{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"company":{"role-vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"role-supplier":{"ru":"Поставщик","_type":"localeString","en":"Supplier"},"products-popover":{"ru":"Продукты","_type":"localeString","en":"Products","de":"die produkte"},"introduction-popover":{"_type":"localeString","en":"introduction","ru":"внедрения"},"partners-popover":{"_type":"localeString","en":"partners","ru":"партнеры"},"update-profile-button":{"ru":"Обновить профиль","_type":"localeString","en":"Update profile"},"read-more-button":{"_type":"localeString","en":"Show more","ru":"Показать ещё"},"hide-button":{"_type":"localeString","en":"Hide","ru":"Скрыть"},"user-implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"categories":{"en":"Categories","ru":"Компетенции","_type":"localeString"},"description":{"_type":"localeString","en":"Description","ru":"Описание"},"role-user":{"ru":"Пользователь","_type":"localeString","en":"User"},"partnership-vendors":{"_type":"localeString","en":"Partnership with vendors","ru":"Партнерство с производителями"},"partnership-suppliers":{"en":"Partnership with suppliers","ru":"Партнерство с поставщиками","_type":"localeString"},"reference-bonus":{"en":"Bonus 4 reference","ru":"Бонус за референс","_type":"localeString"},"partner-status":{"ru":"Статус партнёра","_type":"localeString","en":"Partner status"},"country":{"en":"Country","ru":"Страна","_type":"localeString"},"partner-types":{"en":"Partner types","ru":"Типы партнеров","_type":"localeString"},"branch-popover":{"en":"branch","ru":"область деятельности","_type":"localeString"},"employees-popover":{"_type":"localeString","en":"number of employees","ru":"количество сотрудников"},"partnership-programme":{"_type":"localeString","en":"Partnership program","ru":"Партнерская программа"},"partner-discounts":{"_type":"localeString","en":"Partner discounts","ru":"Партнерские скидки"},"registered-discounts":{"_type":"localeString","en":"Additional benefits for registering a deal","ru":"Дополнительные преимущества за регистрацию сделки"},"additional-advantages":{"ru":"Дополнительные преимущества","_type":"localeString","en":"Additional Benefits"},"additional-requirements":{"_type":"localeString","en":"Partner level requirements","ru":"Требования к уровню партнера"},"certifications":{"en":"Certification of technical specialists","ru":"Сертификация технических специалистов","_type":"localeString"},"sales-plan":{"_type":"localeString","en":"Annual Sales Plan","ru":"Годовой план продаж"},"partners-vendors":{"ru":"Партнеры-производители","_type":"localeString","en":"Partners-vendors"},"partners-suppliers":{"ru":"Партнеры-поставщики","_type":"localeString","en":"Partners-suppliers"},"all-countries":{"ru":"Все страны","_type":"localeString","en":"All countries"},"supplied-products":{"_type":"localeString","en":"Supplied products","ru":"Поставляемые продукты"},"vendored-products":{"ru":"Производимые продукты","_type":"localeString","en":"Produced products"},"vendor-implementations":{"ru":"Производимые внедрения","_type":"localeString","en":"Produced deployments"},"supplier-implementations":{"ru":"Поставляемые внедрения","_type":"localeString","en":"Supplied deployments"},"show-all":{"en":"Show all","ru":"Показать все","_type":"localeString"},"not-yet-converted":{"_type":"localeString","en":"Data is moderated and will be published soon. Please, try again later.","ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время."},"schedule-event":{"en":"Events schedule","ru":"Pасписание событий","_type":"localeString"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"register":{"_type":"localeString","en":"Register","ru":"Регистрация "},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"auth-message":{"en":"To view company events please log in or register on the sit.","ru":"Для просмотра ивентов компании авторизируйтесь или зарегистрируйтесь на сайт.","_type":"localeString"},"company-presentation":{"_type":"localeString","en":"Company presentation","ru":"Презентация компании"}},"header":{"help":{"_type":"localeString","en":"Help","de":"Hilfe","ru":"Помощь"},"how":{"de":"Wie funktioniert es","ru":"Как это работает","_type":"localeString","en":"How does it works"},"login":{"_type":"localeString","en":"Log in","de":"Einloggen","ru":"Вход"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"_type":"localeString","en":"FAQ","de":"FAQ","ru":"FAQ"},"references":{"de":"References","ru":"Мои запросы","_type":"localeString","en":"Requests"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find-it-product":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"_type":"localeString","en":"ROI calculators","ru":"ROI калькуляторы"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"en":"Business boosting","ru":"Развитие бизнеса","_type":"localeString"},"catalogs":{"en":"Catalogs","ru":"Каталоги","_type":"localeString"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"_type":"localeString","en":"Companies","ru":"Компании"},"categories":{"en":"Categories","ru":"Категории","_type":"localeString"},"for-suppliers":{"en":"For suppliers","ru":"Поставщикам","_type":"localeString"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"_type":"localeString","en":"Deals","ru":"Сделки"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"ru":"Удаление","_type":"localeString","en":"Deletion"},"comparison-confirm":{"ru":"Подтвердите удаление","_type":"localeString","en":"Are you sure you want to delete"},"search-placeholder":{"ru":"Введите поисковый запрос","_type":"localeString","en":"Enter your search term"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4presenter":{"en":"Roi4Presenter","_type":"localeString"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"en":"Create an avatar for the event","_type":"localeString"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"en":"Find and compare IT products","_type":"localeString"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString","en":"All rights reserved"},"company":{"ru":"О компании","_type":"localeString","en":"My Company","de":"Über die Firma"},"about":{"ru":"О нас","_type":"localeString","en":"About us","de":"Über uns"},"infocenter":{"ru":"Инфоцентр","_type":"localeString","en":"Infocenter","de":"Infocenter"},"tariffs":{"_type":"localeString","en":"Subscriptions","de":"Tarife","ru":"Тарифы"},"contact":{"de":"Kontaktiere uns","ru":"Связаться с нами","_type":"localeString","en":"Contact us"},"marketplace":{"de":"Marketplace","ru":"Marketplace","_type":"localeString","en":"Marketplace"},"products":{"_type":"localeString","en":"Products","de":"Produkte","ru":"Продукты"},"compare":{"de":"Wähle und vergleiche","ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare"},"calculate":{"en":"Calculate the cost","de":"Kosten berechnen","ru":"Расчитать стоимость","_type":"localeString"},"get_bonus":{"de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"salestools":{"de":"Salestools","ru":"Salestools","_type":"localeString","en":"Salestools"},"automatization":{"_type":"localeString","en":"Settlement Automation","de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов"},"roi_calcs":{"en":"ROI calculators","de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString"},"matrix":{"_type":"localeString","en":"Comparison matrix","de":"Vergleichsmatrix","ru":"Матрица сравнения"},"b4r":{"en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString"},"our_social":{"en":"Our social networks","de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString"},"subscribe":{"en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку","_type":"localeString"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"ru":"Политика конфиденциальности","_type":"localeString","en":"Privacy Policy"},"user_agreement":{"ru":"Пользовательское соглашение ","_type":"localeString","en":"Agreement"},"solutions":{"en":"Solutions","ru":"Возможности","_type":"localeString"},"find":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"quote":{"_type":"localeString","en":"Price calculator","ru":"Калькулятор цены"},"boosting":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"ru":"блог","_type":"localeString","en":"blog"},"pay4content":{"ru":"платим за контент","_type":"localeString","en":"we pay for content"},"categories":{"ru":"категории","_type":"localeString","en":"categories"},"showForm":{"en":"Show form","ru":"Показать форму","_type":"localeString"},"subscribe__title":{"_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!","ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!"},"subscribe__email-label":{"_type":"localeString","en":"Email","ru":"Email"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"en":"This field is required","ru":"Это поле обязательное","_type":"localeString"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"ru":"Подписаться","_type":"localeString","en":"Subscribe"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"en":"username@gmail.com","ru":"username@gmail.com","_type":"localeString"},"subscribe__name-placeholder":{"ru":"Имя Фамилия","_type":"localeString","en":"Last, first name"},"subscribe__success":{"en":"You are successfully subscribed! Check you mailbox.","ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString"},"subscribe__error":{"ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString","en":"Subscription is unsuccessful. Please, try again later."},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"ru":"Главная","_type":"localeString","en":"Home"},"companies":{"en":"Companies","ru":"Компании","_type":"localeString"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"registration":{"_type":"localeString","en":"Registration","ru":"Регистрация"},"b2b-platform":{"_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ"}},"comment-form":{"title":{"ru":"Оставить комментарий","_type":"localeString","en":"Leave comment"},"firstname":{"_type":"localeString","en":"First name","ru":"Имя"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"_type":"localeString","en":"Position","ru":"Должность"},"actual-cost":{"_type":"localeString","en":"Actual cost","ru":"Фактическая стоимость"},"received-roi":{"_type":"localeString","en":"Received ROI","ru":"Полученный ROI"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"_type":"localeString","en":"Comment","ru":"Комментарий"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString"},"send":{"_type":"localeString","en":"Send","ru":"Отправить"},"required-message":{"en":"{NAME} is required filed","ru":"{NAME} - это обязательное поле","_type":"localeString"}},"maintenance":{"title":{"_type":"localeString","en":"Site under maintenance","ru":"На сайте проводятся технические работы"},"message":{"_type":"localeString","en":"Thank you for your understanding","ru":"Спасибо за ваше понимание"}}},"translationsStatus":{"company":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"company":{"translatable_meta":[{"name":"title","translations":{"ru":"Компания","_type":"localeString","en":"Company"}},{"name":"description","translations":{"_type":"localeString","en":"Company description","ru":"Описание компании"}},{"name":"keywords","translations":{"en":"Company keywords","ru":"Ключевые слова для компании","_type":"localeString"}}],"title":{"ru":"ROI4CIO: Компания","_type":"localeString","en":"ROI4CIO: Company"},"meta":[{"content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg","name":"og:image"},{"content":"website","name":"og:type"}]}},"pageMetaDataStatus":{"company":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{"sqr-systems":{"id":5336,"title":"SQR Systems","logoURL":"https://old.roi4cio.com/uploads/roi/company/SQR_Systems_logo.png","alias":"sqr-systems","address":"","roles":[{"id":2,"type":"supplier"},{"id":3,"type":"vendor"}],"description":" SQR Systems is a cybersecurity company providing the secure communications backbone for Fintech &amp; Regtech to protect their mobile and Internet of Things (IoT) devices.\r\nOur patented technology ensures effective compliance, control and security of data for enterprises and individuals over unpredictable networks. As more and more regulations come into play, FinTech and RegTech companies need to meet enterprise-grade compliance but this presents a significant barrier to entry for new products. Our pre-built APIs can be deployed in new and existing products to enable security and compliance-by-design hence allowing products to hit the market quickly in regulated environments.\r\nSource: https://www.linkedin.com/company/sqr-systems-limited/about/","companyTypes":["supplier","vendor"],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{"375":{"id":375,"title":"Mobile Enterprise Security","description":" Because mobile devices are easily lost or stolen, data on those devices is vulnerable. Enterprise mobility management is a set of systems intended to prevent unauthorized access to enterprise applications and/or corporate data on mobile devices. These can include password protection, encryption and/or remote wipe technology, which allows an administrator to delete all data from a misplaced device. With many systems, security policies can be centrally managed and enforced. Such device management systems are programmed to support and cooperate with the application programming interfaces (APIs) from various device makers to increase security compliance.\r\nThe data transfer between mobile device and the enterprise should always be encrypted, for example through a VPN tunnel or over HTTPS.\r\nMobile devices in companies with &quot;bring your own device&quot; (BYOD) policies are often used both personally and professionally. In these cases, corporate IT has less control over whether malware is on the device and what damage may be caused to corporate data. Apart from careful user behavior - data storage on the mobile device should be limited and centrally organized.","materialsDescription":" <span style=\"font-weight: bold;\">What is mobile security?</span>\r\nMobile security refers to the set of technologies and practices that aim to protect mobile devices against operating system vulnerabilities, network and app attacks, or mobile malware. Technologies such as enterprise mobility management (EMM) solutions manage compliance policies and issues relating to device privilege or loss.\r\n<span style=\"font-weight: bold;\">What are mobile security threats?</span>\r\nMobile security threats are vulnerabilities or attacks that attempt to compromise your phone's operating system, internet connection, Wi-Fi and Bluetooth connections, or apps. Smartphones possess very different behaviors and capabilities compared to PCs or laptops and need to be equipped to detect attacks specific to mobile devices. Mobile devices contain unique functions and behaviors making traditional IT security solutions ineffective for securing mobile devices. One of the primary differences in how mobile devices are different from PCs and laptops is administration privileges. There are several administrators for a PC or laptop making it simple for corporate IT to install security software and monitor computers for problems. On mobile devices, the administration is handled by the device owner. The device owner is the only one that can install apps or allow other management profiles on the device. This means the burden of securing the mobile device and its data falls entirely on the user--who may not have the time or expertise to provide proper mobile device security.\r\n<span style=\"font-weight: bold;\">Why is mobile security important?</span>\r\nMobile security is very important since our mobile device is now our primary computing device. On average, users spend more than 5 hours each day on a mobile device conducting company and personal business. The shift in device usage habits has also moved the prime target for hackers from PCs to our mobile devices. Since mobile devices are now a prime target, we need to secure them and arm them with threat detection and malware protection just like PCs. Smartphones are able to circumvent traditional security controls, and typically represent a massive blind spot for IT and security teams. Hackers know this, which no doubt contributed to the number of smartphone attacks recorded between January and July 2016. The number of attacks nearly doubled compared to the last six months of 2015. During that same time period, smartphones accounted for 78% of all mobile network infections.\r\n<span style=\"font-weight: bold;\">Which mobile security is best for enterprises?</span>\r\nThere are a number of mobile security solutions available on the market, but identifying which mobile security is best for enterprises entails using specific criteria. As is often the case, solutions designed for consumers and end-users may not be as robust, full-featured, reliable and scalable as solutions designed specifically for the enterprise. In particular, mobile security solutions that are suitable for enterprise use should include scalability, autonomous functionality, machine learning, on-device operation, and protection from zero-day threats. Enterprises also need to consider flexible deployment models to take advantage of existing infrastructure or cloud computing environments.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Mobile_Enterprise_Security.png","alias":"mobile-enterprise-security"},"591":{"id":591,"title":"Software Development","description":" Software development is the process of conceiving, specifying, designing, programming, documenting, testing, and bug fixing involved in creating and maintaining applications, frameworks, or other software components. Software development is a process of writing and maintaining the source code, but in a broader sense, it includes all that is involved between the conception of the desired software through to the final manifestation of the software, sometimes in a planned and structured process. Therefore, software development may include research, new development, prototyping, modification, reuse, re-engineering, maintenance, or any other activities that result in software products.\r\nSoftware can be developed for a variety of purposes, the three most common being to meet specific needs of a specific client/business (the case with custom software), to meet a perceived need of some set of potential users (the case with commercial and open-source software), or for personal use (e.g. a scientist may write software to automate a mundane task). Embedded software development, that is, the development of embedded software, such as used for controlling consumer products, requires the development process to be integrated with the development of the controlled physical product. System software underlies applications and the programming process itself and is often developed separately.\r\nThe need for better quality control of the software development process has given rise to the discipline of software engineering, which aims to apply the systematic approach exemplified in the engineering paradigm to the process of software development.\r\nThere are many approaches to software project management, known as software development life cycle models, methodologies, processes, or models. The waterfall model is a traditional version, contrasted with the more recent innovation of agile software development.","materialsDescription":" <span style=\"font-weight: bold; \">What is software development?</span>\r\nSoftware itself is the set of instructions or programs that tell a computer what to do. It is independent of hardware and makes computers programmable. There are three basic types:\r\n<span style=\"font-weight: bold; \">System software</span> to provide core functions such as operating systems, disk management, utilities, hardware management, and other operational necessities.\r\n<span style=\"font-weight: bold; \">Programming software</span> to give programmers tools such as text editors, compilers, linkers, debuggers and other tools to create code.\r\n<span style=\"font-weight: bold; \">Application software</span> (applications or apps) to help users perform tasks. Office productivity suites, data management software, media players and security programs are examples. Applications also refer to web and mobile applications like those used to shop on Amazon.com, socialize with Facebook or post pictures to Instagram.\r\nA possible fourth type is <span style=\"font-weight: bold; \">embedded software.</span> Embedded systems software is used to control machines and devices not typically considered computers — telecommunications networks, cars, industrial robots and more. These devices, and their software, can be connected as part of the Internet of Things (IoT).\r\nSoftware development is primarily conducted by programmers, software engineers, and software developers. These roles interact and overlap, and the dynamics between them vary greatly across development departments and communities.\r\n<span style=\"font-weight: bold; \">Programmers, or coders,</span> write source code to program computers for specific tasks like merging databases, processing online orders, routing communications, conducting searches or displaying text and graphics. Programmers typically interpret instructions from software developers and engineers and use programming languages like C++ or Java to carry them out.\r\n<span style=\"font-weight: bold; \">Software engineers</span> apply engineering principles to build software and systems to solve problems. They use modeling language and other tools to devise solutions that can often be applied to problems in a general way, as opposed to merely solving for a specific instance or client. Software engineering solutions adhere to the scientific method and must work in the real world, as with bridges or elevators.\r\n<span style=\"font-weight: bold; \">Software developers</span> have a less formal role than engineers and can be closely involved with specific project areas — including writing code. At the same time, they drive the overall software development lifecycle — including working across functional teams to transform requirements into features, managing development teams and processes, and conducting software testing and maintenance.\r\nThe work of software development isn’t confined to coders or development teams. Professionals such as scientists, device fabricators, and hardware makers also create software code even though they are not primarily software developers. Nor is it confined to traditional information technology industries such as software or semiconductor businesses. In fact, according to the Brookings Institute, those businesses “account for less than half of the companies performing software development.”\r\nAn important distinction is custom software development as opposed to commercial software development. Custom software development is the process of designing, creating, deploying and maintaining software for a specific set of users, functions or organizations. In contrast, commercial off-the-shelf software (COTS) is designed for a broad set of requirements, allowing it to be packaged and commercially marketed and distributed.\r\n<span style=\"font-weight: bold;\">Steps in the software development process</span>\r\nDeveloping software typically involves the following steps:\r\n<ul><li><span style=\"font-weight: bold;\">Selecting a methodology</span> to establish a framework in which the steps of software development are applied. It describes an overall work process or roadmap for the project. Methodologies can include Agile development, DevOps, Rapid Application Development (RAD), Scaled Agile Framework (SAFe), Waterfall and others.</li><li><span style=\"font-weight: bold;\">Gathering requirements</span> to understand and document what is required by users and other stakeholders.</li><li><span style=\"font-weight: bold;\">Choosing or building architecture</span> as the underlying structure within which the software will operate.</li><li><span style=\"font-weight: bold;\">Developing a design</span> around solutions to the problems presented by requirements, often involving process models and storyboards.</li><li><span style=\"font-weight: bold;\">Constructing code</span> in the appropriate programming language. Involves peer and team review to eliminate problems early and produce quality software faster.</li><li><span style=\"font-weight: bold;\">Testing</span> with pre-planned scenarios as part of software design and coding — and conducting performance testing to simulate load testing on the application.</li><li><span style=\"font-weight: bold;\">Managing configuration and defects</span> to understand all the software artifacts (requirements, design, code, test) and build distinct versions of the software. Establish quality assurance priorities and release criteria to address and track defects.</li><li><span style=\"font-weight: bold;\">Deploying</span> the software for use and responding to and resolving user problems.</li><li><span style=\"font-weight: bold;\">Migrating data</span> to the new or updated software from existing applications or data sources if necessary.</li><li><span style=\"font-weight: bold;\">Managing and measuring the project</span> to maintain quality and delivery over the application lifecycle, and to evaluate the development process with models such as the Capability Maturity Model (CMM).</li></ul>\r\nThe steps of the software development process fit into application lifecycle management.\r\n<ul><li>Requirements analysis and specification</li><li>Design and development</li><li>Testing</li><li>Deployment</li><li>Maintenance and support</li></ul>\r\nSoftware development process steps can be grouped into the phases of the lifecycle, but the importance of the lifecycle is that it recycles to enable continuous improvement. For example, user issues that surface in the maintenance and support phase can become requirements at the beginning of the next cycle.\r\n<span style=\"font-weight: bold;\">Why is software development important?</span>\r\nSoftware development is important because it helps businesses differentiate themselves and be more competitive. It can improve customer experiences, bring more innovative, feature-rich products to market faster, and make operations more efficient, safe and productive.\r\nSoftware development is also important because it is pervasive.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Software_Development.png","alias":"software-development"},"834":{"id":834,"title":"IoT - Internet of Things Security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each &quot;thing&quot; is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png","alias":"iot-internet-of-things-security"},"850":{"id":850,"title":"Mobile Data Protection (BYOD)","description":"The first and best defense in securing BYODs begins with the same requirements you apply to devices that are already on your network. These security measures include enforcing strong passcodes on all devices, antivirus protection and data loss prevention (DLP), full-disk encryption for disk, removable media and cloud storage, mobile device management (MDM) to wipe sensitive data when devices are lost or stolen, and application control.\r\nYou should always extend encryption to both data in transit and data at rest. Protecting your devices with strong passwords means you make it incredibly difficult for someone to break in and steal data. But if somehow your device-level password is compromised, encrypting the data stored on the device provides a second level of security a hacker must get through in order to steal your data.\r\nYou should encourage users to think of the extra layers of security as helpful tools that give them the ability to use their own devices within the workplace. By password protecting devices, a user acknowledges accountability and responsibility for protecting their data.\r\nIn addition to applying passcodes and antivirus prevention to your devices, you should apply a custom level of application control to BYODs. If applications are available to employees on the internal network, they should be able to access them offsite through a VPN or email software.\r\nA successful BYOD program allows your users to be productive outside of their scheduled work hours while also giving them the flexibility to do the things they like to do when they’re not working—like update their status or enjoy playing an interactive game.\r\nWhatever decision you make for your BYOD policy, be sure that it’s enforceable and enables IT to deploy software remotely.","materialsDescription":" <span style=\"font-weight: bold;\">How can I control apps on BYOD devices?</span>\r\nThe best way IT can control apps on BYOD devices is to have an acceptable use policy in place. Since BYOD adoption has picked up, IT pros have less control over the apps employees use. A policy that lays out expectations and consequences for users can improve the success of your BYOD initiative. Mobile device management (MDM) systems also offer application controls through their blacklisting and whitelisting features. In addition, those with auto-quarantine or remote wipe capabilities also help in the event that a user installs non-compliant apps on his or her device.\r\n<span style=\"font-weight: bold;\">How can my organization create a BYOD policy?</span>\r\nEvery organization’s BYOD policy is a little different because policies are most effective when they’re organization-specific. The most important thing you can do is create a policy as soon as you decide to allow users to bring their own devices to work. The basic points of good BYOD programs address the same things: how users should protect devices, what they can and can’t access and what will happen if and when they leave the company.\r\nA strong BYOD policy should also consider device selection, reimbursement, MDM, device security and mobile application security. Also think about how you’ll enforce BYOD policy once it’s in place.\r\n<span style=\"font-weight: bold;\">What mobile app delivery options does my department have?</span>\r\nThere are four good mobile app delivery approaches, but each has pitfalls.\r\nEnterprise app stores give IT licensing and compliance control and let users download pre-approved mobile applications, but they require a lot of maintenance and resources. Web apps are compatible with different devices and don’t need a distribution system, but without an Internet connection, they aren’t practical. Cloud file-sharing services are good for app delivery since most employees are already familiar with services such as Dropbox. If you chose the cloud option, you’ll have to use or develop cloud-based mobile apps or pay for cloud storage services. And mobile desktop virtualization lets users connect to a PC environment and stores all sensitive data on servers instead of devices. But for desktop virtualization on mobile devices to work, users need a reasonably large screen and a reliable Internet connection.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_BYOD.png","alias":"mobile-data-protection-byod"},"852":{"id":852,"title":"Network security","description":" Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.\r\nNetwork security starts with authentication, commonly with a username and a password. Since this requires just one detail authenticating the user name — i.e., the password—this is sometimes termed one-factor authentication. With two-factor authentication, something the user 'has' is also used (e.g., a security token or 'dongle', an ATM card, or a mobile phone); and with three-factor authentication, something the user 'is' is also used (e.g., a fingerprint or retinal scan).\r\nOnce authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network like wireshark traffic and may be logged for audit purposes and for later high-level analysis. Newer systems combining unsupervised machine learning with full network traffic analysis can detect active network attackers from malicious insiders or targeted external attackers that have compromised a user machine or account.\r\nCommunication between two hosts using a network may be encrypted to maintain privacy.\r\nHoneypots, essentially decoy network-accessible resources, may be deployed in a network as surveillance and early-warning tools, as the honeypots are not normally accessed for legitimate purposes. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis may be used to further tighten security of the actual network being protected by the honeypot. A honeypot can also direct an attacker's attention away from legitimate servers. A honeypot encourages attackers to spend their time and energy on the decoy server while distracting their attention from the data on the real server. Similar to a honeypot, a honeynet is a network set up with intentional vulnerabilities. Its purpose is also to invite attacks so that the attacker's methods can be studied and that information can be used to increase network security. A honeynet typically contains one or more honeypots.","materialsDescription":" <span style=\"font-weight: bold;\">What is Network Security?</span>\r\nNetwork security is any action an organization takes to prevent malicious use or accidental damage to the network’s private data, its users, or their devices. The goal of network security is to keep the network running and safe for all legitimate users.\r\nBecause there are so many ways that a network can be vulnerable, network security involves a broad range of practices. These include:\r\n<ul><li><span style=\"font-weight: bold;\">Deploying active devices:</span> Using software to block malicious programs from entering, or running within, the network. Blocking users from sending or receiving suspicious-looking emails. Blocking unauthorized use of the network. Also, stopping the network's users accessing websites that are known to be dangerous.</li><li><span style=\"font-weight: bold;\">Deploying passive devices:</span> For instance, using devices and software that report unauthorized intrusions into the network, or suspicious activity by authorized users.</li><li><span style=\"font-weight: bold;\">Using preventative devices:</span> Devices that help identify potential security holes, so that network staff can fix them.</li><li><span style=\"font-weight: bold;\">Ensuring users follow safe practices:</span> Even if the software and hardware are set up to be secure, the actions of users can create security holes. Network security staff is responsible for educating members of the organization about how they can stay safe from potential threats.</li></ul>\r\n<span style=\"font-weight: bold;\">Why is Network Security Important?</span>\r\nUnless it’s properly secured, any network is vulnerable to malicious use and accidental damage. Hackers, disgruntled employees, or poor security practices within the organization can leave private data exposed, including trade secrets and customers’ private details.\r\nLosing confidential research, for example, can potentially cost an organization millions of dollars by taking away competitive advantages it paid to gain. While hackers stealing customers’ details and selling them to be used in fraud, it creates negative publicity and public mistrust of the organization.\r\nThe majority of common attacks against networks are designed to gain access to information, by spying on the communications and data of users, rather than to damage the network itself.\r\nBut attackers can do more than steal data. They may be able to damage users’ devices or manipulate systems to gain physical access to facilities. This leaves the organization’s property and members at risk of harm.\r\nCompetent network security procedures keep data secure and block vulnerable systems from outside interference. This allows the network’s users to remain safe and focus on achieving the organization’s goals.\r\n<span style=\"font-weight: bold;\">Why Do I Need Formal Education to Run a Computer Network?</span>\r\nEven the initial setup of security systems can be difficult for those unfamiliar with the field. A comprehensive security system is made of many pieces, each of which needs specialized knowledge.\r\nBeyond setup, each aspect of security is constantly evolving. New technology creates new opportunities for accidental security leaks, while hackers take advantage of holes in security to do damage as soon as they find them. Whoever is in charge of the network’s security needs to be able to understand the technical news and changes as they happen, so they can implement safety strategies right away.\r\nProperly securing your network using the latest information on vulnerabilities helps minimize the risk that attacks will succeed. Security Week reported that 44% of breaches in 2014 came from exploits that were 2-4 years old.\r\nUnfortunately, many of the technical aspects of network security are beyond those who make hiring decisions. So, the best way an organization can be sure that their network security personnel are able to properly manage the threats is to hire staff with the appropriate qualifications.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_security.png","alias":"network-security"},"856":{"id":856,"title":"Secure Communications","description":" <span style=\"font-weight: bold;\">Secure communication</span> is when two entities are communicating and do not want a third party to listen in. For that, they need to communicate in a way not susceptible to eavesdropping or interception. Secure communication includes means by which people can share information with varying degrees of certainty that third parties cannot intercept what was said. Other than spoken face-to-face communication with no possible eavesdropper, it is probably safe to say that no communication is guaranteed secure in this sense, although practical obstacles such as legislation, resources, technical issues (interception and encryption), and the sheer volume of communication serve to limit surveillance.\r\nWith many communications taking place over long distances and mediated by technology, and increasing awareness of the importance of interception issues, technology, and its compromise are at the heart of this debate.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Encryption</span></span> is a method in which data is rendered hard to read by an unauthorized party. Since encryption methods are created to extremely hard to break, many communication methods either use deliberately weaker encryption than possible or have backdoors inserted to permit rapid decryption. In some cases, government authorities have required backdoors to be installed in secret. Many methods of encryption are also subject to &quot;man in the middle&quot; attack whereby a third party who can 'see' the establishment of the secure communication is made privy to the encryption method, this would apply for example to the interception of computer use at an ISP. Provided it is correctly programmed, sufficiently powerful, and the keys not intercepted, encryption would usually be considered secure.\r\nEncryption can be implemented in a way that requires the use of encryption, i.e. if encrypted communication is impossible then no traffic is sent, or opportunistically. Opportunistic encryption is a lower security method to generally increase the percentage of generic traffic which is encrypted. This is analogous to beginning every conversation with &quot;Do you speak Navajo?&quot; If the response is affirmative, then the conversation proceeds in Navajo, otherwise, it uses the common language of the two speakers. This method does not generally provide authentication or anonymity but it does protect the content of the conversation from eavesdropping.\r\nAn Information-theoretic security technique known as physical layer encryption ensures that a wireless communication link is provably secure with communications and coding techniques.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Steganography</span></span> (&quot;hidden writing&quot;) is also the means by which data can be hidden within other more innocuous data. Thus a watermark proving ownership embedded in the data of a picture, in such a way it is hard to find or remove unless you know how to find it. Or, for communication, the hiding of important data (such as a telephone number) in apparently innocuous data (an MP3 music file). An advantage of steganography is plausible deniability, that is unless one can prove the data is there (which is usually not easy), it is deniable that the file contains any.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Identity-based networks</span></span> are one of the tools to obtain security. Unwanted or malicious behavior is possible on the web since the internet is inherently anonymous. True identity-based networks replace the ability to remain anonymous and are inherently more trustworthy since the identity of the sender and recipient are known. (The telephone system is an example of an identity-based network.)\r\nRecently, <span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">anonymous networking</span></span> also has been used to secure communications. In principle, a large number of users running the same system can have communications routed between them in such a way that it is very hard to detect what the complete message is, which user sent it, and where it is ultimately coming from or going to. Examples are Crowds, Tor, I2P, Mixminion, various anonymous P2P networks, and others.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Anonymous communication devices</span></span> are also one of the tools to obtain security.&nbsp; In theory, an unknown device would not be noticed, since so many other devices are in use. This is not altogether the case in reality, due to the presence of systems such as Carnivore and Echelon, which can monitor communications over entire networks and the fact that the far end may be monitored as before. Examples include payphones, Internet cafes, etc.\r\nPrograms offering more security are <span style=\"font-weight: bold;\">secure instant messaging, VoIP, secure email, IRC and webchat,</span> and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What are the types of security?</span>\r\nSecurity can be broadly categorized under the following headings, with examples:\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">1. Hiding the content or nature of a communication</span></span>\r\n<ul><li><span style=\"font-style: italic; \">Code</span> – a rule to convert a piece of information (for example, a letter, word, phrase, or gesture) into another form or representation (one sign into another sign), not necessarily of the same type. In communications and information processing, encoding is the process by which information from a source is converted into symbols to be communicated. Decoding is the reverse process, converting these code symbols back into information understandable by a receiver. One reason for coding is to enable communication in places where ordinary spoken or written language is difficult or impossible. For example, semaphore, where the configuration of flags held by a signaler or the arms of a semaphore tower encodes parts of the message, typically individual letters, and numbers. Another person standing a great distance away can interpret the flags and reproduce the words sent.</li><li><span style=\"font-style: italic; \">Encryption</span></li><li><span style=\"font-style: italic; \">Steganography</span></li><li><span style=\"font-style: italic; \">Identity-Based</span></li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">2. Hiding the parties to a communication – preventing identification, promoting anonymity</span></span>\r\n<ul><li>&quot;Crowds&quot; and similar anonymous group structures – it is difficult to identify who said what when it comes from a &quot;crowd&quot;</li><li>Anonymous communication devices – unregistered cellphones, Internet cafes</li><li>Anonymous proxies</li><li>Hard to trace routing methods – through unauthorized third-party systems, or relays</li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">3. Hiding the fact that communication takes place</span></span>\r\n<ul><li>&quot;Security by obscurity&quot; – similar to a needle in a haystack</li><li>Random traffic – creating random data flow to make the presence of genuine communication harder to detect and traffic analysis less reliable</li></ul>\r\nEach of the three is important, and depending on the circumstances any of these may be critical. For example, if a communication is not readily identifiable, then it is unlikely to attract attention for identification of parties, and the mere fact communication has taken place (regardless of content) is often enough by itself to establish an evidential link in legal prosecutions. It is also important with computers, to be sure where the security is applied, and what is covered.\r\n<span style=\"font-weight: bold; \">What are the methods used to &quot;break&quot; security?</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Bugging</span></span>\r\nThe placing covertly of monitoring and/or transmission devices either within the communication device, or in the premises concerned.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Computers (general)</span></span>\r\nAny security obtained from a computer is limited by the many ways it can be compromised – by hacking, keystroke logging, backdoors, or even in extreme cases by monitoring the tiny electrical signals given off by keyboard or monitors to reconstruct what is typed or seen (TEMPEST, which is quite complex).\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Laser audio surveillance</span></span>\r\nSounds, including speech, inside rooms, can be sensed by bouncing a laser beam off a window of the room where a conversation is held and detecting and decoding the vibrations in the glass caused by the sound waves.\r\n<span style=\"font-weight: bold; \">What are the systems offering partial security?</span>\r\n<span style=\"font-weight: bold; \">Anonymous cellphones.</span> Cellphones can easily be obtained, but are also easily traced and &quot;tapped&quot;. There is no (or only limited) encryption, the phones are traceable – often even when switched off – since the phone and SIM card broadcast their International Mobile Subscriber Identity (IMSI). It is possible for a cellphone company to turn on some cellphones when the user is unaware and use the microphone to listen in on you, and according to James Atkinson, a counter-surveillance specialist cited in the same source, &quot;Security-conscious corporate executives routinely remove the batteries from their cell phones&quot; since many phones' software can be used &quot;as-is&quot;, or modified, to enable transmission without user awareness and the user can be located within a small distance using signal triangulation and now using built-in GPS features for newer models. Transceivers may also be defeated by jamming or Faraday cage.\r\nSome cellphones (Apple's iPhone, Google's Android) track and store users' position information so that movements for months or years can be determined by examining the phone.\r\n<span style=\"font-weight: bold; \">Landlines.</span> Analog landlines are not encrypted, it lends itself to being easily tapped. Such tapping requires physical access to the line which can be easily obtained from a number of places, e.g. the phone location, distribution points, cabinets and the exchange itself. Tapping a landline in this way can enable an attacker to make calls that appear to originate from the tapped line.\r\n<span style=\"font-weight: bold;\">Anonymous Internet.</span> Using a third-party system of any kind (payphone, Internet cafe) is often quite secure, however, if that system is used to access known locations (a known email account or 3rd party) then it may be tapped at the far end, or noted, and this will remove any security benefit obtained. Some countries also impose mandatory registration of Internet cafe users.\r\nAnonymous proxies are another common type of protection, which allows one to access the net via a third party (often in a different country) and make tracing difficult. Note that there is seldom any guarantee that the plaintext is not tappable, nor that the proxy does not keep its own records of users or entire dialogs. As a result, anonymous proxies are a generally useful tool but may not be as secure as other systems whose security can be better assured. Their most common use is to prevent a record of the originating IP, or address, being left on the target site's own records. Typical anonymous proxies are found at both regular websites such as Anonymizer.com and spynot.com, and on proxy sites which maintain up to date lists of large numbers of temporary proxies in operation.\r\nA recent development on this theme arises when wireless Internet connections (&quot;Wi-Fi&quot;) are left in their unsecured state. The effect of this is that any person in range of the base unit can piggyback the connection – that is, use it without the owner being aware. Since many connections are left open in this manner, situations where piggybacking might arise (willful or unaware) have successfully led to a defense in some cases, since it makes it difficult to prove the owner of the connection was the downloader or had knowledge of the use to which unknown others might be putting their connection. An example of this was the Tammie Marson case, where neighbors and anyone else might have been the culprit in the sharing of copyright files. Conversely, in other cases, people deliberately seek out businesses and households with unsecured connections, for illicit and anonymous Internet usage, or simply to obtain free bandwidth.\r\n<span style=\"font-weight: bold;\">Programs offering more security.</span>\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Secure instant messaging</span></span> – Some instant messaging clients use end-to-end encryption with forwarding secrecy to secure all instant messages to other users of the same software. Some instant messaging clients also offer end-to-end encrypted file transfer support and group messaging.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">VoIP</span></span> – Some VoIP clients implement ZRTP and SRTP encryption for calls.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Secure email</span></span> – some email networks are designed to provide encrypted and/or anonymous communication. They authenticate and encrypt on the users own computer, to prevent transmission of plain text, and mask the sender and recipient. Mixminion and I2P-Bote provide a higher level of anonymity by using a network of anonymizing intermediaries, similar to how Tor works, but at a higher latency.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">IRC and webchat</span></span> – Some IRC clients and systems use client-to-server encryption such as SSL/TLS. This is not standardized.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/diseno-plano-de-icon.png","alias":"secure-communications"}},"branches":"Information Technology","companySizes":"1 to 50 Employees","companyUrl":"https://www.sqrsystems.com/","countryCodes":["GBR"],"certifications":[],"isSeller":true,"isSupplier":true,"isVendor":true,"presenterCodeLng":"","seo":{"title":"SQR Systems","keywords":"","description":" SQR Systems is a cybersecurity company providing the secure communications backbone for Fintech &amp; Regtech to protect their mobile and Internet of Things (IoT) devices.\r\nOur patented technology ensures effective compliance, control and security of data for","og:title":"SQR Systems","og:description":" SQR Systems is a cybersecurity company providing the secure communications backbone for Fintech &amp; Regtech to protect their mobile and Internet of Things (IoT) devices.\r\nOur patented technology ensures effective compliance, control and security of data for","og:image":"https://old.roi4cio.com/uploads/roi/company/SQR_Systems_logo.png"},"eventUrl":"","vendorPartners":[],"supplierPartners":[],"vendoredProducts":[{"id":4988,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/SQR_Systems_Logo.png","logo":true,"scheme":false,"title":"SQR Systems Ceerus IoT","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"sqr-systems-ceerus-iot","companyTitle":"SQR Systems","companyTypes":["supplier","vendor"],"companyId":5336,"companyAlias":"sqr-systems","description":"<span style=\"font-weight: bold;\">Secure communications software for the Internet of Things (IoT)</span>\r\nCeerus IoT software secures data in drones, wearable tech, smart devices and infrastructure. With no need for additional hardware, our solution can be deployed at pace and a manageable cost. It enables you to connect, authenticate, and exchange voice, video and other data in your devices securely to avoid data loss, with guaranteed quality regardless of network conditions.\r\n<span style=\"font-weight: bold;\">Secure from the edge</span>\r\nWe ensure data security right from the sensor: either by deploying security on the sensor hardware or by providing software for add-on devices that can plug and play with your existing sensors. Data is not decrypted anywhere in the network so you get true end-to-end security right from the sensor to its destination.\r\n<span style=\"font-weight: bold;\">Low latency &amp; power consumption</span>\r\nThe Ceerus IoT architecture is optimized for lower power consumption by offloading the compression and encryption functions to GPUs and other features of IoT chips to make it more computationally efficient. The security algorithms used in Ceerus IoT are specifically designed to reduce latency by using low complexity elliptic curve cryptography and avoid resource-hungry public key infrastructure that is difficult to scale in IoT environments.\r\n<span style=\"font-weight: bold;\">Network agnostic</span>\r\nOur encrypted optimisation technology allows you to connect different IoT networks together without creating security issues by having to decrypt the data. When connecting different IoT networks, such as networks of connected vehicles and smart cities, there are different security and bandwidth characteristics between networks. Our technology enables data optimisation in an encrypted form for different network conditions. Data does not get decrypted at the network boundaries so is always kept secure.\r\n<span style=\"font-weight: bold;\">Integrate using Ceerus IoT APIs</span>\r\nWe offer seamless sensor network scalability through easy API integrations. A pre-built SDK can be deployed quickly, containing all of our security and compression capabilities. The Ceerus APIs have been optimised for ARM-based chips and device architectures to enable development of sensor devices using widely used commodity hardware, with security and compliance by default.","shortDescription":"Securely send & manage data from your IoT sensors over any network.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"SQR Systems Ceerus IoT","keywords":"","description":"<span style=\"font-weight: bold;\">Secure communications software for the Internet of Things (IoT)</span>\r\nCeerus IoT software secures data in drones, wearable tech, smart devices and infrastructure. With no need for additional hardware, our solution can be depl","og:title":"SQR Systems Ceerus IoT","og:description":"<span style=\"font-weight: bold;\">Secure communications software for the Internet of Things (IoT)</span>\r\nCeerus IoT software secures data in drones, wearable tech, smart devices and infrastructure. With no need for additional hardware, our solution can be depl","og:image":"https://old.roi4cio.com/fileadmin/user_upload/SQR_Systems_Logo.png"},"eventUrl":"","translationId":4989,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each &quot;thing&quot; is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"suppliedProducts":[{"id":4988,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/SQR_Systems_Logo.png","logo":true,"scheme":false,"title":"SQR Systems Ceerus IoT","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"sqr-systems-ceerus-iot","companyTitle":"SQR Systems","companyTypes":["supplier","vendor"],"companyId":5336,"companyAlias":"sqr-systems","description":"<span style=\"font-weight: bold;\">Secure communications software for the Internet of Things (IoT)</span>\r\nCeerus IoT software secures data in drones, wearable tech, smart devices and infrastructure. With no need for additional hardware, our solution can be deployed at pace and a manageable cost. It enables you to connect, authenticate, and exchange voice, video and other data in your devices securely to avoid data loss, with guaranteed quality regardless of network conditions.\r\n<span style=\"font-weight: bold;\">Secure from the edge</span>\r\nWe ensure data security right from the sensor: either by deploying security on the sensor hardware or by providing software for add-on devices that can plug and play with your existing sensors. Data is not decrypted anywhere in the network so you get true end-to-end security right from the sensor to its destination.\r\n<span style=\"font-weight: bold;\">Low latency &amp; power consumption</span>\r\nThe Ceerus IoT architecture is optimized for lower power consumption by offloading the compression and encryption functions to GPUs and other features of IoT chips to make it more computationally efficient. The security algorithms used in Ceerus IoT are specifically designed to reduce latency by using low complexity elliptic curve cryptography and avoid resource-hungry public key infrastructure that is difficult to scale in IoT environments.\r\n<span style=\"font-weight: bold;\">Network agnostic</span>\r\nOur encrypted optimisation technology allows you to connect different IoT networks together without creating security issues by having to decrypt the data. When connecting different IoT networks, such as networks of connected vehicles and smart cities, there are different security and bandwidth characteristics between networks. Our technology enables data optimisation in an encrypted form for different network conditions. Data does not get decrypted at the network boundaries so is always kept secure.\r\n<span style=\"font-weight: bold;\">Integrate using Ceerus IoT APIs</span>\r\nWe offer seamless sensor network scalability through easy API integrations. A pre-built SDK can be deployed quickly, containing all of our security and compression capabilities. The Ceerus APIs have been optimised for ARM-based chips and device architectures to enable development of sensor devices using widely used commodity hardware, with security and compliance by default.","shortDescription":"Securely send & manage data from your IoT sensors over any network.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"SQR Systems Ceerus IoT","keywords":"","description":"<span style=\"font-weight: bold;\">Secure communications software for the Internet of Things (IoT)</span>\r\nCeerus IoT software secures data in drones, wearable tech, smart devices and infrastructure. With no need for additional hardware, our solution can be depl","og:title":"SQR Systems Ceerus IoT","og:description":"<span style=\"font-weight: bold;\">Secure communications software for the Internet of Things (IoT)</span>\r\nCeerus IoT software secures data in drones, wearable tech, smart devices and infrastructure. With no need for additional hardware, our solution can be depl","og:image":"https://old.roi4cio.com/fileadmin/user_upload/SQR_Systems_Logo.png"},"eventUrl":"","translationId":4989,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each &quot;thing&quot; is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"partnershipProgramme":null}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}