Home About Blog Report & Survey Highlights Case Studies Q&A Interviews Services

Laura DiDio on…

Microsoft Azure Sphere chip for end-to-end IoT security from the Cloud to Network Edge

“MediaTek is a good partner [for Microsoft] to have for its Azure Sphere secure IoT chip,” said Laura DiDio, principal analyst with ITIC. “They will provide a Wi-Fi controller, the processor will run Microsoft’s Linux-based IoT OS and you’ve now got a highly secure, connected device at a decent price point.”

Channel Futures, April 17, 2018

Microsoft Reorganization:

“Microsoft has actually been moving away from Windows and more towards the cloud, analytics and AI for the past ten years,” explained Laura DiDio, an analyst at ITIC. “This did not happen overnight.” DiDio pointed out that Nadella has made major changes quickly during his tenure. “That’s the way you have to move,” to stay relevant, she said. “You’ve got to be agile to stay ahead of the game.”

The changes don’t mean that Microsoft is totally giving up on Windows, DiDio said. But they do mean that Nadella is focusing the company’s energies around stronger assets.

“They’re de-emphasizing Windows,” she said, in order to become a stronger “player in cloud and artificial intelligence, because that’s where the money is.”

CNN Money, March 29, 2018

Failure to deliver reliability and uptime:

“Time is money,” DiDio says. “Systems, networks and connectivity devices are subject to failure. If the downtime persists for any significant length of time, it can be expensive in terms of monetary losses. It can disrupt operations, decrease worker productivity and negatively impact the organization’s business partners, customers and suppliers.

“A security outage of any significant duration can also be a PR nightmare and damage the company’s reputation, causing lost business,” DiDio says. “Reliability and uptime go hand in hand with a comprehensive, detailed backup and disaster recovery plan that also includes an internal operational level agreement that designates a chain of command in the event of any type of service disruption.”

Every organization should have a disaster recovery plan that includes an itemized list of who to contact at vendor organizations, cloud and third-party service providers, DiDio says. “The CISO should also know what the company’s contracts stipulate as the response time from vendors, cloud, and third-party service providers to respond to and thwart security incidents and track down the hackers,” she says.

CSO Online, November 21, 2017

Cal State University and Hartnell College Launching Cohort Program:

“Since 2013, the two institutions have promoted this program as a way to attract minorities, women and students who are the first in their families to attend college to Computer Science and STEM subjects. The Cohort program nurtures these students by having them take their CS classes as a group.” DiDio says. It also helps them adjust more quickly to college life by providing them with group study and life skills classes to help them stick with CS as a major and graduate.

“So far, so good. A 75% majority of students enrolled in the CSUMB/Hartnell CS Cohort program graduate. This is well above the national average of about 30%,” DiDio notes.

ITIC Corp, November 17, 2017

Burger King Ad Creates Whopper of a Mess:

“In the Internet of Things environment, where you can have “an ecosystem or ecosystems of ecosystems interconnected, the attack vector universe is potentially limitless,” noted Laura DiDio, research director for IoT at 451 Research.

The risks are “everywhere, and what you can do is mitigate risk to an acceptable level,” she told the E-Commerce Times — but that requires vendors to make secure products.

E-Commerce Times, April 13, 2017

United Airlines Customer Service Snafus:

United’s behavior was “cavalier and callous,” said Laura DiDio, research director for IoT at 451 Research.

“The deck is stacked against passengers these days,” she told CRM Buyer.

However, this situation “is a PR nightmare for United Airlines,” DiDio added, “and it’s not going away.”

CRMBuyer, April 11, 2017

Cloud computing and Bring Your Own Device (BYOD) are inarguably two of the hottest trends in high tech today. These enabling technologies increase productivity but they also present corporations and consumers with significant security, privacy and manageability challenges.

A new software service from nCrypted Cloud, a Boston-based startup, secures and encrypts cloud-based data in a straightforward, easy-to-use and affordable manner.

nCrypted Cloud encrypts data from recognized cloud services like Dropbox, Google Drive and Microsoft’s SkyDrive. nCrypted Cloud comes in three versions: a basic Consumer version which is free; a Consumer Pro version and an Enterprise edition aimed at corporate users.

Founded in July 2012 by security experts, Nicholas Stamos and Igor Odnovorov, nCrypted Cloud enables users to access and share data securely regardless of geographic location and across various security domains. At the same time, corporations, their end users and consumer users retain the ability to control who has access to their data.

Nick Stamos, nCrypted Cloud’s co-founder and chief executive says that IT must face the fact that services like Dropbox have already penetrated 95% of the Fortune 500 companies. In most cases though, the service isn’t actually sanctioned by IT, but rather brought in by individual employees, which many refer to as Shadow IT. “Cloud storage providers such as Dropbox are here to stay, and will exist in our personal and corporate lives with data being intermingled. Best to accept this reality, and address the issue by thinking out of the box.”  Stamos says. “nCrypted Cloud was created to protect the privacy of personal and corporate data, with its unique patent pending approach. Easy enough for a consumer to use, but built with the features needed to comply with HIPAA, PCI/PII, ITAR and IP Protection requirements as well as their overall corporate data governance.”

Security is an Essential for Cloud, BYOD and Mobility

nCyrpted Cloud does what its name suggests: delivers the crucial security component often lacking in BYOD and cloud-based services. The corporate workforce is increasingly mobile; whether traveling for business, telecommuting or simply accessing the corporate data network in off-peak hours, there is no such thing as “after-hours.” And the lines between corporate and personal information have blurred to indistinction. BYOD usage also is rapidly proliferating. But as with so many other technologies, the security and data privacy component lags far behind.

ITIC’s 2012-2013 BYOD Deployment and Usage Trends Survey, which polled 500+ users from September through December found that nearly two-thirds – 62% – of corporate survey participants allow workers to use personal devices like tablets, smart phones and portable/lightweight laptops for business use and to access corporate data. However, 71% of the respondents indicated that their firms have no specific security policies and procedures in place to support BYOD deployments. Only 13% of survey participants said their companies were proactively monitoring and security BYOD deployments. This despite the fact that 47% of those polled said they were concerned about the potential security threat posed by the use of BYOD devices in workplace.

nCrypted Cloud safeguards data from external hackers and affords companies and their knowledge workers the holy grail of internal data security: separation of the corporation’s intellectual property (IP) from the employee’s personal data and files.

The swift adoption of BYOD devices in the workplace has been a convenience and a curse. It saves organizations money and lets workers use their familiar devices. But it also raises security concerns and poses potential risks for both parties. nCrypted Cloud solves these issues by enabling end users to apply privacy controls to distinguish their personal data from the company’s corporate data. At the same time, the corporate security IT managers can apply the appropriate enterprise security policies and procedures to safeguard the company’s intellectual property (IP) across the enterprise and on various BYOD and mobile devices.

This nCrypted Cloud capability overcomes the thorny issue of what happens when an employee leaves a company either of their own volition or through a workforce reduction or firing. Oftentimes, even when the parting is amicable, the business still opts to immediately cut off access, leaving the former worker in the lurch if they can no longer access their personal files and data. Corporations also have real concerns about safeguarding their sensitive IP in the event of unintentional leaks or deliberate malicious actions on the part of a disgruntled employee.

“nCyrpted Cloud ensures that the personal data is separated from the corporate IP. Both the employer and the employee have the ability to revoke access to corporate data residing on a personal device and pull back personal data from a corporate device. So it’s a win-win for all parties and doesn’t compromise anyone’s security,” Stamos says.

nCrypted Cloud provides persistent client-side encryption which guarantees data security by verifying the user’s specific and pre-defined access policies and sharing status; user ID keys are sent directly to the device. The client then caches keys for offline access to files; the keys can be removed or revoked if and when the access policies change. nCrypted is also non-disruptive. Users can easily access and share files across multiple and existing cloud-based storage services using a single-pane view of cloud and corporate file repositories.

The time is now for nCrypted Cloud

“A product like this [nCrypted Cloud] was inevitable, according to Andrew Baker, president of Brainwave Consulting, an IT datacenter and security deployment consultancy in Gassaway, West Virginia. Baker has more than 20 years experience as an IT security manager with companies like Bear Stearns, Time Warner Music and Send Word Now.

“The message to anyone who uses cloud services is: users secure yourselves or suffer the consequences,” Baker says. “It’s only a matter of time before data in cloud services like DropBox, Microsoft’s SkyDrive, Google Drive and other data gets exposed.”

Baker observes that a quick look at the security breaches of the last 18 months indicates that “they’re hitting a lot closer to home.”

Hacks are no longer relegated to banks, money and credit card fraud. Personal and professional sites like LinkedIn, DropBox, Scribd and others have all been compromised. “These are things that people use and see on a daily basis; the security breaches are and will continue to get more personal in terms of intellectual property or gaining access to an asset,” Baker says.

The attacks occur because passwords are shared; hackers can break into one service or site and gain access to another. “The mindset of the hackers has changed and the mindset of the potential victims is also aligning with the new reality – albeit somewhat more slowly,” Baker says.

Baker likes nCrypted’s concept of centralized straightforward management and security.

“As an IT security professional one of the first things I look for is centralized management and the flexibility to set up rules. And when it comes to BYOD, you absolutely need flexibility for both the end user’s personal data as well as the corporate data – I don’t want the two disparate data types co-mingling, so this aspect of nCrypted Cloud’s functionality is practical and appealing,” Baker notes, adding, “Corporations and consumers need more tools like this as their cloud and BYOD usage increases. If I have to deploy something manually to even five machines it’s definitely worth it for me to automate the process.” 

Pricing is another important consideration.

nCrypted Cloud is available in three (3) versions. The basic consumer version is available for free download at the company’s Website. The Consumer Pro version lists for $5 per month; it incorporates managed secure sharing, some file auditing, and the capability to manage files stored in disparate cloud services. The Enterprise Edition – which is already being used in beta trials by several potential customers — retails for $10 per user/per month. It includes all of the capabilities of the other versions and also supports additional features like centralized management provisioning, multiple identities, policy control and a full audit trail of 30-day archives.

Brainwave Consulting’s Baker says some businesses could initially balk at the $10 monthly service charge for each user. However, he believes that the benefits of securing the cloud based information across the enterprise and BYOD and mobile devices more than justify the capital expenditure outlay.

A company that purchases nCrypted Cloud for one thousand users would pay a list price of $120,000 (US dollars) for a year – before volume discount.

“Even the full list price of $120,000 isn’t too bad for encrypted cloud storage,” Baker says. “In fact, three cloud storage breaches from looks like a very good deal when you consider the alternative: lost or stolen data and IP, damage to the company’s reputation and the risk of litigation. People who have misgivings about paying the price, will have fewer qualms about pricing as they hear about more hacks. At that point it will look like a very good deal,” he adds.

It’s also true that few firms pay full list price. Discounted or street pricing varies by customer and volume. However, street pricing typically ranges from 20% to 50% and ITIC has heard of early nCrypted Cloud customers who have already received hefty discounts for early adoption.

For more information or to get a free 30-day trial of nCyrpted Cloud go to: http://www.nCryptedcloud.com.

Share This Content:
No Discussions

Be the first to comment!

Post a Comment:

Laura DiDio on Facebook
Laura DiDio on LinkedIn
Laura DiDio on Skype
Laura DiDio on Twitter