IT: A Broader Topic of Conversation

We have seen numerous blogs and articles written defining IT terms (and in some cases coinciding AV terms) as well as some discussion concerning them. Some have been direct approaches and some a little more than that. But all in all many are trying to focus on helping the industry to understand more about what exists out there in terms of definitions to take greater advantage of leveraging IT to go with AV methodology.

I would like to continue discussion about IT as it can apply in a broader sense and how cloud, BYOD and policy and IT & cyber security even move into this discussion of IT (some of which does exist in in AV).

These are definitions, according to numerous resources, along with some discussion points.

Cloud Computing: computing in which large groups of remote servers are networked to allow the centralized data storage, and online access to computer services or resources (as defined in Wikipedia).

Clouds can be classified as public, private, community or hybrid.  Dropbox and Box would be examples of public cloud storage where a third party company hosts storage for an individual or organization in a remote server location. Hybrid cloud refers to a multiple deployment model that is composed of some combination of private, public and community cloud services, from different service providers. Further information on hybrid cloud can be found here.

(Image from VMware vCloud Blog: Run, Manage and Secure Your IT Infrastructure and Applications)

In the industry we know of many vendors that leverage and provide cloud technology solutions from video conferencing to system control.

Here is an excellent article “AV-as-a-Service in the Cloud? Why, Yes!” written by InfoComm All-Voices’ Nermina Miller.

BYOD: In the consumerization of IT, BYOD, or bring your own device, is a phrase that has become widely adopted to refer to employees who bring their own computing devices – such as smartphones, laptops and PDAs – to the workplace for use and connectivity on the secure corporate network (as defined in Webopedia). 

BYOD Policy: A set of rules governing a corporate (or government, healthcare, education and more) IT department’s level of support for employee-owned PCs, smartphones and tablets (as defined in Tech Target).

Here is an example of a corporate BYOD policy.

In the industry there is always discussion of BYOD in many applications from video conferencing to presenting to system control. BYOD does represent a strategy to do all of these things, however if we take a wider view of the concept from an IT perspective, in reality it’s an overall mobility and mobile device factor, which may not necessarily involve BYOD. The fact that we can do these (and more) with a laptop, tablet and smartphone presents a greater option for an enterprise company, government agency, healthcare organization, educational institution and more. However BYOD refers to the strategy of employees utilizing their own devices to access the organization’s wireless network to perform these activities and more. An employer-owned device given to an employee end user can fit the form and function of these capabilities as well, however this is not considered BYOD. Organizations are starting to look at Choose Your Own Device (CYOD) as a strategy as well concerning distribution of company owned devices.

This is just to point out the IT definition of Bring Your Own Device, however as the term has become an industry staple there really isn’t a great need to change this perspective, just to categorize it as an IT-based term.

Mobile Device Management: Mobile device management (MDM) is the administrative area dealing with deploying, securing, monitoring, integrating and managing mobile devices, such as smartphones, tablets and laptops, in the workplace. The intent of MDM is to optimize the functionality and security of mobile devices within the enterprise, while simultaneously protecting the corporate network (as defined in Tech Target).

IT research firm Gartner publishes a Magic Quadrant report of companies (in numerous categories) that defines their place in a categorized illustration (i.e. Leader) and includes explanations concerning positioning as well. This is the 2014 Gartner Magic Quadrant for mobile device management software companies (also referred to as enterprise mobility management):

Figure 1.Magic Quadrant for Enterprise Mobility Management Suites

Mobile Security: Mobile security involves protecting both personal and business information stored on and transmitted from smartphones, tablets, laptops and other mobile devices. The term mobile security is a broad one that covers everything from protecting mobile devices from malware threats to reducing risks and securing mobile devices and their data in the case of theft, unauthorized access or accidental loss of the mobile device (as defined in Webopedia).

One company that provides mobile security solutions is AirPatrol. Watch for upcoming articles involving AirPatrol’s technology solutions.

Note: MDM can also secure devices and data with remote lock and wipe

IT Security: (also known as Computer Security):  Information security as applied to computing devices such as computers and smartphones, as well as computer networks such as private and public networks, including the whole Internet (as defined in Wikipedia).

Cybersecurity: (also defined as IT security in certain resources): Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access (as defined in Tech Target).

Some (of the many) cybersecurity terms are:

Breach: an incident where sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so.

Hacker: a person who uses computers to gain unauthorized access to an individual’s computer or an organization’s network and the data that resides there. They can work alone or as part of a larger and well-organized group.

Intrusion detection:a type of security management system for computers and networks. An ID system gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization).

Distributed Denial of Service: (DoS): an attack in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The assailant instructs the controlled machines to launch an attack against this specified target server(s). The systems that have been infected by the malicious code look for other vulnerable computers and install the same malicious code on them. In one common method of attack, the assailant sends massive amounts of  external communications requests, saturating the network and creating a server overload so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. As explained in a forum agenda that I read (“Packet Flooding DDoS Attacks”), think about trying to put 10 pounds of sand into a 5 pound bag).

A Cisco blog explains the process of recruiting vulnerable machines to carry out the attack.

Zero Day attack: (also known as zero hour): an attack that exploits a previously unknown vulnerability in a computer application or operating system, one that developers have not had time to address and patch.

Note: I have written several articles on cybersecurity which have been published in rAVe.

I’m sure others will continue defining and discussing IT terms as they may apply to the industry. The more information that is disseminated, the stronger the industry’s gathered IT knowledge base can become.