either sends alerts to users about their usage levels or limits access to contain costs when users cross borders.
International roaming is certainly a big culprit behind mobile bill shock. Still, whatever bandwidth gets consumed for business purposes - global or domestic - is likely to impact corporate coffers.
For example, that flat monthly stipend an enterprise allows for business usage of personal device might have to increase. Also, despite all the talk about BYOD, there are plenty of companies still running corporate-liable shops. And most that do allow BYOD still support a sub-population of corporate-liable users. So businesses might need to buy bigger data plans for individual corporate-liable users or more generous data pools for them to share.
Making a Plan
The first step toward containing costs, advises Daniel Rudich, a senior vice president at telecom expense management company Tangoe, is for those responsible for paying corporate cellular bills to strategically classify employees into user groups - perhaps users with similar usage behavior. Then, analyze each group's usage volume to date and from there, decide how (and how much) each group should be reimbursed.
"If you haven't been pooling, look at it," says Rudich. Pooling, long available for voice, has recently become available for data plans. The business buys an aggregate amount of minutes or gigabytes per month, and users draw from the pool as they use the network. When the pool is drained, overage charges kick in.
"Find out what the optimal pool [plan] is for each group," Rudich advises. "Keep monitoring the pools because usage changes; for example, people change job functions and the applications they use change."
Options Differ for Enterprises, SMBs
As has been traditionally the case, larger enterprises with volume-buying clout have more options from carriers than small and midsized businesses (SMB). SMB data pooling plans tend to be preset, similar to consumer plans and allow for less customization than those available to big enterprises. So SMBs might have to buy a bigger plan than necessary to avoid paying hefty per-minute or per-KB/MB/GB overage charges.
On the other hand, newer expense management cloud services are available for smaller businesses. For its part, Tangoe offers a real-time wireless expense management service that continually calculates where users are in relation to their plan and makes projections based on behavior. Users and administrators can find out, at any time, what percentage of each plan has been used, how many days are left in the billing cycle, and so forth. The expense management service is available for between $3 and $5 per month, Rudich says.
There are other companies that offer real-time wireless expense management, too. One is Lyrix, with its SaaS called Mobiso; another is eMOBUS, with its Enterprise Mobility Management platform.]]>
Check out Cloud Providers' Business Modelstag:www.webtorials.com,2012:/discussions//6.14032012-05-09T20:53:33Z2012-05-09T21:03:51ZA TechNote on Unified CommunicationsGary Audin, Delphi, Inc....Gary Audin, Delphi, Inc.http://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=137
]]>
2011 Webtorials survey of cloud communication providers, for example, showed that the provider's business model can have significant implications for the various cloud services important to enterprises such as service-level agreements (SLAs), security, privacy and availability.
For example, while most cloud communication providers use the Internet to provide access to their services, a few bundle Multiprotocol Label Switching (MPLS) access into their services. Their users will get better voice quality because MPLS supports a quality-of-service (QoS) level not available over the Internet.
Primary Available Models
The five business models now in use by cloud service providers are as follows:
Vertically integrated provider - This is a holistic cloud service where the provider owns the hardware and software, has the staff that implements and maintains the service and is responsible for all aspects of the service (SLAs, security, privacy and availability) except Internet access. Because the provider writes the software for its service, special features and functions can be custom-designed to meet the enterprise's requirements.
Pure cloud service - The converse of the vertically integrated provider, this type of service can be located on cloud-based servers that run provider-owned software licensed from a third-party software vendor. Amazon Elastic Compute Cloud (EC2) platform is an example of an existing cloud-based business service that can be used as an implementation platform. EC2 is a Web service that provides resizable compute capacity in the cloud. Software modifications must be implemented by the third party.
SLAs, security, privacy and availability are supported by the cloud platform rather than directly by the service provider. If the cloud platform has a problem, as EC2 did twice in 2011, the service can fail, and the service provider must wait for the cloud platform to return to operation before the service can resume.
Alternate pure cloud service - In this model, a communication software vendor's product (for example, call-center software) operates on the cloud provider's platform. The software vendor can customize features and functions for the enterprise, but relies on the cloud platform operator to handle issues with SLAs, security, privacy and availability. Amazon EC2, cited above as an example of pure cloud service, can support this model as well.
Third-party implementation - A third party installs licensed communication software in the cloud (e.g., on the EC2 platform) and sells the service directly. Custom feature and function modifications are unlikely to be offered with this model. SLAs, security, privacy and availability issues are the platform provider's problems.
Resold services - In this model, the reseller itself owns nothing but simply resells cloud services from one or more wholesale providers. The reseller might use the cloud provider's name when offering the service or might create a private-label service. In either case, the reseller is only passing through a service. Customized features and functions are likely not supported, and the reseller has no control over the service's SLAs, security, privacy and availability.
The Fewer Middlemen, the Better
The business model a provider chooses can have a huge influence on the SLAs and acceptable use policies (AUPs) an enterprise will encounter. Contracts or service agreements are likely to be biased in the provider's favor if the platform is not part of its own operation but comes from a third party such as EC2. The more direct control and knowledge the provider has of the service (as in the vertically integrated model), the easier it will be for the provider to enforce SLAs and effectively troubleshoot problems.
Furthermore, the stability of the service can be in jeopardy if the service provider business model is not successful. What if the cloud provider goes out of business or decides to terminate certain features or functions? What if the service provider fails to pay the cloud platform bill, leaving enterprise information such as voice mails, e-mails, user profiles and dial plans inaccessible? Such scenarios have already occurred with some wholesale as well as retail providers. Just in case, the enterprise should always have a backup plan (possibly an alternative cloud provider) in place.]]>
Which IT Services Do You Keep? Which Move to the Cloud?tag:www.webtorials.com,2012:/discussions//6.13992012-05-08T12:00:44Z2012-05-08T12:10:12ZJim Metzler, Ashton, Metzler & Associateshttp://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=49
]]>
When cloud computing first began to make an impact in the market several years ago, it was most often associated with offerings from software-as-a-service (SaaS) providers such as Salesforce.com or infrastructure-as-a-service (IaaS) providers such as Rackspace. Enterprises would acquire mainstream enterprise applications such as customer relationship management (CRM) or enterprise resource planning (ERP) as a SaaS. Or they'd procure basic compute and storage services in the form of an IaaS.
Mainstream enterprise SaaS application services and IaaS compute and storage services continue to grow. But cloud providers have recently begun to also offer an even broader set of cloud networking services - services historically provided by the IT infrastructure group.
Kitchen Sink Cloud Services
Among some of the latest cloud services are VoIP, unified communications, network and application optimization, security and management. It's almost to the point that any service or solution IT once offered or supported has a cloud counterpart available.
The emergence of this new set of solutions poses a new challenge for IT organizations. Not only does IT still have to manage, optimize and secure traditional cloud computing solutions, but it now must also determine which of the traditional IT services it should continue to provide itself and which ones it should procure from a cloud provider.
When evaluating these solutions, IT organizations need to determine whether a cloud service offering eliminates, or at least minimizes, the negative aspects of public cloud computing. According to the Webtorials market research report, "Cloud Computing: A Reality Check and Guide to Risk Mitigation", security concerns have been the primary impediment to the adoption of public cloud computing solutions. Hence, evaluating the security of the cloud provider's facilities is a critical component of evaluating the overall solution.
The IT organization must determine whether the provider's implementation of a multi-tenant environment compromises security. Can the provider maintain compliance with corporate and regulatory standards while still leveraging the cost benefits of the provider's shared infrastructure and improved operational efficiency?
Making the task harder is that there is no widely accepted framework for securing a cloud environment. The IT organization can ask potential providers to reveal the results of third-party security audits they might have undergone and/or to provide references from existing customers who are subject to the same compliance requirements.
Also, Gartner, Inc.'s Global IT Council for Cloud Services has defined six rights of cloud service consumers to help providers and their customers create and maintain successful business relationships (see April 9, 2012 TechNote on Unified Communications, "7 Must-Haves in a UC Cloud Contract.")
Consider Security, Cost, Agility
Just as important as security is whether the solution actually provides the benefits that drive IT organizations to use public cloud computing solutions - lowered costs and reduced time to deploy new functionality. Cost information provided by the provider should enable the IT organization to determine whether the service provides a compelling cost advantage. The provider's agility in deploying new services could depend on the degree to which it has virtualized its data center infrastructure, since a virtual infrastructure is notably easier than a physical infrastructure to initialize, scale and migrate.
As IT organizations anticipate and plan for cloud-driven changes, they should evaluate emerging new services in the same way they would evaluate any public cloud networking service. Meanwhile, they should keep in mind that it's not an all-or-nothing choice. For example, though it is highly unlikely that an enterprise IT organization would entrust all of its security requirements to a public cloud service, it might use such a service to gain an additional level of security that enhances its overall defensive security strategy.
And while the ongoing adoption of cloud computing continues to fundamentally change IT, we should remember that IT organizations have been "out-tasking" various functions to third parties for decades. The use of cloud services is just one more example of out-tasking, and as such it requires expert vendor-management skills.
]]>
What We Can Learn from Google Street Viewtag:www.webtorials.com,2012:/discussions//6.13952012-05-07T20:26:19Z2012-05-08T12:16:24ZA TechNote on Wireless and MobilityLisa Phifer, PresidentCore Competence, Inc....Lisa Phifer, Core Competencehttp://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=25
]]>
WLAN discovery results
can be put to good uses, including trend analysis and client
locationing. So why did the Federal Communications Commission (FCC)
investigate the Google Street View project
for discovering WLANs from 2007 to 2010, which it summarized in a
recent report? And what lessons can the Wi-Fi community learn from the
FCC's findings?
What the Fuss Is About
In
April, the FCC published a report detailing its investigation into
Street View for possible violation of Section 705(a) of the
Communications Act of 1934, which pertains to unauthorized publication
or use of communication except as authorized by the Wiretap Act. The
investigation focused on this provision:
No person
not being authorized by the sender shall intercept any radio
communication and divulge or publish the existence, contents, substance,
purport, effect, or meaning of such intercepted communication to any
person. No person not being entitled thereto shall receive or assist in
receiving any interstate or foreign communication by radio and use such
communication (or any information therein contained) for his own benefit
or for the benefit of another not entitled thereto.
According
to the report, Street View did more than record WLAN names and GPS
coordinates to create a locationing database. It also collected
"payload" data - the content of Internet communications - including
e-mail and text messages, passwords, Internet usage history and other
personal information. Investigators determined that an unnamed developer
had incorporated code that recorded "all wireless frame data, with the
exception of the bodies of encrypted 802.11 data frames." Quoting the
report:
Google engineers decided that the Company
should also use the Street View cars for "war driving"... By collecting
information about Wi-Fi networks (such as the MAC address, SSID, and
strength of signal received from the wireless access point) and
associating it with GPS information, companies can develop maps of
wireless APs for use in location-based services. To design the Company's
program....Engineer Doe developed Wi-Fi data collection software code
that, in addition to collecting Wi-Fi network data for Google's
location-based services, would collect payload data that Engineer Doe
thought might prove useful for other Google services.
How Data Was Used
Upon
analyzing over 200GB of data collected by Street View between 2008 and
2010, investigators concluded that, in some cases, sufficient
unencrypted payload data had been gathered "to construct an accurate
picture of the communication of an often identifiable user." To avoid
further risk of violating privacy laws, Google revised Street View to
disable all data frame capture in May 2010, enabling location collection
to resume.
Ultimately, the FCC assessed a penalty for failure to
respond to investigation requests in a timely and complete manner.
However, no penalty was assessed for payload data collection. Why? The
Wiretap Act provides this exception:
It shall not
be unlawful under this chapter...for any person...to intercept or access
an electronic communication made through an electronic communication
system that is configured so that such electronic communication is
readily accessible to the general public.
Google
successfully argued that all data Street View had collected was readily
accessible to the general public because it came from unencrypted Wi-Fi
networks; thus no laws had been violated. Upon review, the FCC opted to
forego action, stating: "Although Google also collected and stored
encrypted communications sent over unencrypted Wi-Fi networks, the
Bureau has found no evidence that Google accessed or did anything with
such encrypted communications."
Four Lessons
First,
this case focused on data payload. Beacons, probe responses, and other
headers commonly used for WLAN analysis do not seem to have posed
concern. Lesson: We can be comfortable recording these frames during
WLAN discovery.
Second, although the Act allows interception of
electronic communication readily accessible to the general public, the
investigation was triggered by data payload recording. Lesson: If
payload is not necessary, don't record it.
Third, WLAN owners can
consent to recording their own traffic, but Street View recorded
traffic from other WLANs. Furthermore, what was done with that data
played a big role. If encrypted data had been cracked, the ruling could
have differed. Lesson: If you plan to drill into data, get permission
first.
Finally, every WLAN professional should understand what
data their tools record so that it can be treated appropriately. This
just might be the biggest lesson of all.]]>
Oh, the Power that Siri Wieldstag:www.webtorials.com,2012:/discussions//6.13922012-05-02T11:03:34Z2012-05-02T11:11:28ZA TechNote on Unified CommunicationsGary Audin, Delphi, Inc....Gary Audin, Delphi, Inc.http://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=137
]]>
However, the Apple iPhone 4S's voice-recognition application, Siri (official name: Speech Interpretation and Recognition Interface), presents an opportunity to change that. Using the voice-activated interface, users could overcome their dependence on text and and gain far easier access to UC features and functions.
However, Siri has a ways to go before revolutionizing the mobile UC community. There are two big reasons. First, at least at this juncture, Siri has a few reliability flaws. Second, its consumption rate could quickly wreak more havoc with mobile operators' network capacity planning attempts.
Adaptable, but Fickle and Chatty
Siri is an integral part of Apple's iOS 5 operating system. It uses a natural-language user interface and is intended to serve as a virtual personal assistant to users. As such, it is promoted as adapting to individual user preferences, such as UC features, over time. But from a usability standpoint, Apple user communities have been full of examples of Siri working less well than advertised. In addition, several articles and blogs have shown through humorous dialogs how confusing and confused the Siri interface can be when it doesn't work as expected.
As Siri matures, however, this situation will more than likely improve. Alternatively, it might be up to the UC system and cloud vendors to come up with a better voice-activated interface for their own products and services.
But the biggest problem for mobile UC could be that Siri considerably increases a mobile device's data consumption. Siri is a bandwidth hog that could, along with Apple's iCloud and other over-the-air synchronization, backup and storage services, clog networks and even impact government spectrum allocation plans.
Just How Talkative Is She?
A recent blog post at network performance management company AppNeta shared the results of a test, using AppNeta's own PathView Cloud product, of how much bandwidth Siri consumes. For example, the voice command, "Dial 781-555-5555" consumed 38Kbps, while the question, "What is the weather going to be like tomorrow?" used 29.4Kbps. Both consumed far more bandwidth than their text equivalents.
Some organizations, such as Arieso, a mobile network management company, estimate that iPhone 4S users consume twice as much data as iPhone 4 users and three times as much as iPhone 3G users, citing Siri as one reason. Not only does Siri use more bandwidth for the equivalent functionality of text; voice activation eases use so that users tend to use more functions on their iPhones and, as a result, generate more traffic. That's good for users, provided the bandwidth is there. But it significantly adds to the wireless load stress on mobile operators' networks.
In fact, many of the mobile network operators offering the iPhone have shifted from unlimited data plans to limited plans with data caps to discourage use above and beyond a certain level. It's widely reported that a relatively few heavy-use subscribers - those who continually record high-definition video, download images and download music to play on their phones - are causing most of the network congestion. In addition, the Apple iPhone in general, with its default alerts, backups and pings, is known to generate more traffic than other phones without the user actively doing anything.
What Happens Now?
There is not much end users can do to deal with this problem except to turn off automatic default pings and alerts or voluntarily restrict their usage. This is an unlikely scenario, especially for the 10 percent of mobile users who reportedly consume the 90 percent of wireless bandwidth. So what is likely to happen?
The FCC might have to yet again rethink its wireless spectrum allocation plans. Network providers will try to buy spectrum owned by others. Providers might implement more Wi-Fi locations for access in congested areas such as New York and San Francisco. Usage billing will probably become more prevalent, as will "throttling" of the bandwidth of heavy users - with ever-lower throttling thresholds. Providers might even push for modified applications that reduce the data volumes consumed.
]]>
Beware Social-Engineering Attacks, Part 2: Emailtag:www.webtorials.com,2012:/discussions//6.13902012-05-01T11:27:49Z2012-05-01T11:41:56ZA TechNote on Information SecurityDirk Racey, Private Security Investigator/Observer...Dirk Racey, Security Sleuthhttp://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=538
]]>
Amazingly, decades after we first saw the "Nigerian Email Scam," people still fall for it. Its common incarnations ask that you keep the message confidential and then claim something along the lines of:
You've won a windfall in a foreign lottery.
A relative you've never heard of has left you a pile of dough.
An overseas corporation, government or barrister needs to transfer a fortune into a U.S. account, and if you let them use yours, you'll get a cut.
These scams work because of folks' desire to get something for nothing. I receive at least two such messages a week, and when I kill them, it's my small way of defeating the people who spew them from Internet cafés across the globe.
Inbox Landmines
Still other dangers lurk, but you can dodge 'em:
Don't trust all messages from relatives, friends or organizations that you'd normally trust. "From" fields are easily spoofed. Today, I heard from "Norton Antivirus" and "PayPal," both of which I use. And though the messages were highly "anonymized," when I traced them, one seemed to come from a building down by the river in lower Chi-town and the other from beautiful downtown Bolton, England (see photo).
These emails are especially dangerous if they seem to be from real business partners like eBay, PayPal, Amazon, your banks or even the IRS. But their subject lines can be tip-offs. Be wary if the subject lines are blank, say only "Re:," begin with strange strings like "!*#", or have misspellings, bad grammar or lousy "business English."
An example of the latter is this recent alert: "You have $250,000 lodged in Western Union to be transferred to you." If legitimate business contacts want to discuss your accounts, they'll use your account pages on their own sites. And the IRS will send a letter. So if suspicious messages arrive, axe them and then check your own private account pages rather than clicking bogus links in emails from nefarious ne'er-do-wells.
Shred everything - including envelopes and printed emails - that shows your name and address, even if it lacks financial data. The reason is simple. Any dumpster-diving crud worth a grain of salt can parlay your name, address and a business partner's name (or logo) into full-fledged identity theft. Social Security Numbers, account numbers, user IDs and passwords are not needed to weasel information out of you or your business contacts.
Snitch on the bastards! Many firms have Web pages for reporting emails that claim to come from them. I always do for bogus communiqués from eBay, PayPal, Amazon, the IRS and the FBI. When reporting, provide both the message and its "full tracking header" or "message source." You'll have to fish around a bit to find it. For example, in Lycos mail, select the message, click "More Detail" and then click "Message Source." But in Yahoo email, select the message, click the "More Actions" (gear) icon at the top of the page, and select "View Full Header." You can then copy and paste the header into the form where you report the message.
Corporate America Wakes Up
Corporate America is also getting tougher. Last January, Google, Facebook, LinkedIn, Bank of America, Comcast and others opened a "Domain-based Message Authentication, Reporting, and Conformance" (DMARC) service that they've been using for months. By signing up, a firm that sends/receives emails or provides email services will help carriers automatically stop spoofed messages and, as a result, will reduce our exposure to them. This is done by including DMARC sender-verification data in valid emails from member organizations and by stopping spoofed emails that do not pass DMARC checks. We should all encourage our business partners to sign up.
But until the Web widely embraces tools like DMARC, your most effective weapon against social-engineering email attacks will remain hyper paranoia. Don't be a hacker's puppet. Don't play the patsy. Rather, follow in the footsteps of bumbling but beloved Inspector Jacques Clouseau and "...suspect no one... and everyone." ]]>
Wi-Fi 'Voice-Enterprise' Cert: No Longer Stuck On Holdtag:www.webtorials.com,2012:/discussions//6.13882012-04-30T14:42:20Z2012-04-30T16:35:07ZA TechNote on Wireless and MobilityLisa Phifer, PresidentCore Competence, Inc....Lisa Phifer, Core Competencehttp://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=25
]]>
However, succeeding at large voice-over-Wi-Fi (Vo-Fi) deployments is still no slam-dunk. Joe Epstein, author of the book Scalable VoIP Mobility: Integration and Deployment and a former chair of the WFA's Voice over Wi-Fi Technical Certification Task Group, believes that standards-based certification is needed to replace older, more custom solutions developed by disparate vendors.
"Those proprietary mechanisms definitely work when set up properly, but there is a lot for customers to have to think about and for vendors to do," he says. "The [WFA] Voice-Enterprise certification program will make it easier for everyone to get solutions right the first time."
Voice-Enterprise is a long-in-coming WFA test for interoperability among different vendors' Vo-Fi-capable products in large enterprise settings. The Alliance expects to start certifying products this summer.
Meeting Enterprise Needs
The WFA's 2008 Voice-Personal program was a solid start but did not go far enough to meet enterprise-wide requirements. According to WFA senior marketing manager Tina Hanzlik, Voice-Personal was designed for homes and small offices with a single access point (AP). "Voice-Enterprise looks at larger networks that need fast transitions between APs, admission control and enterprise security," she says.
Specifically, Voice-Enterprise builds on the WFA's Wi-Fi Multimedia (WMM), WMM Power Save and WPA2-Enterprise certification programs, adding selected capabilities from IEEE 802.11k, 802.11r and 802.11v to maintain high performance of notoriously delay-sensitive voice sessions.
802.11r enables continuous connectivity by enabling fast, secure, seamless handoffs from one AP to another.
802.11k improves AP discovery to stop client roaming to over-utilized APs with strong signal. Instead, APs detect when clients are moving away and help them make better choices.
802.11v provides clients with topology information, increasing their network awareness in hopes of improving overall WLAN performance.
Benefits for All
Such improvements are essential for voice quality in enterprise WLANs. But Aruba Networks Fellow Partha Narasimhan expects all Wi-Fi clients to benefit.
"The ability for infrastructure and clients to exchange RF measurement information improves the quality and timing of roaming decisions. Infrastructure can [now] suggest roaming target APs to associated clients and trigger roams," explains Narasimhan. "Once a roaming decision has been made, Voice-Enterprise [can] quickly transfer security and QoS [quality of service] contexts to the new AP."
Dave Stephenson, a senior leader in Cisco's wireless networking business unit, echoed this view. "The new certification will not only improve voice quality and user experience, but also provide the critical, consistent connectivity needed in many industries," he says.
Long Time Coming
Vendors are already implementing Voice-Enterprise features; the WFA expects to start certifying products early in the third quarter. But why has Voice-Enterprise taken so long to launch?
Says Epstein: "Getting voice quality right touches so much of the network - quality of service, security and performance - [that] it's better to take the time needed to get it right."
For example, certification tests more than standards. "It measures performance with strict guidelines in a way that voice needs," says Epstein.
Like Voice-Personal, Voice-Enterprise will include metrics for latency, jitter, packet loss, plus handoff delay inside and between domains. "A network domain is what you might see in an enterprise, where you have a network composed of similar APs from the same vendor," explains Hanzlik. "We differentiate this from [handoffs] involving APs from different vendors."
Reaching the Finish Line
While goals might seem straightforward, "Voice-Enterprise [brings] together many standards and the best of several proprietary features. Making everything work well together made this a very complex program to complete," says Hanzlik.
Ultimately, success requires both infrastructure devices and client devices. "Initially, we expect certified client devices to include laptops, tablets and handsets; later we expect expansion to other mobile devices," predicts Hanzlik.
As for infrastructure, most enterprise WLAN vendors are likely to pursue certification, albeit at their own pace. Cisco was the first to support 802.11r in its Aironet 3600 Series AP in January. And Aruba has played an active role by providing equipment for the program's test bed, which means that any client device presented for certification will get tested against Aruba's gear.
According to Hanzlik, certified products will reap broad benefits. "Not only will voice users have a more seamless mobile experience, but enterprises will gain bandwidth management and power save capabilities," she says.]]>
UC: Should You Choose a License, Subscription or Hybrid?tag:www.webtorials.com,2012:/discussions//6.13832012-04-24T12:10:40Z2012-04-24T12:20:20ZA TechNote on Unified CommunicationsGary Audin, Delphi, Inc....Gary Audin, Delphi, Inc.http://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=137
]]>
These are valid and viable questions. As there are both pros and cons to each approach, in most cases, the answers will be dictated by the enterprise's cash flow and budget considerations.
Enterprise Frustration
Enterprises that aren't yet ready to embrace all of UC's features or have some departments that would benefit more than others from UC have been frustrated with the one-size-fits-all box approach. They can't deliver UC features on an "a la carte" or user-by-user basis, at least not initially, and they're paying for functions they don't need. In one case, an enterprise wanted to use Microsoft Lync with a Cisco platform but discovered duplicate functionality. It had to purchase both software packages and then disable features in one. This is just one example of the old "pay twice, use once" model.
To better enable services for just those who need them, UC product companies are acquiring cloud-service companies; for example, PBX/UC maker ShoreTel acquired M5 in February. Or they will provide their own cloud services.
Since the publication of Webtorials' 2011 Ultimate Guide to VoIP and UC Services report, many cloud communication providers have expanded their services to encompass more UC functions and features. There have also been several acquisitions and mergers among the cloud communication companies themselves, creating larger and more financially viable entities. This move to the cloud is disruptive and will undoubtedly influence UC subscription services, bringing about new cloud pricing models that will let enterprises select those - and only those - UC components they require.
A relevant example of cost differences from the applications world compares several e-mail and productivity application solutions. Microsoft Exchange, a "box" purchase, would cost a 5,000-person company $28.22 per user per month. Google's equivalent service, including e-mail, calendar and productivity applications plus technical support, would come in at about $8, and Microsoft's own Office 365 service would cost about $6.
Upending the Software Pricing Model
The reason for the drastic differences is that cloud computing offers a whole new pricing model for access to software applications. The cloud offers more of a utility computing pricing model: one that is analogous to how consumers pay for electricity, gas and water. We pay based on consumption and draw from a shared power infrastructure and water source rather than everyone having their own.
All sorts of applications, including traditional PBX features and functions, are now being offered as cloud services or soon will be. At least 210 cloud service companies offer UC and other communication services in the U.S. (as shown in the Webtorials 2011 Ultimate Guide to VoIP and UC Services). Forrester Research finds that 31 percent of companies are already getting some software delivered as a service. Gartner expects the cloud services market to grow about 18.9 percent annually.
The cloud pricing model breaks down software into smaller units that are less expensive than the whole for the enterprise. This is attractive to IT and will serve to stimulate demand. That's why UC will grow faster and more pervasively under the subscription pricing model than if the box approach remained the only method for implementing UC.
In the end, UC software vendors will likely develop a hybrid approach, offering both pricing models. This will allow enterprises to start with the subscription approach and shift to a box purchase if financial conditions dictate.]]>
WAN Optimization in a Virtualized Settingtag:www.webtorials.com,2012:/discussions//6.13812012-04-24T12:00:37Z2012-04-24T12:02:51ZJim Metzler, Ashton, Metzler & Associateshttp://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=49
]]>
Now, with the growing adoption of virtualization, IT organizations are facing a new wave of emerging application-delivery challenges. For example, desktop virtualization will mean a dramatic increase in delay-sensitive WAN traffic. Server-side desktop virtualization, for example, creates many small transactions over the WAN, while client-side virtualization streams apps over the network to user devices, increasing the network load.
On the up side, virtualization is also enabling some significant new application-delivery solutions, such as virtual WOCs (vWOCs), which offer IT organizations a number of advantages. VMs Pave Way for vWOCs
A vWOC is one form of a "virtual appliance," where software that provides specific functionality - in this case, WAN optimization capabilities - runs in a virtual machine (VM) on a virtualized hardware platform.
Most IT organizations have virtualized at least some of their data center servers, for example, and it is becoming increasingly common to implement disk-storage systems that have storage virtualization capabilities. As a result, an enterprise's data center usually already has VMs that can be used to host one or more vWOCs.
In a branch office, a suitably placed virtualized server could host a vWOC as well as other virtual appliances, forming what is sometimes referred to as a "branch office in a box," or BOB. Alternatively, a router such as Cisco's ISR G2 that supports router blades could also host a vWOC and function as a BOB. Virtual appliances can therefore support branch-office server consolidation strategies by allowing a single server, router or other device to perform multiple functions that once required several physical devices.
Another important factor driving vWOC deployment is the relative ease of transferring a vWOC between servers. For example, a major challenge in migrating a VM across physical servers is replicating the VM's networking environment in its new location. By virtualizing WAN optimization services, however, it's possible for both server VM workloads and associated vWOC networking services to automatically move together from device to device across the network to wherever adequate resources are available.
In addition, many IT organizations choose to implement a proof-of-concept (POC) trial prior to acquiring WOCs. Such a trial lets IT quantify the performance improvements provided by the WOCs and understand related issues such as their manageability and transparency. While it is possible to conduct a POC using a hardware-based WOC, it is easier to do so with a vWOC, which can be downloaded in a matter of minutes. By contrast, a physical device takes days to be shipped, installed and tested.
Time differences can be even more acute if the WOC is being deployed in a part of the world where it can take weeks or months to get a hardware product through customs. Another reason it is easier to conduct a POC with a vWOC is that some vendors let users download a vWOC without any vendor contact; others provide a version of their product that is completely free and obtained on a self-service basis.
Swan Song for Physical Appliances?
Virtualization is fundamentally changing the IT function, both by creating new performance challenges and by enabling new solutions that help IT organizations respond to them. However, organizations that are evaluating vWOCs need to assess them from a variety of perspectives, including the functionality they provide, their performance, the pricing model and the overall strength of the vendor.]]>
Don't Bid 'Adieu' to Apple Bonjour Just Yettag:www.webtorials.com,2012:/discussions//6.13782012-04-23T20:25:44Z2012-04-24T16:57:41ZA TechNote on Wireless and MobilityJoanie M. WexlerTechnology Analyst/EditorEditorial Director, TechNotes...Joanie Wexler, Analyst/Editorhttp://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=226
]]>
Much has been written about the issues associated with the shift from corporate-liable mobile devices to employee-liable (personally procured) ones. But one big issue for Apple devices in particular - regardless of who introduces them into the organization - is Apple's limited-reach, yet bandwidth-greedy Bonjour service advertisement, discovery and resource-sharing protocol.
Say Hello to Bonjour
A mobile client device running Bonjour can locate and use local peripherals such as printers, projectors and Apple TV receivers and the services that these devices offer. To reveal the available services, Bonjour uses multicast Domain Name System (mDNS) service records. But like other aspects of the Apple mobile environment, such as the IOS 5-based Siri voice-response application and iCloud backup and synchronization service, Bonjour heaps loads of overhead onto bandwidth-constrained Wi-Fi networks unless somehow tamed.
In the home with one, or possibly or two, Wi-Fi access points, printers, Apple TV receivers and so forth, the multi-discovery capabilities of Bonjour are a non-issue. Imagine, though, a client device sending service-discovery messages everywhere across a large enterprise network and receiving "I'm here!" messages back from all the available devices and services. In an enterprise context, that could create quite a heavy network load.
For this reason, the most common enterprise strategy for dealing with Bonjour has been to disable it. Admittedly, there's probably a whole business case that could be made for creating new companies to solely focus on the problem of correcting Apple devices' behavior over bandwidth-limited wireless networks. In this case, anyway, at least two existing Wi-Fi vendors have stepped up to the plate to make Bonjour a tad more enterprise-friendly.
Aerohive Networks recently introduced the Bonjour Gateway, which its says enables Bonjour to traverse multiple subnets and thus advertise services more thoroughly across enterprise nets. For its part, Aruba Networks has announced AirGroup software to stem the flooding of Bonjour traffic on wireless nets. Both vendors' software will be available at no charge to existing customers and can work on other Wi-Fi vendors' wireless LAN infrastructures.
Parallel Problems
The two solutions might at first seem at odds, but they're really not. The first thing that's important is users' ability to see - so they can use - what peripheral resources are available to them. In its native form, Bonjour operates at Layer 2 and thus can't see beyond a Layer 3 subnet, which most enterprises have in place. That restricts use of the resource-advertising service to only that one network domain, which doesn't work when users are highly mobile. That's the problem Aerohive addresses with its gateway, currently scheduled to ship mid-year.
By the same token, in advertising resources across the whole network, you want to streamline unnecessary exchanges of service-discovery messages for the excessive overhead mentioned. Let's say you're a mobile worker in a large company with 500 printers spread across multiple buildings, and you want to print a document. Do you really need to see the location of all 500 printers or just a couple that are near where you are at the moment?
Probably the latter. But because you might be anywhere in the enterprise or campus, the service visibility needs to reach across the whole network. From there, visibility in the user's temporary domain needs to be limited to those peripherals and services he/she is likely to use to keep the experience user friendly and streamline network overhead. That's the problem Aruba purports to solve.
Policies for Home, School, Work
Consider, for example, a university setting. Students want to use Apple's AirPlay service to stream content from their laptops to an Apple TV receiver for output on a high-def TV that's probably in their dorm room or in a nearby student lounge. If a student should make the request and content is streamed to all such devices all over campus, that's a lot of unnecessary flooding.
Also, what if a student has his own AirPrint-capable printer but doesn't want it to show up on the entire student body's Bonjour services list? There's a way with the Aruba solution, scheduled for availability this fall, to register that device as "personal."
And as mentioned, at home, the number of peripherals is likely limited. So there's not much need to control Bonjour's brutish behavior there.
]]>
Automating UC Service Fulfillment in the Enterprisetag:www.webtorials.com,2012:/discussions//6.13712012-04-18T13:07:20Z2012-04-18T13:11:57ZA TechNote on Unified CommunicationsGary Audin, Delphi, Inc....Gary Audin, Delphi, Inc.http://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=137
]]>
Delivering telephony and UC services has traditionally involved inputting detailed configuration, privilege and restriction information to multiple application systems. It's time-consuming to do manually, prone to errors that can mean costly service delays and requires a skilled engineer.
However, successful service fulfillment can lead to reduced total cost of ownership (TCO), faster service change response, fewer errors and greater user satisfaction. So to improve the chances for success, automation systems for UC fulfillment in the enterprise have begun to emerge, as demonstrated at the Enterprise Connect 2012 conference last month in Orlando.
Multi-Vendor Automation
UC fulfillment is the process of delivering integrated, IP-based telephony-centric services - such as voice, video, instant messaging (IM), conferencing and presence - to customers in a timely and accurate manner. These services might be provided by a single vendor, multiple vendors and/or a cloud service.
Automated service fulfillment software systems have existed for many years in the telecom service provider space. They have now entered the enterprise communications market. For example, at last month's Enterprise Connect 2012 conference, companies such as VOSS Solutions and Unimax demonstrated systems that can manage UC service fulfillment across multiple vendors' systems and cloud services. Three Main Drivers
It is logical that automated service fulfillment systems should find their way into the enterprise communication market. There are three main drivers:
Need to ease complexity. Unified communications services can add complexity to an already complex IP voice infrastructure. Organizations need to hire skilled engineers to run these platforms and ultimately become dependent on those key engineers. But many administration tasks are highly repetitive and mundane, diminishing engineers' job satisfaction. By taking over these repetitive tasks, automated UC fulfillment systems help standardize configurations, lower the risk of manual error and reduce an organization's dependence on key staff engineers.
Need for centralized management. Enterprises understand the inefficiency of each business unit, agency or location operating its own communication system. As more sophisticated enterprise architectures are implemented, multiple business units are supported from a central data center. Central IT organizations can be responsible for the entire enterprise-wide communication platform, delivering advanced services to the separate business units much like a mini service provider. However, if a local business unit wants to maintain control of mission-critical communication services, its IT team can manage its own services and users while also sharing a central network infrastructure.
Agility. It has become unacceptable for users to have to wait 24 to 48 hours for a communication service change in the current world of instant online access. IT departments are under pressure from cloud providers to offers users access to a business portal to manage their own services in real time. Service fulfillment systems provide a business layer with a real-time administration portal for end users.
]]>
A Roll-Up-Your-Sleeves Look at Mobile Policytag:www.webtorials.com,2012:/discussions//6.13662012-04-16T20:54:42Z2012-04-17T16:04:24ZA TechNote on Wireless and MobilityJoanie M. WexlerTechnology Analyst/EditorEditorial Director, TechNotes...Joanie Wexler, Analyst/Editorhttp://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=226
]]>
Mobile policy setting and enforcement have many facets. Let's look at a couple particularly challenging ones:
How do you institute security on employee-owned devices that your network doesn't recognize?
How do you avoid having to recreate existing network policies specifically for the mobile environment?
Take it from the Top: Discover BYODs
First, to succeed at any mobile security policy setting and enforcement, you need to discover all the mobile devices attempting to access your network. Until recently, many enterprises have been - or still are - flying blind (see sidebar). Usernames and passwords help identify users, but device types and their security postures remain a mystery without the aid of special visibility tools.
One reason is that many users now have one or more mobile devices they have bought themselves. When they first attempt to connect, your network won't recognize their IP addresses. If you are in favor of allowing employees to use their own devices for some level of network access, you'll need a way to determine whether it's safe to grant access to these phantom smartphones and tablets.
First, you'll need to learn who the user is (is he or she a legitimate employee?) and then check the posture of the device (has the device been jailbroken or rooted, for example, or does it contain any malware?).
Getting this information requires some sort of tool that will identify all the devices, known and unknown, trying to access your network. Usually that tool is a mobile device management (MDM) hardware or virtual appliance, server software or cloud service. Often, you can connect the MDM system to your corporate email server or an authentication server.
When a mobile device tries to connect, existing usernames/password combinations verify the user. To assess the devices themselves, it's possible to start by assembling a database of basic information that's available via the connection between the MDM system and your email infrastructure, explains Custie Crampton, vice president of product management at Tangoe, an MDM and telecom expense management company.
Since most organizations have deployed mobile email, Tangoe performs device autodiscovery via Microsoft Exchange using custom APIs that reveal the type of device connecting to a given email account, its phone number, model number and operating system, he explains.
Ideally, for the greatest control, you'll want to install MDM client software on the mobile device. The profile created via Exchange creates a temporary "mini client" for the device, Crampton says; the next time the device attempts to connect, a full client can be pushed over the air to the device. Once the full MDM client is on the device, there is much more information that can be collected about the device and its ongoing posture.
If an employee who has brought in a personal device is not OK with you installing MDM client software on it, you will likely restrict him or her to mobile email access only from that personal device. Piggybacking on Existing Policy Infrastructure
As indicated, some MDM tools integrate directly with existing backend equipment, such as an existing Microsoft Exchange email server or Active Directory or other authentication server. In this situation, you can pass along username and password credentials and authenticate users in the same way as on the wired network.
"Most companies have already set up core hierarchies and attributes within Active Directory," observes Ojas Rege, vice president of strategy at MDM company MobileIron. "They don't want to have to recreate them in their mobile system."
Active Directory, though, verifies users' identities, not devices and their security postures, Rege acknowledges.
Similarly to Tangoe, MobileIron connects to email servers based on the ActiveSync protocol - such as Exchange, Notes, Gmail and Office 365 - as a venue for checking device posture and quarantining, remediating or blocking devices if necessary.
MobileIron will also connect to your certificate authority (CA), if you have one, to ensure that the device is in fact the device it claims to be; if you're not already running a CA infrastructure, it offers a CA specifically for your mobile population. ]]>
7 Must-Haves in a UC Cloud Contracttag:www.webtorials.com,2012:/discussions//6.13542012-04-11T12:28:56Z2012-04-11T12:35:21ZA TechNote on Unified CommunicationsGary Audin, Delphi, Inc....Gary Audin, Delphi, Inc.http://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=137
]]>
There are industry guidelines that providers and enterprises can use when crafting an agreement (see sidebar). Still, it's necessary to put a few things in legalese. A good UC cloud service agreement has many important elements, but these seven are key must-haves that should not be overlooked.
Where is the demarc? The cloud service contract should explicitly define the demarcation point where the provider's responsibility ends. Bear in mind that the provider's responsibility might end at the edge of the provider's hosting site and not cover some or all of the access network, which is often the Internet. This should be clearly spelled out in your contract so you can strike the necessary service-level agreements with your network service provider to cover the availability of the access network segment of your cloud setup.
Search warrants and subpoenas. If the service provider receives a search warrant or subpoena for information, it must notify the consumer. The enterprise must know, and address in the agreement, how it will be protected if it has data stored on the same systems as other customers who are part of the subpoena.
Hacker attacks. What safeguards does the provider offer against hackers who target the cloud? Ask the provider to describe them in writing. Can you negotiate at least minimal retribution for any breaches due to a vulnerability in the cloud provider's infrastructure? It's worth trying.
E-discovery. The cloud provider should be as responsive as possible to e-discovery requests - requirements to make electronic data available for legal proceedings. The contract should specify how quickly the provider will respond to e-discovery requests and ensure that the needed data will be easily retrieved.
Litigation risks. It might sound farfetched, but it's not: consumers using cloud services could be at risk for patent litigation if the provider's technology infringes on another entity's patent. The contract should ensure that they are protected.
The exit clause. Service providers change their terms and conditions unilaterally and might cancel service if the customer does not agree to the changes. The enterprise, too, needs a legal path to terminate service. The contract should contain an exit clause that protects the enterprise if the arrangement does not work to its satisfaction or if the provider goes out of business or is sold. This clause should also ensure that stored data and software licenses be returned without delay.
Service-level agreement. The SLA for a cloud service typically covers both reliability and availability. SLAs can be measured over a long period of time, possibly weeks, but are most critical at peak traffic times. Ideally, the enterprise customer would like 99.99+ percent service availability. But again, with other elements out of the provider's control in the chain of access to the provider's site (e.g., the Internet), enterprises are likely to see a somewhat lower availability level. The contract should spell out what the user can realistically expect.
]]>
Implications of the Consumerization of ITtag:www.webtorials.com,2012:/discussions//6.13512012-04-10T12:51:04Z2012-04-10T12:54:22ZJim Metzler, Ashton, Metzler & Associateshttp://www.webtorials.com/mt/mt-cp.cgi?__mode=view&blog_id=6&id=49
]]>
There is no doubt that the BYOD mobility movement is having a major impact on IT organizations. But the effect of IT consumerization goes far beyond just BYOD, because users are growing more comfortable with all sorts of technologies and services. It's now IT's job to account for this increased user savvy in the infrastructures and policies it designs and builds.
Evolving IT Attitudes
Until recently, most IT organizations made concerted efforts to control the types of devices that could access the corporate network. It was common for IT to refuse any user-owned devices access to the network, or to standardize on a single device, usually a Blackberry, that was allowed access. The last few years, however, have seen a dramatic shift.
Through 2010, the most common device used by a mobile worker was a PC. However, in 2011 smartphones and tablets actually outsold PCs. Because smartphones and tablets might run any of six or seven different mobile operating systems, many IT organizations have now given up traditional attempts to control which user devices can access the network.
Instead, they're learning to say "yes" to users. But, as they do so, they're having to learn how to manage and secure the various user-selected platforms in a cohesive way that integrates with their other IT and network management responsibilities and systems.
Another impact of the BYOD movement is that more users in both branch offices and headquarters facilities are accessing the corporate network via Wi-Fi. Most smart mobile devices today can support both cellular and Wi-Fi connections. While the use of Wi-Fi provides relief for the mobile WAN budget, it will stress the Wi-Fi capability of many branch-office and headquarters LANs, particularly in those organizations that originally bolted Wi-Fi onto their wired LANs to serve a niche user base. As a result, the BYOD movement is driving IT organizations to look at implementing a LAN that tightly integrates wired and wireless functionality.
There's an App for That
The consumerization of IT has caused another shift to occur slowly over the last 10 years. If you looked inside any company a decade ago, the IT organization was either regarded affectionately as technology gurus or less affectionately as technology nerds. In either case, most company employees, not seeing themselves as tech savvy, relied on the IT organization as the tech experts sitting in an ivory tower.
Today, however, it has become common for a company's employees to have both Wi-Fi and high-speed Internet access in their residences. They have email accounts from companies such as Google and Yahoo! that allow them to save a huge volume of emails. Most have devices that can print, scan and copy documents. They might also have external storage drives or over-the-air backup and storage cloud services that let them store terabytes upon terabytes of content. In other words, employees now run their own entire IT infrastructures.
On top of that, there are tens of thousands of applications that they can quickly download either free or for very little money that will tell them whatever they need to know, from the artist who recorded a song that is playing in the background to the location of the closest frozen yogurt store to their arrival gate at almost any airport.
Changing Expectations
The biggest impact of the consumerization of IT is that it has dramatically changed the expectations that a company's business and functional managers have of IT. Most business execs don't want to be told that it will take months to implement the functionality they need and are pushing IT organizations to become much more agile. If those organizations can't keep up, it's not much of a leap for managers who are culturally conditioned to downloading applications on their smartphones to simply bypass IT and make use of public cloud computing solutions.
The short-term impact of users bypassing IT is that they are likely to use applications or services with little or no consideration of the security and compliance issues associated with them. The long-term impact of users bypassing IT could well be that the IT organization becomes irrelevant.]]>
Contract fairness was one of the major topics presented last week at the Center for Communications Management Information (CCMI) Telecom Negotiation Conference in Washington, D.C. Hank Levine, founding partner in the communications and technology law firm Levine, Blaszak, Block & Boothby, LLP (LB3), revealed a series of "gotchas" that can be mitigated by judicious negotiations with the telecom carrier. 
In
April, the FCC published a report detailing its investigation into
Street View for possible violation of Section 705(a) of the
Communications Act of 1934, which pertains to unauthorized publication
or use of communication except as authorized by the Wiretap Act. The
investigation focused on this provision:
Don't trust all messages from relatives, friends or organizations that you'd normally trust. "From" fields are easily spoofed. Today, I heard from "Norton Antivirus" and "PayPal," both of which I use. And though the messages were highly "anonymized," when I traced them, one seemed to come from a building down by the river in lower Chi-town and the other from beautiful downtown Bolton, England (see photo).
The reason for the drastic differences is that cloud computing offers a whole new pricing model for access to software applications. The cloud offers more of a utility computing pricing model: one that is analogous to how consumers pay for electricity, gas and water. We pay based on consumption and draw from a shared power infrastructure and water source rather than everyone having their own. 
UC fulfillment is the process of delivering integrated, IP-based telephony-centric services - such as voice, video, instant messaging (IM), conferencing and presence - to customers in a timely and accurate manner. These services might be provided by a single vendor, multiple vendors and/or a cloud service. 
First, to succeed at any mobile security policy setting and enforcement, you need to discover all the mobile devices attempting to access your network. Until recently, many enterprises have been - or still are - flying blind (see sidebar). Usernames and passwords help identify users, but device types and their security postures remain a mystery without the aid of special visibility tools.
Where is the demarc? The cloud service contract should explicitly define the demarcation point where the provider's responsibility ends. Bear in mind that the provider's responsibility might end at the edge of the provider's hosting site and not cover some or all of the access network, which is often the Internet. This should be clearly spelled out in your contract so you can strike the necessary service-level agreements with your network service provider to cover the availability of the access network segment of your cloud setup.