Connected Devices Need More Secure Memory [Byline]

October 23, 2018 / Gary Hilson

TORONTO — Emerging use cases are revealing the many ways memory technologies can be an avenue for threat actors to create havoc, whether for stealing data or sending malicious instructions.

Security features in memory aren’t new, of course. The “s” in SD card initially stood for “secure,” but the SD Association hasn’t really emphasized it for a decade, while electrically erasable programmable read-only memory (EEPROM) has long been used for applications that need embedded security such as credit cards, SIM cards and key-less entry systems, among others.

But as different kinds of memory are put into a wider variety of systems — such as automotive, manufacturing and the Internet of Things (IoT) — the need for security has greatly increased. The question is not only where that security will be integrated, but how it will be managed, especially in embedded memories that are expected to remain in a device for years, possibly decades.

Read the full story on EE Times.

Gary Hilson is a freelance writer with a focus on B2B technology, including information technology, cybersecurity, and semiconductors.

Flash File Fragmentation Needs A Fix for Automotive [Byline]

September 27, 2018 / Gary Hilson

Gone are the days of having to manually defrag your hard drive because it’s done automatically, and flash doesn’t experience file fragmentation. Or does it?

It may be that your smartphone is running slow because it can’t keep up with software updates and bloating, but that its flash storage is experiencing file fragmentation. Joel Catala, director of Embedded Solutions at Tuxera, said that contrary to popular belief, fragmentation can significantly affect performance of a flash device. Recent research suggests that as flash storage hardware gets faster, the software I/O stack overhead is an I/O performance bottleneck, he said in a telephone interview with EE Times. It’s not the flash or the controller responsible for the bottleneck.

Read the full EE Time story.

Gary Hilson is a freelance writer with a focus on B2B technology, including information technology, cybersecurity, and semiconductors.

Face the cybercrime prevention challenges of 2018 head-on [Byline]

September 21, 2018 / Gary Hilson

Consider the first half of 2018 a learning experience in cybercrime prevention. All that’s needed is a tiny vulnerability for hackers to worm their way in. But if there’s one key lesson to take home, it’s that having a handle on your endpoints, such as your printers through managed print services, can improve your security posture.

Last year was the worst year to date for cyberattacks, but the chief security officer of BlackBerry predicts 2018 will be worse. And when the CSO of a tech company best known for secure communications raises the alarm, you should listen.

IT security is taking a beating

Cybercrime is big business, and 2017 was a good year for those making a living as threat actors.

The Online Trust Alliance, an arm of the non-profit Internet Society, release its 2017 Cyber Incident and Breach Trend Report in January, which found that breaches in storage of personal data and cybercrime incidents hit a record high globally. Among the high-profile victims were Equifax Inc., with a massive breach affecting the personal data of 100,000 Canadians, as well as 145 million Americans; Uber waited until 2017 that 57 million of its driver and rider records were held ransom by hackers in 2016; and, Yahoo! revealed that its 2013 breach was far worse than originally reported, ultimately affecting three billion accounts.

In 2018, the hits just keep on coming, with several high-profile brands disclosing their cybersecurity woes in the first quarter. The big one of course, was the revelation that big data analytics firm Cambridge Analytica, improperly tapped into Facebook to harvest more than 50 million user records as part of its efforts to support the Trump presidential campaign organization. Expedia-owned travel site Orbitz announced a data breach that put 880,000 credit cards at risk. Among the other notable victims were regional health organizations in the United States while Equifax breach continued to wide.

Your cybersecurity strategy must be ready for war

The first half of the year certainly supports BlackBerry CSO Alex Manea’s belief that 2018 will be the worst year to date for cyberattacks. The primary reason, he writes in a blog post earlier this year, is the fundamental issues that spurred the majority of recent breaches haven’t been addressed. Increasingly complex networks, new types of endpoints, and more and more sensitive data needing protection are putting even more pressure on IT teams. Legacy systems are still entrenched in many organizations with well-known software vulnerabilities acting as an open-door policy for hackers.

Manea’s not alone in thinking 2018 will be the year of the cyberwar, but ultimately, you can only fight your own battles on your front. And the best defence is often a good offence with the right tools and best practices:

Training: Manea warns that hackers will target employees as they become a growing cybersecurity vulnerability. This means you need to prepare everyone for the social engineering hackers use to gain access by impersonating legitimate companies. The culture of your organization should mean every employee is identifying and reporting anything that looks hinky.
Outsourcing: Given the complexity of contemporary IT security, outsourcing it to a dedicated IT managed security services means you’re not completely on the hook for knowing about every single threat or vulnerability that rears their ugly head. Managed print services alone will help shore up many endpoints that threat actors seek out.
Threat assessments: One of the arrows in a managed security services firm’s quiver is threat assessment. They can help you conduct assessments of your print environment, your Bring-Your-Own-Device (BYOD) policies, your various cloud services, and even your Internet of Things (IoT) deployments.
Backup your data: If your critical business information is replicated regularly and securely, you won’t care if a hacker tries to hold data hostage.
Automate where possible: Even with the sources of am IT security partner, cybercrime prevention can’t succeed if everything needs to be done manually. New tools and services are taking advantage of artificial intelligence and machine learning, so your infrastructure has its own intelligent immune system to fight off threats. Having a modern operating system takes care of a lot of endpoint security issues automatically.

There are plenty of other ways a CSO can reduce risk, but most of all, you must have a mindset that cybercrime prevention is just the cost of doing business. With private sector companies taking the initiative on cybersecurity with the own “Digital Geneva Accord,” the onus is on everyone in the organization—end users and IT staff– to make good cybersecurity prevention is part of the culture.

Gary Hilson is a freelance writer with a focus on B2B technology, including information technology, cybersecurity, and semiconductors. A revised version of this article was published on Tektonika Canada.

DRAM Boom and Bust is Business as Usual [Byline]

September 20, 2018 / Gary Hilson

Boom or bust. It’s long been the cycle for established memory technologies. As 3D NAND pricing softens, DRAM still appears to be going strong. But for how long? And will these ups and downs always be the norm despite diversified demand and emerging vendors from China?

One key characteristic of the DRAM market is that there are currently only three major suppliers — Micron Technology, SK Hynix and Samsung Electronics.

“They’re keeping a pretty tight rein on their capacity,” said Brian Matas, vice president of market research at IC Insights, said in a telephone interview with EE Times. “And at the same time, there’s also pretty strong demand for higher performance and higher-density parts, particularly from the data center and server applications.”

Read my EE Times story.

Gary Hilson is a freelance writer with a focus on B2B technology, including information technology, cybersecurity, and semiconductors.

Adesto Touts ReRAM for Automotive [Byline]

September 12, 2018 / Gary Hilson

With the automotive market presenting potential opportunities of ever-emerging memories such as ferroelectric RAM (FRAM), magnetoresistive RAM (MRAM), and resistive RAM (ReRAM), Adesto Technologies is working hard to make sure that the latter makes the grade.

It recently unveiled new research demonstrating the potential of ReRAM for high-reliability applications such as automotive. The research was led by Adesto Fellow Dr. John Jameson, who shared the results at the ESSCIRC-ESSDERC 48th European Solid-State Device Research Conference earlier this month, and indicates that ReRAM could become a widely used, low-cost, and simple embedded non-volatile memory (eNVM) because it uses simple cell structures and materials that can be integrated into existing manufacturing flows with as little as one additional mask.

Read my latest for EE Times.

Gary Hilson is a freelance writer with a focus on B2B technology, including information technology, cybersecurity, and semiconductors.

New Uses Vie for GDDR6 Supply [Byline]

July 31, 2018 / Gary Hilson

TORONTO — The “G” still stands for “graphics,” but new use cases driving the need for GDDR memory technology have nothing to do with pixels.

In fact, applications such as artificial intelligence (AI) and machine learning, which need ultra-fast memories, have shorted gamers of their GDDR supply, so it’s probably a good idea that makers of the technology are ramping up delivery. Micron Technology recently began volume production of its 8-Gb GDDR6 memory, which, of course, is aimed at the graphics market but also automotive and networking segments.

Some of the emerging uses cases for GDDR memory are still graphics-driven. In the growing automotive memory market, it’s to support increasingly visual dashboards and advanced driver assistance systems (ADAS) that must be responsive to a driver’s actions immediately, while autonomous vehicles need high-performance memory to process the vast amounts of real-time data. Other emerging applications include augmented reality (AR) and virtual reality (VR). Finally, video is always hungry for memory as 4K gets more widely adopted and 8K nips at its heels.

Read my full story on EE Times.

Gary Hilson is a freelance writer with a focus on B2B technology, including information technology, cybersecurity, and semiconductors.

Intel’s 3D XPoint Plans Clearer Than Micron’s [Byline]

July 19, 2018 / Gary Hilson

TORONTO — What the future holds for 3D XPoint — now that Intel and Micron have announced plans to end their joint development program — depends on who you talk to.

Or who you don’t talk to. Micron, for its part, isn’t offering any more guidance right now beyond what was stated in a joint news release issued earlier this week. “The companies have agreed to complete joint development for the second generation of 3D XPoint technology, which is expected to occur in the first half of 2019,” the statement reads. “Technology development beyond the second generation of 3D XPoint technology will be pursued independently by the two companies in order to optimize the technology for their respective product and business needs.”

Intel is still bullish on the technology. In a telephone interview with EE Times, Bill Leszinske, vice president of Intel’s non-volatile memory solutions group, said it makes sense for Intel to continue on its present path.

Read my full EE Times story

Gary Hilson is a freelance writer with a focus on B2B technology, including information technology, cybersecurity, and semiconductors.

NOR Flash is Road Tested [Byline]

July 3, 2018 / Gary Hilson

TORONTO — As cars get smarter and demand more memory, many technologies are angling for the driver’s seat, but it’s safe to say NOR flash at least gets to ride shotgun.

As a successor to EEPROM in many applications thanks to its programmability capabilities, NOR flash is finding new opportunities in application areas that need fast, non-volatile memory, including communications, industrial and automotive. The latter, of course, is getting a lot of attention thanks to autonomous vehicle development.

Macronix International, which describes itself as the leading supplier of NOR flash overall, find itself in the third position for automotive. But Anthony Le, senior director of marketing, ecosystem partnership and North America automotive, said the company is confident it will lead that segment in the next two to three years.

Read the full story on EE Times.

Gary Hilson is a freelance writer with a focus on B2B technology, including information technology, cybersecurity, and semiconductors.

Ready to get on board with the Cybersecurity Tech Accord? [Byline]

June 27, 2018 / Gary Hilson

So, you’ve got your organization all set to meet the requirements of the General Data Protection Regulation (GDPR). You tell yourself you can relax. But have you heard about the Cybersecurity Tech Accord?

Generally, cybersecurity government regulation is exactly that—rules laid out by ruling authorities that generally end up adding to your to do list. But the Cybersecurity Tech Accord is driven by 34 of the world’s largest international companies—this time the private sector is taking on cyberwarfare by making a commitment to create stronger defenses against cyber attacks and to make sure they’re not unwittingly helping governments attack other countries.

The Cybersecurity Tech Accord is more than just a positioning statement. It’s going beyond cybersecurity government regulation in that the participating companies are pledging to empower their employees and clients to better protect themselves, while improving technical collaboration to make cyberspace safer. In most cases, cybersecurity government regulation lays out compliance obligations, but it’s generally up to companies and their IT staff to figure out how best to follow those rules.

Going beyond cybersecurity government regulation

While this so-called “Digital Geneva Accord” has private sector companies taking the initiative, it requires those in the trenches of IT to go the extra mile—the Cybersecurity Tech Accord puts the onus on everyone in the organization to make good cybersecurity part their culture. And while it’s not obligatory, your employer could soon decide it should follow this accord as a good corporate citizen.

The good news is that accord starts at the design level. It vows that the signers “will protect against tampering with and exploitation of technology products and services during their development, design, distribution and use.” This means you can expect more security by design in the software and hardware you deploy, although already intelligent devices such as modern multi-function printers come equipped with their own embedded security smarts to better defend your network at large.

But should your organization sign on to this new digital accord, you many find yourself getting out of your comfort zone for the greater good and better cybersecurity.

The Cybersecurity Tech Accord makes four commitments

So just what are you committed to if your employer decides to sign on to this Cybersecurity Tech Accord?

The early supporters of this initiative, including Cisco, Facebook, HP, HPE, Microsoft and Trend Micro, have outlined four key areas for adopters to focus on. The first is on building a stronger defense against online attacks and recognizes everyone deserves protection around the world, regardless of what motivated the cyberattack. Second, these companies will make sure they’re not part of the problem by making sure their products aren’t tampered with or exploited to help governments launch cyberattacks against innocent citizens and enterprises.

The third commitment is where creating a culture of good cybersecurity comes into play, as accord supports are will more do more capacity building by empowering developers as well as users of their technology to be to better protect themselves. It may include collaborative work on new cybersecurity practices as well as new features that customers can integrate into their own products and services. Finally, the Cybersecurity Tech Accord calls for collective action by building existing relationships and creating new partnerships within industry and society at large to improve technical collaboration and minimize the potential for new online threats.

The new normal is always changing

The Cybersecurity Tech Accord reflects new normal of data privacy and security is multifaceted. Legislation such as GDPR and Canada’s own Personal Information Protection and Electronic Documents Act (PIPEDA) are fostering the concept of privacy by design, while technology vendors have realized that exponential rise in cybersecurity threats require an automated response powered by artificial intelligence and machine.

But this new accord also reflects that reality cybersecurity must be not only be embedded in your IT infrastructure. It must also be weaved throughout the culture of the organization and also be a collaborative endeavor with other organizations. Having a modern operating system with a strong security foundation is a starting point. If your IT team develops apps either for internal employees or external customers, a DevOps culture could strengthen your security and is in spirt with the Cybersecurity Tech Accord.

What this new industry-led initiative is a heralding, however, is the embedding of data privacy and security into the culture of the organization, which means you may find yourself acting as cybersecurity evangelist and teacher for your fellow employees and your customers.

Gary Hilson is a freelance writer with a focus on B2B technology, including information technology, cybersecurity, and semiconductors. A revised version of this article was published on Tektonika Canada.

The future of sustainable business requires greener IT [Byline]

June 7, 2018 / Gary Hilson

Building a sustainable business is more top of mind for organizations of all stripes, and the future of sustainability depends much on green IT procurement.

But when you’re already scrambling to keep up with cybersecurity threats, compliance pressures and doing more within an already tight budget, being a sustainable business can easily sink to the bottom of the to do list. Old computer monitors accumulate in storage areas, outdated PCs sit gather dust in unused cubicles, and empty printer cartridges pile up, all threatening to end up in a land fill for the sake of expediency.

Old technology is stockpiling more quickly than ever faster, as sleeker devices are needed to run the applications and connected, digital workspaces. Employees expect the latest mobile devices, so they can be productive wherever and whenever. Your IT procurement now must take the entire lifecycle of hardware into account, and there’s increasing pressure to be sure the supply chain you’re purchasing from is also green and ethical. The future of sustainability means everyone must do their part.

Building a sustainable business is more than just recycling computers

Dr. Vanessa Thomas has been looking at the environmental effects of all this digital technology. In a presentation at the FWD50 conference last year, she said she no longer separates social activism from her computer science work, fully aware the impact of digital technology is more wide-reaching than you think – it’s not just about recycling old PCs. In addition to the obvious hardware such as computers, smartphones and printers, there’s also cabling, including deep see internet cabling. But digital software tools also have an impact on the future of sustainability, including email services, online banking and enterprise collaboration tools.

Thomas says hardware and software both affect the environment because they rely on each other – the software dictates the characteristics of the hardware and hardware dictates how the software is used. And it’s not just the disposal of digital devices that impact the environment – every digital device is made up of a unique mix of natural resources. Extracting and processing precious metals exact a cost and take a toll on the environment. Mines can have accidents and surrounding water can be contaminated, while manufacturing facilities are use rely on large amounts of freshwater.

The future of sustainability also depends on digital services

It’s not just that the old hardware must be safely disposed of but also being aware of the planned obsolescence of electronics through software programming and that building up IT infrastructure changes the environment and disrupts wildlife. The online services we consume require more electricity for not only the devices we use, but the data centres that must be always running – the amount of energy they require is doubling every four years, said Thomas. Not only do they draw lots of power, but a lot of water is required to cool them.

All this IT and digital services have a bigger footprint than the airline industry, she said, and it’s not something energy efficiency alone can solve. Digital technology means there’s a higher demand for resources and electricity despite shrinking devices, especially with the focus on the knowledge economy. E-waste has been the fastest growing waste stream for the last decade, she said, and the effects are happening too fast for academics to study. Most consumers don’t know what to do with their old devices, which accumulate quickly given the lifespan is about two years. They often end up in a drawer, although recycling facilities are ubiquitous today. Working PCs and smartphones are also donated for shipping overseas, but the result is that devices from developed countries end up in dumping grounds on the other side of the world.

Governments provide a guide for green IT

Governments are grappling with the challenge of e-waste and the impact of digital technology through public policy as well as their own best practices. They also have immense purchasing power that can influence change, said Thomas.

Globally, there are several efforts underway in the form of both green procurement and waste management policies. For example, the Malaysian Green Technology Corporation, an organisation under the purview of the country’s Ministry of Energy, Green Technology and Water, is charged with catalysing green technology deployment as a strategic engine for socio-economic growth in line with the National Green Technology Policy 2009. Meanwhile, the UK outlined five years ago how government information and communications technology will contribute to green commitments and deliver financial savings as well as efficient, green practices.

The drawback of these policies and regulatory systems are that they aren’t integrated, said Thomas, so there are loop holes. And while there are no easy answers, she believes there’s space to find solutions and refine the current questions. She said organizations need to examine how they management electronics procurement and waste, expand green procurement to digital services, and assess digital projects for their long-term energy demand.

Build a sustainable business a bit at a time

Given the picture Thomas has painted, committing to creating a sustainable business may seem too daunting.

But there are ways you can contribute to the future of sustainability as part of your everyday job, and it’s less overwhelming if you break it down into different projects. There’s also technology vendors with programs in place to support green procurement and e-waste management. There are even companies that have been specifically founded to tackle the challenge reduce digital technology turnover. For example, the goal of Fairphone is to foster positive social and environmental impact from the beginning to the end of a phone’s life cycle, and recently launched https://www.fairphone.com/en/2018/01/08/from-ownership-to-service-new-fairphone-pilot-for-companies/ a pilot program for companies.

And although building a sustainable business is more than just recycling your PCs, it’s a good starting point. Recycling your ink cartridges on your fleet of printers is a good start too. Overall, think about sustainability by taking these four steps:

Develop a framework: Having a broad set of principles ensures your procurement guidelines are fair, socially and environmentally sound, and economically viable. Companies such as HP offer tools and guides to help with the process, including carbon footprint calculators, a materials strategy, and an action plan for environmental sustainability in office printing.
Evaluate products: HP breaks down products into four categories: PCs and monitoring, servers and storage, printing and imaging, and print cartridges.
Evaluate vendors: This step includes a life cycle analysis, the supply chain and end-of-use services.
Create checklist: This might include looking for products that Energy Star qualified, other certification programs, and screening out harmful elements, such asbestos or ozone-depleting substances.

In the longer run, building a sustainable business is very much about participating in the circular economy – recycling is not enough.

Being a sustainable business isn’t just about being better for the environment. It’s about better corporate social responsibility too, and it’s better for the bottom line.