Cisco Blogs


Cisco Blog > Education

BYOD or 1:1 Computing in K-12? The CTO’s Weigh In…

Significant technology developments continue to hit the USA K-12 market.

With Apple’s digital textbook announcement last week, we are now likely to see more acceleration of the spread of new student devices. Is this major announcement by the company that rapidly transformed computing, music and mobility the boost schools need to drive toward the promise of digital technology for all students? And what’s the resulting impact on device and computing trends in K-12?

On the topic of devices, we asked two of our leading K-12 Chief Technology Officer (CTO) customers to give us their opinions. BYOD? 1:1? What’s the better course to pursue? The answer would make Nike proud. While both noted device and equity issues one way or another, all said simply” “Just do it!”. What’s even more interesting – it wasn’t actually all about the device.

Read More »

Tags: , , ,

In Between the Numbers: New Year’s Resolutions

January 13, 2012 at 5:08 pm PST

OK, retail technologists. It’s the new year. Time for resolutions.

Grab the pencil (so you can revise, not erase) and the notepad, plug in the earbuds, and settle into your thinking chair. And take the first step in getting rid of those old bad habits.

Resolve to address those big, ugly, long-standing structural weaknesses that weigh you down like a ball and chain. Weaknesses like the non-integrated, multiple databases residing within the legacy applications. Like the oft taken-for-granted time-to-capability performance (caused by a legacy store architecture) that measures all-store roll-outs in years and gets a constant eyeroll and deep sigh from the SVP of Ops.

Resolve to look that ancient, deeply-customized application that you prop each year with more people and money squarely in the eye.

Resolve to lose weight. Heavy, power-sucking, PO-abusing CPU weight. Virtualize the data centers and start the process of removing CPUs (and all the break-fix maintenance costs) from the store. Thin is in. So is operational simplicity.

Resolve to demand value from your vendors – which, as we all know, is different from the lowest price. Demand that they help you solve specific business problems. Demand that they bring their best strategists and thinkers to the table.

Resolve to ignore all the one-off shiny technologies du jour. Easier said than done, especially with NRF around the corner, the marketing SVP sputtering that “everyone else is doing it,” and the CEO remarking that his nephew had one at Christmas. (Mobility! Smartphone apps! Tablets! Interactive kiosks! Ooooh!)

Resolve to embrace BYOD, and push it forward. Your corporate leaders of tomorrow won’t necessarily thank you. It’s just that they’ll be willing to work for you instead of the competition.

Resolve to toss out of the room any consultant or vendor sales rep who talks about “customer experience” without detailed considerations of your segment, your price point, your brand promise, and the overall customer journey by persona – all the way through service and loyalty. Resolve to ask them how many times they’ve visited your stores.

 What am I missing?

 ##

Tags: , , , , , , , , , , ,

Healthcare BYOD users, beware of the uninvited guest!

There are some interesting security developments on the BYOD front that may present serious HIPAA challenges for healthcare delivery organizations.  If you’re not following the story I’ll give you the quick summary.   Security consultant Trevor Eckhart discovered monitoring software from Carrier IQ on his Android based smart phone.  The software which he could not disable was placed there by the cellular carrier in an effort to monitor and enhance the end user experience.  His testing reviled that the software was able to log keystrokes, URL’s, GPS location and SMS text messages amongst other items.  All of the juicy information that is collected encrypted and uploaded to the carrier or manufacturer for “analysis” – NICE!

 The seriousness of the issue sparked a federal probe with Senator Al Franken sending a request to the software vendor, manufacturers and cellular carriers asking for specific details of the monitoring software capabilities and how the information collected is being used.   Many of the responses received to date raised many more questions than they answered. 

By the time you read this, the holiday season will be behind us.   The second longest post-holiday line over the dreaded Toys-R-Us return line is likely to be in front of the IS Support desk come “Monday Morning”.  All the Cindy Lou Who’s will be in line asking that their smart device be given access.      

It will be interesting to see the statistics, but I suspect that in comparison to previous years, it’s highly likely that many more BYOD smartphones and tablets will enter the healthcare environment.  One of the top care about for CIO’s is to provide rapid provisioning within their organization.  This is great, but I often wonder if responding to the demand could result in cutting the proverbial corner without knowing it!

Given the need to deploy a wide variety of BYOD devices quickly and securely, the healthcare Chief Security Officer (CSO) certainly has their job cut out for them these days.  The shire volume of consumer devices entering the enterprise environment raises some serious questions as to their readiness, especially in regard to security and privacy – add ePHI and the responsibilities of covered entities and you have some significant reason for concern.  Perhaps before a healthcare system adopts a BYOD policy, one should consider the ramifications of allowing the wide range of consumer devices (and contracted carriers) to access protected resources.  I’d suggest that it’s certainly time to consider the use of an enterprise ready device – one such as the Cisco Cius where you can control key aspects related to maintaining security and enhancing the user experience.

Cisco Cius with AppHQ is an Enterprise Ready Tablet

First, with the monitoring software described, don’t assume that your security policy by itself is sufficient.  Remember this software, as with others to likely follow, are key loggers.  Such applications by definition capture each and every keystroke and button press regardless of the application or transport/network encryption being used.  Many CSO’s may incorrectly conclude data loss is impossible given the use of VPN technology.   Likewise some will conclude that their adoption of VDI assures that the data stays local to the healthcare system and not to the device.  While partially true, we are effectively talking about keystrokes being logged.  Clearly a physician WILL over time enter data that is classified as ePHI – all nicely collected and uploaded unknowingly to a 3rd party.  Even SMS text messages sent or received by such a device is within scope!

My advice is to stay abreast of this developing story, and in the meantime, take the time necessary to fully understand the ramifications of allowing various devices (and carriers under contract) to access your protected resources.  It’s no longer about robust authentication mechanisms, secure encryption and remote wipes – It’s now much more than that!  Also remember that a device that is classified as “safe” today might not be in compliance after an OS upgrade or application install in the future.  Taking accountability for the device and the applications being loaded onto it by either the user or carrier is YOUR business.  Having a system in place that facilitates YOU being able to control the OS and the applications that are being installed on BYOD devices is a critical objective. 

So make sure that the next time you’re planning a BYOD party that you recognize all the guests being invited – otherwise some valuables in the form of ePHI may be slipping out the back door!

Tags: , , , , , , ,

The Power of Now

“I believe that the future is something that must be achieved and not predicted.”

I love that quote—something I came across in a recent Forbes article, which is credited to Don Tapscott, author of Wikinomics.

There’s a lot of talk right now about cloud computing, proliferation of devices and Bring Your Own Device (BYOD). And when you look at the big picture, it’s clear that there are two things we need to acknowledge:

  1. Employees want the freedom to work anywhere, anytime, with any device; and
  2. IT needs to rethink the infrastructure to allow for the seamless and secure work experience that actually lets us work and collaborate across distances, and in ways that seem like we’re ‘right there.’

GigaOm recently reported on a talk by Gary Swart of oDesk that focused on remote work. Referring to ‘Work 3.0,’ Swart described it as “access to the best people no matter where they are in the world,” and the “ability to work with those people as if they’re in the room with you.”

Read More »

Tags: , , , ,

Device Proliferation, BYOD, and Security

It started with the iPhone and really picked up with the iPad. Silver haired gents in corner offices brought their new precious to IT and asked to “get on the network” or “get their email on this.” In the past, IT was able to mumble something about unsupported devices and how a random user who brought a random device was out of luck. After all, they had tested solutions in place, nice things like Windows Mobile and Blackberry, solutions that worked well with Enterprise infrastructure. These new things might be better at Angry Birds or Plants vs Zombies, but the whole BYOD/Enterprise interaction was an unknown and thus a threat and a risk. Poor IT guys got trumped though, silver haired guys said jump and eventually the answer changed from “not supported” to a more career preserving “how high?”

Read More »

Tags: , , , , , , , , , ,