Volume LVI, Issue 9

In This Issue

Email Privacy Act a Necessary Fix for Outdated Laws

Excerpted from The Denver Post Report by the Editorial Board

Almost everyone retains old emails, some with important and sensitive information.

And yet we’d bet few people realize that if emails date back more than six months and are stored on a third-party server, the government doesn’t need a warrant to look at them.

“At this moment, law enforcement can access American citizens’ emails without a warrant, even though the exact same messages in paper form would require a warrant,” wrote Representatives Jared Polis (D-CO) and Suzan DelBene (D-WA) this month in The Hill.

“Law-abiding Americans have a right to be frustrated and upset: while email has developed into one of the most common forms of communication, the laws that prevent government intrusion remain outdated for the 21st century.”

Almost everyone recognizes that the thirty-year-old Electronic Communications Privacy Act (ECPA) needs updating.

In fact, a bill co-sponsored by Polis that would achieve this goal has become the most popular in Congress in terms of attracting other members to sign on.

And it finally may be heard on the House floor this week, after sailing out of the Judiciary Committee on a unanimous vote this month… Read More

Verizon Alliance to Bolster LTE Broadcast Technology

Excerpted from RCR Wireless Technology Report by Dan Meyer

Verizon Communications and a trio of international carrier partners have thrown their considerable might behind the LTE Broadcast standard with the formation of an alliance focused on device support beginning in 2017.

In addition to Verizon, the LTE-Broadcast Alliance is being formed with Australia’s Telstra, South Korea’s KT and United Kingdom-based EE.

The carriers claim they represent more than 200 million mobile subscribers, which they plan to use as leverage in getting LTE-B support in “every top- and mid-tier device launched in 2017.”

The technology, which is also known as evolved multimedia broadcast multicast service, is designed to support a single stream of multimedia data that can be consumed by multiple devices instead of sending individual streams of content to each device.

All four carriers have trialed the technology, which they also claim can be used for push notifications, connecting digital signage, become a service platform for Internet of Things (IoT) connectivity and bolster the eventual migration to 5G network technologies. In the US, Verizon has been the most aggressive carrier in testing LTE-B technology… Read More

Storage Goes on Moore’s Law: Lee Caswell, NetApp

Excerpted from ETCIO Report by Sneha Jha

Lee Caswell, VP Product, Solution & Services Marketing, NetApp believes that Flash and cloud is where the action lies in enterprise storage.

These technology forces have been instrumental is making storage a tool for competitive differentiation.

In an interview with ETCIO, he talks about the state of storage in today’s enterprise and how CIOs can leverage it as an innovation tool.

Q. How do you view the evolution of storage in the enterprise space?

A. At NetApp, we view storage as an innovation tool for the CIOs.

Storage buyers have historically been very conservative because the ultimate risk of losing data has been very large.

What’s changing about storage today is that for the first time storage is going on Moore’s Law.

The idea is that storage is materially changing and its tied to Flash.

All our compute devices today are based on Flash technology. NetApp is placing high volume, consumer level technology in the enterprise… Read More

Report from DCIA CEO Marty Lafferty

Click Here for Video.

The DCIA is pleased to report the passage this week in the US House of Representatives of the Email Privacy Act (HR 699) by a vote of 419 to 0.

We applaud the leadership of Bob Goodlatte (R-VA), Chairman of the House Judiciary Committee, which unanimously approved the measure for consideration by the House.

And we salute Chris Calabrese, Vice President, Policy, at the Center for Democracy and Technology (CDT) for his leadership of the Digital Due Process (DDP) coalition, in which the DCIA participates, and which worked tirelessly for passage of the bill.

More than seventy leading civil society organizations, companies, and trade associations supported HR 699, to update the seriously outdated Electronic Communications Privacy Act (ECPA).

As the law that sets standards for government access to private Internet communications, ECPA should reflect Internet users’ reasonable expectations of privacy with respect to emails, texts, notes, photos, and other sensitive data stored in the cloud.

But, passed nearly thirty years ago, ECPA did not contemplate today’s technologies.

The Email Privacy Act ends ECPA’s arbitrary “180-Day Rule,” which has permitted electronic communications to be obtained without a warrant after 180 days.

HR 699 also rejects the Department of Justice (DoJ) interpretation of ECPA — that the act of opening an email removes it from warrant protection.

It also ratifies the Sixth Circuit’s decision in US v. Warshak — that digital content is protected by the Fourth Amendment.

The Email Privacy Act requires that law enforcement obtain a probable-cause warrant for content with limited exceptions.

And it does not carve out civil agencies from the warrant requirement, which would have expanded government surveillance power and undermined the very purpose of the bill.

With House passage of HR 699, our focus now turns to the Senate to develop support and encourage passage of a companion bill. Share wisely, and take care.

Telefonica Vivo Upgrades Cloud Plus Platform

Excerpted from Telecompaper Report

Brazilian operator Telefonica Vivo has upgraded its Vivo Cloud Plus platform.

The IT infrastructure service integrates the latest computing technologies, networking, data storage, security and a Tier III data center.

The platform offers complete and flexible cloud solutions with high availability and scalability, meeting the diverse needs of customers, the company said Vivo Cloud Plus provides companies with cost reduction, saving of resources and physical space and increased productivity.

With the update of the platform, the service contracting model can be on demand — that is, companies hire only the services they need and are charged according to use.

Telefonica Brazil, trading as Vivo at the consumer level, and as Telefonica Vivo at the corporate level, is a Brazilian telecommunications group, subsidiary of Spanish telecommunications leader Telefonica.

It was originally formed as part of Telebras, the state-owned telecom monopoly at the time.

In 1998, Telebras was demerged and privatized, with Telefonica taking Telesp, and rebranding it to Telefonica… Read More

Denver Broncos Speed Draft Day Decisions with NetApp

Excerpted from Broadway World Report

“In preparation for draft day, our team crunches a significant amount of data, from a player’s medical history and average speed to body movement and reactions and how players perform in certain situations,” said Russ Trainor, Vice President of IT for the Denver Broncos.

NetApp FAS systems not only enable us to analyze all of this data in or near real-time, they actually power our entire infrastructure, business apps, fan engagement applications, coaching tools and decision making based on huge amounts of data collected.”

One of the most successful and popular football teams in NFL history, the Denver Broncos have won several world championships and conference championships.

Looking to accelerate business-critical applications, future-proof their infrastructure, and manage up to 30 percent annual data growth, the Broncos’ IT staff turned to PEAK Resources, a NetApp partner, to install NetApp storage systems.

With NetApp systems in place, the Broncos have the infrastructure needed to power everything from data analysis on draft day to the stadium on game day, as well as support over 330 events throughout the year… Read More

Verizon Completes NFV OpenStack Cloud Deployment

Excerpted from Telecom TV Report by Guy Daniels

US telco Verizon has completed the industry’s largest known Network Function Virtualization (NFV) OpenStack cloud deployment across five of its US data centers.

It began the project in 2015, and further deployments are currently in progress in additional domestic data center and aggregation sites, with international locations to be deployed over the next several months.

The design also will be adopted in edge network sites by the end of the year.

Verizon worked with Big Switch Networks, Dell, and Red Hat to develop the OpenStack pod-based design, and to validate the resiliency of the NFV design at scale, the partners constructed and tested large scale test beds mirroring the production design, leveraging the open source community.

“Building on our history of innovation, this NFV project is another step in building Verizon’s next-generation network, with implications for the industry,” said Adam Koeppe, VP of Network Technology Planning at Verizon.

“New and emerging applications are highlighting the need for collaborative research and development in technologies like NFV. This achievement is foundational for building the Verizon cloud that serves our customers’ needs anywhere, anytime, any app… Read More

Big Data Analytics a Useful Security Tool

Excerpted from Computer Weekly Report by Warwick Ashford

Big Data analytics is a useful tool for enabling organizations to become more resilient in the face of increasing cyber-attacks, according to a software market analyst and IT consultant.

“A recent survey found that 53% of organizations that are using Big Data security analytics report a ‘high’ business benefit,” said Carsten Bange, Founder and Managing Director of the Business Application Research Center (BARC).

“The survey also found that 41% reported a ‘moderate’ benefit and only 6% said benefit was ‘low’, so there is fairly strong evidence of the business benefits of big data security analytics,” he told Computer Weekly.

While adoption across the board is still relatively low, more than two-thirds of the more advanced companies surveyed are adopting advanced big data security analytics technologies, such as user behavior analytics, the BARC survey revealed.

The more advanced companies, which classified themselves as having “much better” skills and competency in security analytics than their companies, represented 13% of the total sample, with 68% saying they have deployed user behavior analytics.

Of the 87% that did not consider themselves more advanced, only 27% have deployed user behavior analytics… Read More

Pentagon Wants Help Encrypting Messages

Excerpted from Washington Examiner Report by Rudy Takala

The Pentagon’s research arm is looking to build its own encrypted messaging application to rival those currently offered by the private sector, and if successful, it may commercialize the technology for consumers.

In a request for proposals (RFP), the department’s Defense Advanced Research Projects Agency (DARPA) asked for submissions from contractors aimed at creating “a secure messaging and transaction platform” capable of allowing “anyone anywhere the ability to send a secure message or conduct other transactions across multiple channels.”

“The DoD requires a secure messaging system that can provide repudiation or deniability, perfect forward and backward secrecy, time to live/self-delete for messages, one-time eyes-only messages, a decentralized infrastructure to be resilient to cyber-attacks and ease of use for individuals in less than ideal situations,” DARPA explained.

The platform effectively amounts to a form of end-to-end encryption with more customizable settings than anything currently on the market.

Facebook’s WhatsApp and Apple’s iMessage are generally viewed as the most cutting-edge options for end-to-end encryption currently available. Additionally, the RFP states, DARPA is looking for blockchain implementation… Read More

Forget Cloud – The Fog Is the Next Big Thing

Excerpted from Report by Steve Tobak

The cloud is at the center of nearly every tech giant’s strategy, from Microsoft and Intel to Amazon and Google.

And why shouldn’t it be?

Everything’s moving to the cloud, where enormous data centers store millions of terabytes of information and run countless apps.

More important, that’s where billions of smart Internet of Things (IoT) nodes that everyone keeps talking about will connect, so enterprise users can make brilliant decisions based on real-time Big Data analytics.

Or not.

Turns out, the cloud is not all it’s been hyped to be.

Enterprise CIOs are coming to realize that many of the services and apps and much of the data their users rely on for critical decision-making are better suited closer to the edge — on-premise or in smaller enterprise data centers.

Considering the exploding demand for mobility, business intelligence and real-time analytics, not to mention the enormous amount of data… Read More

How Close to the Edge Should You Get?

Excerpted from ReadWrite Report by Adam Wray

Excitement over the possibilities of Internet of Things (IoT) has been building to a crescendo.

Chip and device manufacturers have anticipated and waited for the day when IoT would finally mean something.

We are at the boiling point, that sought-after confluence of technology innovations and demand for novel ways to produce business value — the moment in time when organizations can finally do something with IoT data.

Now that this moment has arrived, business leaders are being asked to make multimillion-dollar bets about where they think the market is going.

Regardless of what vertical they’re in, the answer will have to incorporate unlocking edge delivery for IoT… or your data will never deliver its potential.

So the question is, how close to the edge should you get?

Though IoT and cloud computing are inextricably linked, the two ideas are not synonymous with one another.

The cloud is effectively an extension of a company’s data center. It drives greater efficiencies across the business environment… Read More

Cyber-Criminals Succeed Despite Detection Advances

Excerpted from Channel Partners Report by Edward Gately

Cyber-criminals are using their same old bag of tricks when it comes to launching attacks, and they continue to succeed despite advances in cyber-detection.

That’s according to the Verizon 2016 Data Breach Investigations Report, which analyzes more than 2,260 confirmed data breaches and more than 100,000 reported security incidents, the highest since the report’s inception in 2008. Verizon is among 67 global organizations that contributed data and analysis to this year’s report.

Jonathan Nguyen-Duy, Verizon Enterprise Solutions’ Chief Technology Officer – Global Security Solutions, tells Channel Partners the bad actors are succeeding with the “same old tools, tactics and procedures, and the same type of attack methodologies, and they’re not changing.”

“That suggests that IT and security teams are still overwhelmed, and here’s why,” he said. “Your typical team today has a much larger security mandate.

They have more devices that they have to manage as we become more IP-enabled, the IoT, the industrial Internet, when everything that we have from consumers to corporate, from IP systems to OP systems, all become connected… Read More

Rival Encryption Efforts Clash on Capitol Hill

The fight over competing encryption legislation is intensifying on Capitol Hill.

A working group led by the leaders of the House Judiciary and Energy and Commerce committees has announced a road map for their effort, which is geared towards providing legislative recommendations to Congress.

The group says it will work “diligently” over the next several months and intends to complete its work by the end of this Congress, on January 3rd.

But a bill to establish a rival commission to study the topic is gaining additional support.

The legislation from House Homeland Security Committee Chairman Michael McCaul (R-TX) and Senator Mark Warner (D-VA) gained four additional sponsors this week: Senators Jeff Flake (R-AZ), Martin Heinrich (D-NM), Rob Portman (R-OH), and Mike Rounds (R-SD).

The bill is seen as a compromise measure and has arguably drawn the most support of the various offerings — although its fate has been complicated by the creation of the working group.

The McCaul-Warner commission would consist of 16 members, including tech industry executives, privacy advocates, cryptologists… Read More

Zettaset Patents Format-Preserving Encryption

Excerpted from Market Wired Report

Zettaset, the leader in Big Data security, is pleased to announce that the United States Patent and Trademark Office (USPTO) has granted the company a new patent of strategic importance to data privacy and protection for large scale on-premises and cloud database environments.

This is the fifth patent the company has received.

The patent (No. 9,313,023) addresses format-preserving encryption (FPE) including an encryption and decryption scheme that allows the selection of portions of data from a potentially larger dataset to be encrypted.

The cipher advantageously embodies the encryption and decryption of multi-byte values or strings of data, thus fitting a variety of business applications.

Format-preserving encryption ensures that the output (ciphertext) is in the same format as the input (plaintext).

While FPE itself is not new, until now this encryption method has not been optimized to meet the performance challenges of today’s high volume, petabyte-scale Big Data environments. The Zettaset patent addresses these limitations.

The technology in the Zettaset patent for format-preserving encryption has several advantages over existing FPE implementations… Read More

Will Data Encryption Be Impacted by NIST Guide?

Excerpted from Health IT Security Report by Jacqueline Belliveau

Healthcare providers and other covered entities under HIPAA regulations may have a new resource on healthcare data encryption standards from the National Institute of Standards and Technology (NIST).

The document is integral to NIST’s goal of developing a standardized method of encrypting digitized information, including healthcare data encryption strategies.

NIST released the final draft of “NIST Cryptographic Standards and Guidelines Develop Process” (NISTIR 7977), which describes the channels for establishing cryptographic standards and guidelines.

Through the final draft, NIST addresses the importance of encrypting sensitive data by transforming it into an incomprehensible format until a recipient with a key can unlock the information.

“Our goal is to develop strong and effective cryptographic standards and guidelines that are broadly accepted and trusted by our stakeholders,” NIST’s Chief Cybersecurity Advisor and

Associate Director for the Information Technology Laboratory Donna Dodson said.

“While our primary stakeholder is the federal government, our work has global reach across the public and private sectors… Read More

US Cyber-Attacks Target ISIS

Excerpted from NY Times Report by David Sanger

The United States has opened a new line of combat against the Islamic State, directing the military’s six-year-old Cyber Command for the first time to mount computer-network attacks that are now being used alongside more traditional weapons.

The effort reflects President Obama‘s desire to bring many of the secret American cyber-weapons that have been aimed elsewhere, notably at Iran, into the fight against the Islamic State — which has proved effective in using modern communications and encryption to recruit and carry out operations.

The National Security Agency (NSA), which specializes in electronic surveillance, has for years listened intensely to the militants of the Islamic State, and those reports are often part of the President’s daily intelligence briefing.

But the NSA’s military counterpart, Cyber Command, was focused largely on Russia, China, Iran and North Korea — where cyber-attacks on the United States most frequently originate — and had run virtually no operations against what has become the most dangerous terrorist organization in the world.

A review of what should be done to confront the Islamic State is on Mr. Obama’s agenda for Monday… Read More

Coming Events of Interest

DataCloud Europe 2016 — June 8th-9th in Monte Carlo, Monaco. The 2016 conference will focus on cloud computing advances and changes in data management, with a stellar line-up of speakers including global infrastructure leaders and subject matter experts.

Cloud and DevOps World Forum 2016 — June 21st-22nd in London, England. Now in its eighth year, C&DWF is firmly established as the leading content-led exhibition for the European Cloud and DevOps community and the premiere meeting place for CIOs.

2016 Creative Storage Conference — June 23rd in Culver Cirty, CA. The tenth annual CS will bring together digital storage providers, equipment manufacturers, software distributors, and professional media and entertainment end-users to explore the conference theme “The Art of Storage.”

Security of Things World — June 27th-28th in Berlin, Germany. Topics include securing cyber physical systems for IoT, expanding IT security with intelligence-led ops, business continuity management considerations, data privacy in an interconnected world, and security strategies.

Mobile World Congress Shanghai — June 29th – July 1st in Shanghai, China. MWC Shanghai is a very unique gathering that brings together industry participants ranging from C-Level mobile executives to end-user consumers passionate about mobile.

Industry of Things World Europe — September 19th-20th in Berlin, Germany. IoT business models, new IoT markets and strategies, product lifecycle management, next generation data handling and value assessment, IoT organizational impacts, and IoT security issues.

Government Video Expo — December 6th-8th in Washington, DC. GVE is the East Coast’s largest technology event for broadcast and video professionals, featuring a full exhibit floor, numerous training options, free seminars, keynotes, panel discussions, networking opportunities, and more.

Posted in Newsletters