Register Here
Delegates
Sponsorship
  Call For Papers
Speakers
Schedule
Sponsors
Exhibitors
  Sessions
  Videos
  Power Panels
  Presentations
Untitled Document
2018 Platinum Sponsor

2018 Gold Sponsor

2018 Tech Sponsor

2018 Partners

2018 Exhibitors


Untitled Document
2018 Media Sponsors








Untitled Document
2017 West
Premium Sponsors
Diamond



Platinum
@DevOpsSummit

Bronze










Untitled Document
2017 West
Keynote Sponsor


Untitled Document
2017 West Exhibitors
























@ThingsExpo











Untitled Document
2017 West JETRO ×
Six Prefectures
of Japan
Pavilion Exhibitors



















Untitled Document
2017 West Media Sponsors














Untitled Document
2017 East
Premium Sponsors
Diamond



Platinum
@DevOpsSummit

@DevOpsSummit

Silver
@DevOpsSummit


Bronze










Untitled Document
2017 East Exhibitors
@DevOpsSummit




































Untitled Document
2017 East Media Sponsors
















Untitled Document
   
  Think Big – Now Think Even Bigger
  Join Us at Internet of Things at Cloud Expo, November 11-13,
at the Javits Center!


The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago.

All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.

With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend Internet of Things at Cloud Expo in New York City. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be!

Delegates to Internet of Things at Cloud Expo will be able to attend eight separate, information-packed tracks:

  • Enterprise Cloud
  • Digital Transformation
  • The API Enterprise | Mobility & Security
  • DevOps | Containers & Microservices
  • Cognitive Computing | AI, ML, DL
  • Big Data | Analytics
  • IoT | IIoT | Smart Cities
  • Hot Topics | FinTech | WebRTC

There are 120 breakout sessions in all, with Keynotes, General Sessions, and Power Panels adding to three days of incredibly rich presentations and content.


We'll see you in New York!



Day 3 Keynote at @ThingsExpo | Chris Matthieu, CTO of Octoblu
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu's platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
  Themes & Topics to Be Discussed

Consumer IoT
• Wearables
• Smart Appliances
• Smart Cars
• Smartphones 2.0
• Automation
• Smart Travel
• Personal Fitness
• Health Care
• Personalized Marketing
• Customized Shopping
• Personal Finance
• The Digital Divide
• Mobile Cash & Markets
• Games & The IoT
• The Future of Education
• Virtual Reality

Enterprise IoT
• The Business Case for
x IoT
• Smart Grids
• Smart Cities
• Smart Transportation
• The Smart Home
• M2M
• Authentication/Security
• Wiring the IoT
• The Internet of
x Everything
• Digital Transformation
x of Enterprise IT
• Agriculture
• Transportation
• Manufacturing
• Local & State
x Government
• Federal Government

IoT Developers | WebRTC Summit
• Eclipse Foundation
• Cloud Foundry
• Linux Containers
• Node-Red
• Open Source Hardware
• Ajax and the IoT
• Leveraging SOA
• Multi-Cloud IoT
• Evolving Standards
• WebSockets
• Security & Privacy
x Protocols
• GPS & Proximity
x Services
• Bluetooth/RFID/etc
• XMPP
• Nest Labs



The Top Keynotes, the Best Sessions, a Rock Star Faculty and the Most Qualified Delegates of ANY Internet of Things Event!


The future of computing lies in these things. As computing takes a much more active role in our lives it will at the same time become much more invisible. Internet of Things Expo will address the challenges in getting from where we are today to this future.
 
The high-energy event is a must-attend for senior technologists from CEOs on down – including CIOs, CTOs, directors of infrastructure, VPs of technology, IT directors and managers, network and storage managers, network engineers, enterprise architects, and communications and networking specialists.




@ThingsExpo Power Panel | The World's Many IoTs: Which Are the Most Important?
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, panelists discussed what things are the most important, which will have the most profound effect on the world, and what should we expect to see over the next couple of years.
Benefits of Attending the Three-Day Technical Program
  LEARNexactly why Internet of Things is relevant today from an economic, business and technology standpoint.
  HEAR first-hand from industry experts the common issues and requirements for creating a platform for the Internet of Things.
  SEE what new tools and approaches the Internet of Things requires.
  DISCOVER how to drive a distributed approach to the Internet of Things, where applications move to the data.
  FIND OUThow the vast volumes of new data produced by the Internet of Things provides a valuable new source of business insight through advanced analytical techniques.
  MASTER how the ongoing development of smart cities, cars, and houses will enhance connectivity infrastructure.
Lunch Power Panel | Microservices & IoT- Moderated by Jason Bloomberg
In this Power Panel at @DevOpsSummit, moderated by Jason Bloomberg, president of Intellyx, panelists Roberto Medrano, Executive Vice President at Akana; Lori MacVittie, Evangelist for F5 Networks; and Troy Topnik, ActiveState's Technical Product Manager; and Otis Gospodnetic, founder of Sematext; peeled away the buzz and discuss the important architectural principles behind implementing IoT solutions for the enterprise. As remote IoT devices and sensors become increasingly intelligent, they become part of our distributed cloud environment, and we must architect and code accordingly. At the very least, you'll have no problem filling in your buzzword bingo cards.


Security Holes in the Mobile World
That Smart Phone application may be robbing you blind

The speed of communication and connectivity today of the smart phone is unparalleled. Even better and faster than the Internet itself, because your phone is always talking to the network, always available and open to receive and send information without you having to dial a number or open a browser.

However, this phenomenal capability also has a dark side. Convenience has a price. The same smart phone that is always connected and serving you content can also be serving you malicious content or stealing from you for someone else. People are buying and downloading applications to their smart phones by the millions. These applications potentially contain code to enable a hacker entry to your phone, access to your address book, identity information and more, where they can cause damage to your device and data. Much like the malicious tool bar on the Internet, an ordinary application can contain code that can damage your phone and wallet.

But it is not just your wallet. How about your company’s?

As more commercial applications develop a mobile interface, they open a new door to the corporate network for hackers.

Security Holes in Mobile World
For many corporate employees today, mobile phones and PDAs have replaced their PCs.

Enterprise users are now using their mobile devices to perform the same functions that they previously performed on their desktop PC. Only now, these tasks can be done from a much smaller device from virtually anywhere at any time. One of the hidden dangers to which people aren’t paying much attention is rogue code infecting mobile phones. That’s unfortunate because although no major incidents have been reported yet, it’s only a matter a time before some serious event occurs.

Depending on the type of application, a piece of malware could cause a phone to dial foreign numbers, make exorbitant text messages, copy keystrokes (key logger) when owners log into their financial institution or cause some other form of disturbance for the end user. It might flood the network with meaningless messages or render the device inoperable, causing increased help desk costs for the carrier, and your phone to be refused service from the cell network. The same criminals spoofing websites in order to gain access to your personal information have figured out that access to enterprise information is far more rewarding. And while major hacks into corporate sites seem like monthly news, mobile device hacks are lurking in the wings.

This is possible, since smart phones today can browse the Internet and download code from many different places. In fact, many carriers offer "download sites" for their customers to use as a one-stop shop. In addition, vendors such as Handango provide applications for many different operating systems. Also, scammers can advertise rogue code and point browsers to their website to trick users into downloading an application that is not legitimate. Consider a phishing attack, for example, where an unsuspecting user receives an email with a link to "update" his bank account info. He is then directed to a rogue website where code can either be silently downloaded or a he is directed to a link to download a game, widget or some other application that looks legitimate but is really malware.

The fact is that mobile phones are here to stay and have become woven into the fabric of corporate information processing. Where once mobile devices existed simply as a phone, they are now very intelligent data devices and are getting smarter and more robust every day. This is a classic case of balancing convenience against absolute security. Security professionals need to consider what steps and policies they can adopt to ensure that the applications being downloaded by employees are safe and do not wind up causing a material information breach. How Vulnerable Are Smartphones? Is there an answer? The answer today is the digital signature that accompanies the application, whereby the developer digitally “signs” the application and a third party that issues the digital signature vouches for the identity of the individual. This is much like a driver’s license, where you can see an individual’s photo and the fact that the license was issued by the state, which acts as the trusted third party. In this way, signed applications and content can be downloaded and we know who signed it and that it has not been tampered with.

One example of this action in the mobile device world is Symbian, the world's most popular mobile operating system, accounting for 50% of smart phone sales. For creating applications on Symbian’s mobile operating system, authors are required to fax identity information (passport, driver’s license, etc.) to confirm they are who they say they are. They must also include information about their business and pay with a credit card. This process is called vetting and is what the trusted third party does to confirm identity.

Interestingly, other mobile operating systems aren’t quite so thorough. In fact, some only require that authors pay a certificate fee with a credit card, which could, of course, be stolen. There is no vetting or trusted third party. Little can be done to identify the perpetrator in such cases.

Beyond this, some operating system manufacturers like Symbian require that code be tested by a third-party test house before it gets signed by recognized commercial certificate authorities. The test house runs code through a battery of tests before it puts a seal of approval on it. Then it passes it back to the commercial certificate authorities to sign before being returned to the developer.

What are the others doing?

While Symbian has robust process, technology and rigorous testing programs in place to prevent malicious code from being distributed globally and almost instantaneously, the approaches other large mobile operator providers take vary greatly. Here are a few examples.

  • Blackberry
    According to Research in Motion (RIM), it uses “IT policies, application control policies and code signing to contain malware by controlling third-party application access to the BlackBerry device resources and applications. These containment methods are designed to prevent malware that might gain access to the BlackBerry device.” That said, RIM allows developers to sign applications with keys it issues, which means they can sign whatever they choose without further testing from a testing house. RIM does perform some vetting. Developers have to register with RIM via a form and a $20 credit card payment, but no real ID check is done. This means you can theoretically register with a stolen credit card and publish under a false name. But even if a responsible developer signed code, if the laptop with the key was stolen (and the key was not properly protected), the criminal could access the key and sign code in the future under the responsible developer’s identify.
  • iPhone
    To develop and sell applications for the iPhone, you join the Apple Developer program. With $99, an email address and a credit card that works, you can apply and distribute your applications via the Apple store. So with a stolen credit card and an alternative email address, you can theoretically distribute any application you can create without repercussions.
  • Google
    If security for the Blackberry and iPhone environments is lacking somewhat, it is practically nonexistent with Google. You can create your own certificate, sign the application and add it to the app store. There’s no charge. Anyone with a phony email address can theoretically create a rogue app, sign it and submit it. If you wish to publish to the Android market, there is a registration and signup fee of $25, but this has nothing to do with signing the application. For example, recently someone developed a rogue Android Smartphone phishing application that tried to gain access to consumers’ financial information. Called Droid09, it was launched from the Android Marketplace. Although now removed, it’s a frightening example of how susceptible we are to fraud.

How Can We Better Protect Smart Phones?
So how do we better protect smart phones and their users? Here are a few steps:

Step 1: Make Sure Code Is Signed By Trusted Individuals

The first step in protecting mobile devices is to ensure that digital certificates are used to authenticate downloaded code. A digital certificate is an ID that contains information about the person, machine or program to whom the certificate was issued. Certificates provide you with assurance that what you are about to use comes from a reliable source. In short, a certificate enables digital trust.

If you are a developer, certificates enable you to sign your work and to verify that this program and version of code is the code that you wrote (i.e., it has not been tampered with). Mobile phone code developers use certificates today to ensure programs are valid before being downloaded to literally millions of devices globally.

The good news is that certificates are inexpensive and, in fact, most mobile device suppliers require that all code be signed before it is used. Certificates serve as a deterrent to malicious behavior, since we know both who signed the code and when they signed it. And since authors of malware don’t want this information to be known, protection is enhanced.

Step 2: Vetting

As noted, if a company allows workers to download “unsigned” programs from sites, rogue code could infect the device and then possibly the entire network. Digital signatures are a necessary component of the security solution, but aren’t enough. For example, how do you know that authors of code are who they say they are? In fact, the process of verifying the identity of authors varies widely.

Typically, certificates are issued to developers after an identity check. More thorough organizations use recognized commercial certificate authorities that follow OMTP (Open Mobile Terminal Platform) standards (mobile network operator forum focused on standards) for identity validation and to conduct email address, valid credit card and identity card (passport or drivers license) checks. In addition, these organizations may even translate foreign documents.

Step 3: More Vetting

Properly done, vetting is about tying all the disparate loose ends together to eliminate or make extremely unlikely any mischief. But there’s one more step that is often missing. Some OS vendors provide certificates that sign the code directly to developers. In theory, that’s fine. As long as the developer uses and stores the certificate properly, security directors can sleep at night. But what if that certificate is given to another developer? Or stolen? Or misplaced? Then the entire security process has been compromised. The proper way to ensure security is to maintain the signing key in a portal so that developers must upload their signed code each and every time they create new software. In that way, the portal ensures the security of the signing key and the integrity of the code. Only the portal can sign the code with a key that will allow it to run on the phone. And since criminals don’t like to be identified, it greatly reduces the risk of rogue code.

Another advantage of this approach is that bad applications can be rescinded by revoking the certificate for that application. Because each application has a unique certificate, the revocation of the certificate for one application has no effect on the other applications. If a single certificate, such as the developer certificate, is used for multiple applications, this granular revocation capability is lost.

Enterprises, too, can take a role in ensuring authenticity. For example, some OS providers do not require applications to be signed, but provide tools for enterprises to manage devices on their network. An enterprise could implement a policy that all code be signed before executing on the device.

Conclusion
Most of the major providers don’t currently offer the proper level of security to protect smart phone users from unsavory developers. It will probably take a colossal failure or scam to move some of the more lax mobile operators to more rigorous processes and testing. For the safety of millions of businesses, digital certificates plus comprehensive vetting should be undertaken to protect our networks.

Smart phones are not going away and won’t get dumber. By following these few simple and inexpensive steps – using certificates and proper vetting – consumer and business mobile users can be assured of safe application experiences.

About Dean Coclin
Dean Coclin is VP of Business Development at ChosenSecurity, where he is responsible for fostering industry partnerships, technology alliances and promoting the company's products to system integrators, consulting firms and other partners. He can be reached at dcoclin (at) chosensecurity.com.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Presentation Slides
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build thei...
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously...
IoT & Smart Cities Stories
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
All in Mobile is a place where we continually maximize their impact by fostering understanding, empathy, insights, creativity and joy. They believe that a truly useful and desirable mobile app doesn't need the brightest idea or the most advanced technology. A great product begins with understanding people. It's easy to think that customers will love your app, but can you justify it? They make sure your final app is something that users truly want and need. The only way to do this is by ...
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
DXWorldEXPO LLC announced today that Big Data Federation to Exhibit at the 22nd International CloudEXPO, colocated with DevOpsSUMMIT and DXWorldEXPO, November 12-13, 2018 in New York City. Big Data Federation, Inc. develops and applies artificial intelligence to predict financial and economic events that matter. The company uncovers patterns and precise drivers of performance and outcomes with the aid of machine-learning algorithms, big data, and fundamental analysis. Their products are deployed...
Cell networks have the advantage of long-range communications, reaching an estimated 90% of the world. But cell networks such as 2G, 3G and LTE consume lots of power and were designed for connecting people. They are not optimized for low- or battery-powered devices or for IoT applications with infrequently transmitted data. Cell IoT modules that support narrow-band IoT and 4G cell networks will enable cell connectivity, device management, and app enablement for low-power wide-area network IoT. B...
The hierarchical architecture that distributes "compute" within the network specially at the edge can enable new services by harnessing emerging technologies. But Edge-Compute comes at increased cost that needs to be managed and potentially augmented by creative architecture solutions as there will always a catching-up with the capacity demands. Processing power in smartphones has enhanced YoY and there is increasingly spare compute capacity that can be potentially pooled. Uber has successfully ...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...



2016 | 2015 | 2014 | 2013 | 2012
Testimonials
This week I had the pleasure of delivering the opening keynote at Cloud Expo New York. It was amazing to be back in the great city of New York with thousands of cloud enthusiasts eager to learn about the next step on their journey to embracing a cloud-first worldl."
@SteveMar_Msft
 
How does Cloud Expo do it every year? Another INCREDIBLE show - our heads are spinning - so fun and informative."
@SOASoftwareInc
 
Thank you @ThingsExpo for such a great event. All of the people we met over the past three days makes us confident IoT has a bright future."
@Cnnct2me
 
One of the best conferences we have attended in a while. Great job, Cloud Expo team! Keep it going."

@Flexential


Who Should Attend?
Senior Technologists including CIOs, CTOs & Vps of Technology, Chief Systems Engineers, IT Directors and Managers, Network and Storage Managers, Enterprise Architects, Communications and Networking Specialists, Directors of Infrastructure.

Business Executives including CEOs, CMOs, & CIOs , Presidents & SVPs, Directors of Business Development , Directors of IT Operations, Product and Purchasing Managers, IT Managers.

Join Us as a Media Partner - Together We Can Enable the Digital Transformation!
SYS-CON Media has a flourishing Media Partner program in which mutually beneficial promotion and benefits are arranged between our own leading Enterprise IT portals and events and those of our partners.

If you would like to participate, please provide us with details of your website/s and event/s or your organization and please include basic audience demographics as well as relevant metrics such as ave. page views per month.

To get involved, email events@sys-con.com.

@ThingsExpo Blogs
This session will provide an introduction to Cloud driven quality and transformation and highlight the key features that comprise it. A perspective on the cloud transformation lifecycle, transformation levers, and transformation framework will be shared. At Cognizant, we have developed a transformation strategy to enable the migration of business critical workloads to cloud environments. The strategy encompasses a set of transformation levers across the cloud transformation lifecycle to enhance process quality, compliance with organizational policies and implementation of information security ...
CloudEXPO New York 2018, colocated with DevOpsSUMMIT and DXWorldEXPO New York 2018 will be held November 12-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI and Machine Learning to one location.
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
Digital Transformation Blogs
This session will provide an introduction to Cloud driven quality and transformation and highlight the key features that comprise it. A perspective on the cloud transformation lifecycle, transformation levers, and transformation framework will be shared. At Cognizant, we have developed a transformation strategy to enable the migration of business critical workloads to cloud environments. The strategy encompasses a set of transformation levers across the cloud transformation lifecycle to enhance process quality, compliance with organizational policies and implementation of information security ...
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next-gen applications and how to address the challenges of building applications that harness all data t...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app security and encryption-related solutions. She holds a B.S. in Information and Computing Science from th...
CloudEXPO.TV
"Calligo is a cloud service provider with data privacy at the heart of what we do. We are a typical Infrastructure as a Service cloud provider but it's been des...
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the...