Why are standards so important in Information Technology? Standards enable interoperability between complex systems. Many enterprises look to products that use these standards for easy integration between their existing and new systems, as well as lowering design, development, and production costs. Further, standards allow innovation, enabling new solutions that solve business problems.
Cisco has been a member of the Association of Retail Technology Standards (ARTS) since 2006 and has contributed to many white papers and standards over the years, including Cloud, SOA, Mobile, and Social Blueprints. Many of the standards created by ARTS focus on the messaging syntax used between systems that enable products from a diverse set of vendors to interoperate and communicate with one another—complexity made simple.
ARTS is the IT standards division of the National Retail Federation (NRF), and is comprised of over 200 international vendors and retailers dedicated to reducing the costs of technology through standards. Since 1993, ARTS has been delivering application standards exclusively to the retail industry. ARTS has four disciplines: the Standard Relational Data Model, Unified POS, XML, and Standard RFPs. The National Retail Federation (NRF) will be having its next Big Show in January at the Jacob K. Javits Convention Center in New York City. ARTS is targeting to release several new publications at this show and Cisco will be there sharing our latest solutions developed with our technology partners. Read More »
Tags: Association of Retail Technology Standards (ARTS), Cisco, Cisco PCI Solution architectures, Compliance Solution for PCI DSS 2.0 Addendum, National Retail Federation (NRF), RFP standards
The following are excerpts from an interview with Wong IK Ming, Director, eSURIA MENTARI SYSTEMS SDN BHD.
From halfway around the globe in fabulous Singapore, I was delighted to have the chance to interview Wong IK Ming, a Cisco Certified Partner covering Southeast Asian nations, to get his perspectives on data center security opportunities.
Tell me about your customers. What are their most pressing problems?
eSURIA caters mostly for the public sector but we are now extending our services to include Oil and Energy. Our customers have to adhere to new and emerging government mandates around data privacy and sovereignty. This requires a combination of strong governance processes mapped to sound technical controls and a design that is future proof, for example ensuring unified policy, dynamic and logical segmentation. Security must be thought out from the beginning—from the application to the edge of the cloud. I’ve seen a couple of instances of community clouds where security has not been thought through and it’s a matter of time before a security incident occurs.
As a partner, what benefits do you see for Cisco’s approach to data center security?
Our customers are fast adopting new infrastructure models and having the Cisco Validated Designs is a huge benefit because it enables us to attest to the technical soundness of the overall solution and to present security as an integrated element as opposed to a separate element. It also enables us to build these into the overall services templates that we provide with confidence that the necessary testing has taken place. I look forward to seeing more of these validated designs. For example, a validated security blueprint for Microsoft private cloud applications with Cisco UCS.
Read More »
Tags: Cisco USC, Cisco Validated Design, cloud, data center, private cloud, Servers, UCS, virtualization, VMware
The Domain Name System (DNS) is the protocol leveraged within the Internet´s distributed name and address database architecture. Originally implemented to make access to Internet-based resources human-friendly, DNS quickly became critical infrastructure in the intricate behind-the-scenes mechanics of the Internet, second only to routing in its importance. When DNS becomes inaccessible, the functionality of many common Internet-based applications such as e-mail, Web browsing, and e-commerce can be adversely affected—sometimes on a wide scale. This short blog post will explore some real-world examples of DNS abuse. I would like to welcome and thank Andrae Middleton for joining me as a co-author and presenting his expertise on this article.
There are a few different types of DNS attacks: cache poisoning, hijacking attacks, and denial of service (DoS) attacks (which primarily include reflection and amplification). In the news as of late are widespread and focused DoS attacks. Cisco Security Intelligence Operations (SIO), with its distributed sensors, is able observe and measure various aspects of the global DNS infrastructure. What follows are two vignettes detailing recent Internet DNS DoS attacks against the Internet’s DNS infrastructure. We will see that, though the attacks are different, the results are similar and the countermeasures and mitigations are the same.
Read More »
Tags: dns, dns attack, dns attack analysis, security
It was a dark, cold, and scary night when I returned from dinner with friends and noticed that my mobile phone was missing. It had corporate sensitive data such as emails, calendar events, and documents, as well as personal data (including pictures, videos and other documents). Well, let me be honest with you, I didn’t really lose my phone. However, many cell phones, tablets, and other gadgets are lost or stolen on a daily basis. The problem of stolen mobile devices is huge. According to a report from the Federal Communications Commission (FCC) earlier this year, about 40 percent of robberies in Washington, D.C., New York, and other major cities now involve mobile devices. The FCC has teamed up with the nation’s top wireless carriers, including AT&T, Verizon, T-Mobile, and Sprint, to develop a database of stolen mobile devices.
Allowing employees to access corporate email, critical business applications and data makes workers more productive and effective. Finding just the right balance when allowing easy access to the applications that users need to be more productive, while maintaining the integrity and security of enterprise resources, will give your organization a competitive advantage.
Stolen and lost devices are among the many challenges of mobile device security.
Read More »
Tags: Bring your Own Device (BYOD), data_protection, Identity Services Engine, mobile data, mobility, security
The National Retail Federation predicts that Holiday Shopping this year will grow to $586.1 billion, with a record percentage of those purchases occurring online and from mobile devices.
As more shoppers make purchases online and on their mobile devices, Cyber Monday is fast becoming Mobile Monday, opening up a variety of new threats and challenges for shoppers. And even after the shopping is done, consumers need to take care when they open their presents and turn on new devices for the first time, and know what to expect when they bring their purchases to work or school in early January.
Join us on Wednesday, Nov. 28 at 10:00 AM PT for a live discussion with John N. Stewart, SVP and Chief Security Officer of Global Government and Corporate Security at Cisco. John will address topics ranging from how to stay safe while shopping online, tips for securely setting up gifts you receive, and how to safely bring new devices into work and school in the new year.
Read More »
Tags: cybermonday, cybersecurity, Holidays, John N. Stewart, online shopping