IT WEEK: 2015

Office For Mac 2016: First Look

Microsoft is getting ready to launch another version of its productivity suite for Apple's OS, five years after its release of Office for Mac in 2011. The newest version of Office is now available for preview by Mac users.

This is the latest in a series of efforts by Microsoft to broaden its services among competing platforms. An iPad-compatible version of Office launched in 2014, followed by Office for Android tablets and Outlook for iOS and Androidin early 2015.

Beyond the updates to iOS and Android, a slew of Office-related news has been coming from Redmond. Microsoft recently gave Windows Insiders the opportunity to test Office for Windows 10, revamped Office Online, and broadened cloud integration for its line of Office apps. It also teased new details on Office for Windows 10 at this week's Mobile World Congress.

As per CEO Satya Nadella's "mobile first, cloud first" strategy, Office 2016 for Mac is driven by the cloud. It's designed so that documents are accessible across OneDrive, OneDrive for Business and SharePoint across personal and work devices by signing into an Office account.

[Find out what's new for Azure. Read 2 Microsoft Azure Services Hit General Release.]

This preview of Office for Mac 2016 includes upgraded versions of Word, PowerPoint, Excel, Outlook, and OneNote. It's free to test, but when it launches later this year, Office 2016 will require a subscription to Office 365 or purchase of an individual package if users want to do more than read or print Office documents.

Opinions on the 2016 platform note that the current Office for Mac 2011 looks outdated in comparison to a new design that resembles a mix of the older Office and fresh Windows interface. In a blog post on the announcement, Microsoft wrote that the new apps offer full retina display support and thousands of retina-optimized graphics.

The redesigned Ribbon UI now fits with the theme of OS X. It also offers a new task pane interface that organizes features so they can be easily located. The new OS is required for download, which should be welcome news to Apple as it gives users another reason to upgrade to OS X 10.10 Yosemite.

Let's take a closer look at the updated Office for Mac apps and what each has to offer. Check out the features on the following pages, and then tell us what you like most (and last) about Microsoft Office for Mac 2016 in the comments section below.

7 In 10 Businesses Struggle To Sustain PCI Compliance

Maintaining PCI compliance is a bigger challenge that achieving it for many companies, Verizon study finds.

For many companies, maintaining compliance with the requirements of the Payment Card Industry Data Security Standard (PCI DSS) appears to be more challenging than actually achieving it.

A new survey by Verizon on the state of PCI compliance among organizations that handle debit and credit card data shows that more companies than ever are achieving some form of compliance with the requirements of the standard.

Verizon reviewed (registration required) quantitative data from PCI assessments that it conducted over the last two years at customer locations and from data breach investigations it conducted for clients over the same period. The data showed that between 2013 and 2014, compliance rates went up substantially for 11- out of 12 major PCI requirements among companies required to meet the standard. The only area where compliance rates fell during the same period pertained to security testing. About 20 percent of the companies reviewed were fully compliant with all PCI requirements at interim assessment, compared to just over 11 percent in 2013 and barely 7.5 percent in 2012.

Despite such progress, 7 out of 10 companies that achieve PCI compliance fail to maintain that status even for a year. Verizon’s research showed that only 28.6 percent of companies managed to remain compliant for the full year between annual assessments.

A lot of that has to do with the continued failure by companies to implement robust measures for managing and maintaining compliance, once they have achieved it, says Andi Baritchi, global managing principal at Verizon and one of the authors of the report.

It’s common for organizations to conflate validation and compliance, Baritchi says. "Compliance means doing all of the things that PCI says you need to do during the year,” he said. “The assessment is merely a snapshot in time. It validates that Company X is compliant,” based on a specific assessment at a specific point in time.

Companies that suffer data breaches are often quick to note that they had been validated for compliance within the past year. But that doesn’t mean that they were in fact compliant at the time of the breach, Baritchi said. In fact, data from the past 10 years shows, that not a single company that suffered a data breach was compliant with PCI requirements at the time of the incident, he said.

“This leads us to the question: has compliance become too complex, preventing organizations from looking at the 'big picture'?” says Dave Oder, CEO of Shift4 Corp. “Organizations that focus on compliance, and jump through all of PCI¹s hoops, may achieve compliance for a moment in time."

But it is only organizations that are looking to be secure at all times that will find compliance easier to achieve and maintain, he says.

The 84-page Verizon report highlights the multiple factors that impact an organization’s ability to maintain compliance on a sustained basis. From a technical standpoint, the complexity of systems in an IT environment, the architectural design, the physical location of systems and the manner in which they are interconnected, can impact the level of investment and effort needed to maintain compliance, the report noted.

Similarly, an organization’s ability to sustain compliance at an operational level depends on factors like the proficiency of its IT organization and the culture of the organization regarding adherence to policies. The degree to which strategic, business, and data protection objectives are aligned can also impact compliance sustainability in a big way, Verizon said in its report.

“It is not uncommon for executives to make strategic business decisions (like changes to sales channels and mergers) without considering the potential impact on information security and compliance, and how that might affect the business case,” the report said.

The PCI Security Standards Council, which administers the standard, has somewhat controversially insisted for some time that organizations who implement and maintain compliance with all of PCIs requirements will not get breached. It has noted, like Verizon does in its report, how every single company that has suffered a payment card data breach was also not PCI-compliant.

In a statement responding to the Verizon report, the PCI Council’s general manager Stephen Orfei reiterated those sentiments. “Often an organization’s approach to PCI security is to focus on passing the annual compliance assessment,” he said. But this only the start, he noted.

“Only a combination of people, process and technology, and a focus on making security a ‘business-as-usual’ practice will help thwart [security threats],” he said.

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ...

Apple Watch Meets Salesforce Enterprise Apps

Salesforce is among the first enterprise application vendors to offer Apple Watch apps. Here's how watch apps differ from phone apps.

Apple Watch Event: 10 Things We Learned

(Click image for larger view and slideshow.)

When the Apple Watch debuts next month, among the first enterprise application vendors ready with native apps will be Salesforce, which announced this week it will have a Salesforce Analytics Cloud App and a Salesforce1 mobile app developed specifically for the tiny wrist-based interface.

So what can you do from the Apple Watch that wasn't already supported on the iPhone, which has to be nearby to support the apps and give the wrist-based device connectivity to the Internet? The short answer is nothing, but there are things that you might find easier or more polite to consume information from the watch.

"You're going to be able to get things like immediate notifications on simple yes/no decision," Peter Coffee, Salesforce vice president for Strategic Research, told InformationWeek in a phone interview. "If there's a request to offer a discount to a customer, for example, you're not going to need to pull out your phone and constantly look to see if that request has been approved. The watch will flash that notification, you can glance at it, and just continue the conversation without breaking the flow."

[Want more on this topic? Read Apple Watch Event: 10 Things We Learned.]

Apple is clearly a complementary device to the iPhone, but wrist-based interaction might make more sense when you're on the go or in a conversation or a meeting, so can be more discreet about checking on information. In the case of the Salesforce1 app, a salesperson can see an upcoming appointment on the watch, tap on that link and then drill down on how many open service cases that company has, how many open deals it has right now, and what's the projected value of those deals? In the case of the Analytics Cloud App, users will be able to tap on a bar chart or KPI that they follow and quickly drill down deeper data by customer or territory.

"It may seem unlikely to people who are used to needing a master-of-the-universe three-screen display to get anything done, but if you look at how well Apple has engineered the Taptic engine for the watch, I think they'll be pleasantly surprised how much they get done on the watch before they have to go to a device as large as the phone," said Coffee.

Salesforce Analytics Cloud Apple Watch app users will be able to drill down on favorite charts and KPIs.

Individuals will be able to create customized choices of a few questions they want to see on their Apple Watch, and companies will be able to roll out dashboards to all salespeople, for example, surfacing key customer indicators.

"If you're trying to sell a customer something and they have a really big, red bar on service cases, one tap would let quickly drill in to find out how many have been open for more than 30 days, so you can be informed with current data before you go into that conversation," said Coffee.

Saleforce1 Mobile apps for Apple Watch will let salespeople see and drill down on timely insights for upcoming sales calls.

The Salesforce apps were featured in Monday's presentations by Apple in large part because Salesforce was early to jump on the Apple Watch bandwagon. Last June the company launched its Salesforce Wear development platform for wearables devices starting with Google Glass and the Samsung Gear 2 Smartwatch, and it subsequently added support for the Apple Watch, as well as Epson Moverio augmented-reality smart glasses, the Jawbone UP activity-tracking wristband, Meta Glasses augmented-reality 3D smart glasses, the Oculus Rift virtual reality 3D headset, and Vuzix M100 Smart Glasses.

The Salesforce Wear Developer Pack is already available for developing custom native Apple Watch applications. "It's not just being able to build apps quickly for particular devices," said Coffee of the development platform. "We're providing reference applications for all these devices, but if you build them in this environment, you're data is curated in an environment that's proven to be have high-availability, high-scalability, and a high degree of trust and on data-privileges, management, and protection."

The Salesforce Analytics Cloud App for Apple Watch will be available April 24, when the watch is set for release, to those who have licensed the Analytics Cloud. The same free availability and release data applies to those who have licensed the Saleforce1 Mobile app. The Salesforce Wear Developer Pack for Apple Watch is available immediately at no charge to those who have licensed the Salesforce Wear development platform.

Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization’s IT action plan. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.

Apple Watch Alternatives: 10 Gadgets The Company Should Have Made

Yay, the Apple watch is here. Now we can tell what time it is without looking at the phone, which is typically in our hands, six inches from our Apple Watch. If you want to be excited, go for it. Never let it be said that IT Life would tell you how to think (well, we might, but we don't expect you to listen). But for me, the Apple Watch is, at best, a really expensive fitness band and, at worst, a really ugly and expensive watch you have to replace every two years to keep getting the benefit out of it.

If you need to pay hundreds of dollars for a fitness band that also tells you that you've got a text, go for it. But honestly, isn't Apple better than this?

Apple basically made the personal computer. They remade the way we listen to music. They remade the way we access the world through a handheld computer. And now, the best they can do is charge us an arm and a leg for a watch with a screen too tiny to do anything except use fitness apps and get text alerts. This certainly isn't going to change the way we look at time, or watches, or even smartphones. It is a cute accessory with the price tag of a game-changing lifestyle addition.

Apple is the richest company in the world, turning in the biggest profits we've seen in its history. Apple has more than $155 billion in cash reserves. It could invest its cash in a Christmas Club and pay its employees without ever having to sell a single thing ever again.

With great cash comes great responsibility. Where is the big idea? Where is the game changer? When will they tap into the war chest and come up with something actually worthy of their legacy? We've got 10 ideas for them that might be a little more worthy (or at least more interesting) than the Apple Watch.

4 Data-Driven Predictions For IT Innovation

Data from the 2015 InformationWeek Elite 100 companies shows how these digital innovators are using analytics and cloud, and where they could miss the boat.

Each year, InformationWeek releases our list of the Elite 100, a select group of companies that are business-IT innovators. In the process, we survey these top-of-the-class companies on how they address important IT issues such as tech spending, organizational priorities, and strategy.

Our 2015 Elite 100 list of business-IT innovators gets its big reveal at this year's InformationWeek Conference, April 27 - 28, in Las Vegas. But we can disclose now some of the data we've collected from these 100 business-IT leaders about the ways they're approaching hot tech topics such as data analytics, cloud, IT budgets, and digital business.

Here, we share four predictions about IT strategy drawn from the Elite 100. You'll also find information on some of the top-notch speakers who will address these topics at the InformationWeek Conference.

IT will get out of the way of data analytics

Almost half (49%) of these 100 tech leaders let end-users do "what-if" analysis today without IT involvement. Looking ahead, another 39% of companies are piloting or planning to roll out these kind of hands-off analytical tools within a year. That leaves just 12% who don't see this in their future.

That growth for what-if analysis is in contrast to the use of dashboards, which might be leveling off. Usage is high -- half of Elite 100 companies provide dashboards to 50% or more of their employees. But a big minority (29%) have no plans for that widespread level of use inside their company, or consider it not applicable to them.

[ Read about last year's No. 1 InformationWeek Elite 100 company: Pfizer Connects Dots To Deliver Better Treatments. ]

Analytics in general dominates the innovation -- 77% of Elite 100 companies consider using analytics to make better decisions to be among their top three innovation priorities.

At the InformationWeek Conference, ConocoPhillips CIO Mike Pfister and Rich Barclay, Manager of Analytics Innovation, will talk about the company's effort to build a platform for data analytics so that more employees can get involved in analysis. We'll also have data experts from UPS and Kaggle discussing how to get real value out of today's business-world rock star, the data scientist.

Cloud sophistication is rising

"Cloudbursting" is a simple concept that's hard to pull off. The idea is that a company can shift work off its own data centers to a public cloud like Amazon's or Microsoft's if the company gets a spike in computing demand. In the real world, that kind of dynamic shifting has been hard for companies to do.

But we see striking advancement among Elite 100 companies this year. Last year, just 15% of companies could dynamically shift from an in-house data center to public cloud based on demand. This year, 26% said they can do so. Last year, 43% said they had no plans for such dynamic shifting, this year just 31% took it off the table.

(Digging in at the 2014 InformationWeek Conference)

At the InformationWeek Conference, data center executives from Boeing, eBay, and VMware will discuss the future of the data center. Data center performance isn't a behind-the-scenes engine anymore; it determines how quickly companies can launch new products, and their employees can react to changing customer demands.

IT budgets will stay healthy

Two thirds of Elite 100 companies plan to increase IT spending this year, compared with 2014, and 40% expect to increase spending by 5% or more. Only 13% expect to decrease IT spending, and only 5% expect a cut of 5% or more.

One third of companies spend less than 2% of revenue on IT, while 70% spend less than 5%. Eleven percent spend 10% or more.

Some IT organizations will miss the digital wave

The data isn't glaring on this point since, after all, the Elite 100 are companies leading in digital innovation. However, a couple of data points offer a warning sign for IT departments that aren't close enough to their customers and their products.

We asked IT leaders if their groups are integrated or siloed from other business functions, from finance to product development. For every function, the "siloed" answers came in the single digits.

But for sales and product development, slightly more than one fourth checked the "not applicable" box. Granted, a handful of government agencies are on the list, so perhaps they don't see a function as sales. And maybe there are businesses that don't have formal "product development" groups -- perhaps in healthcare? But every IT organization needs to see its job as creating new products, and driving new revenue. Those that stay solely in the IT comfort zone of cutting operating costs and improving processes will become less relevant.

There is promising data on this front, too. Nearly half (46%) of Elite 100 companies say that introducing a new IT-led product or service is among their top three innovation priorities. Engaging customers in new ways gets cited by 43%, while creating a new business model or revenue stream is at 24%. Just 25% says lowering IT or business costs is in their top three priorities.

At the InformationWeek Conference, Walmart CIO Karenann Terrell will discuss how the IT team is undergoing a major modernization and transformation that puts the customer -- the one probably holding a mobile device -- squarely at the center.

One last data point: 52% of companies say their CIO has official responsibility in the area of innovation. If IT-powered innovation is in your job description -- or just on your mind -- we hope you'll join us at the InformationWeek Conference.

Want to discuss technology strategy with your executive peers? Want to explore digital innovation with the CIOs of Walmart, the NBA, Royal Caribbean, Boeing, eBay, and more? Register now for the InformationWeek Conference, April 27 and 29 at the Mandalay Bay in Las Vegas.

Virtual Reality: Still Goofy After All These Years

Reality is free, yet it can often leave you feeling shortchanged. Virtual Reality (VR) is expensive, and may leave you feeling exhilarated, if it hasn't made you motion-sick.

Facebook paid $2 billion last year for Oculus, maker of the Oculus Rift VR headset, because it sees a future in which virtual reality becomes an accepted form of mass entertainment. To judge by the exhibition floor at the 2015 Game Developers Conference (GDC) in San Francisco this week, many companies share that vision. (Full disclosure: GDC is produced by InformationWeek's parent company, UBM Americas.)

It's a vision that goes beyond games, as Oculus CTO John Carmack suggested in his keynote address at GDC on Wednesday. As an example, he cited the fact that his grandmother views panoramic pictures she's taken with her mobile phone through a Gear VR headset.

Businesses are already experimenting with VR. Carmaker Audi plans to make the Audi Virtual Reality Experienceavailable to a limited number of dealerships later this year. The VR car marketing program has been in pilot testing in Brazil for more than a year.

In January, Oculus announced the formation of Story Studio, an in-house group focused on the production of virtual reality movies.

To understand the commercial appeal of VR, consider what it lacks: Distractions. When you're participating in virtual reality, you're all in. You're as engaged as you can be, and engagement matters to artists and advertisers alike. An audience that doesn't pay attention doesn't pay off.

This may explain, in part, why interest in VR among technology companies has surged recently. It's also about how smartphones can work with VR headsets to make VR more affordable. And it's about incremental improvements in a variety of motion and graphics technologies that make VR systems more practical to implement.

[ VR was a hit at Mobile World Congress 2015. Read VR, Smartwatches, Wearables: 8 Cool Gadgets From MWCl. ]

Here's a quick recap of recent VR news:

Sony's VR headset, Project Morpheus, which debuted at last year's GDC 2014, is now slated to ship in 2016.
Microsoft HoloLens goggles were unveiled in January.
Samsung and Oculus have announced a new version of Samsung's Gear VR goggles designed to accommodate its new Galaxy S6 smartphone.
Razer is developing the OSVR headset. Google offers Cardboard, cardboard goggles that rely on a smartphone display to present stereoscopic images.
HTC and Valve are working on a VR headset called Vive.
A handful of other companies, including Fove, GameFace Labs, Magic Leap, Sulon Technologie, Vrvana, and Zeiss are developing similar technology.

VR has been a long time coming. Back in the 1990s, VRML -- virtual reality modelling language -- was all the rage. The focus then was on making 3D graphics interactive and browser-friendly. Everquest, Second Life, World of Warcraft, and various other virtual worlds showed that 3D graphics could be captivating and sometimes profitable. Now, Second Life founder Philip Rosedale is back with High Fidelity, flush with venture funding, to make a 3D ecosystem fitted to VR headsets.

We can speculate whether or not there's a VR bubble that's about to pop. But what fun is that? What we do know is that the technology will evolve and become more commonplace as companies figure out how to reach beyond hardcore gamers. Eventually, Magic Leap or some company like it will figure out how to make VR work without having to strap a bulky device to your face. Until then, enjoy the fantastical fakery before your eyes, and try not to think about the way you really look.

Who Should Sell Your Data? You Should!

Internet users of America, it's time to rethink our relationship with the companies that pimp us out for ad dollars.

15 Hot Skill Sets For IT Pros In 2015

(Click image for larger view and slideshow.)

It's time to create an online marketplace that lets Internet users sell their data directly to companies that want it.

We all know our online activity is valuable. Google and Facebook, among others, make a fortune by trading services such as search or social networking in exchange for knowledge of our online activity, which they gather and resell to advertisers.

Now AT&T is getting in on the act, charging Gigapower customers as much as $66 a month to opt out of having their Web activity tracked and sold.

It's clear there’s a market for user data -- for our data. And where there's a market, there's opportunity. Instead of being pimped out by broadband providers, search engines, and social networks, it's time to start pimping out ourselves -- and getting a cut of that cold, hard cash.

I propose the creation of an online marketplace that allows us to sell the rights to our Web activity to the highest bidders.

I’m not sure of the technical specifications for how to pull this off. Maybe some kind of super-cookie that sits on my devices and hoovers up everything I do. This super-cookie could then link to an online market or markets where buyers bid for the data.

This super-cookie would have to be encrypted so that only authorized sources could get access to the data, and we'd need a mechanism to stop other cookies from collecting what we do online.

As for the marketplace, the seller could set preferences for how much or how little he or she is willing to share based on monetary return.

For instance, buyers may pay a base price for information such as age, annual income, and searches related to jogging. But if users included a feed from an activity tracker, they could charge a premium for buyers that want additional data.

Sellers could also link in other data sources, such as location data from smartphones or smartwatches, mobile payment information, and other feeds.

And every time our data is purchased, we get a cut.

Companies like Facebook, Google, and now AT&T act like they're doing us a favor by giving us a free or discounted service in exchange for our data. But if our online activity generates billions in profits for these companies, shouldn’t they be paying us?

Clearly there are technical barriers to such a system, but those barriers can be surmounted.

More important is that the time has come to upend the current economic relationship between consumers and Internet services.

[Read about hot cities for IT pros.]

There's a lucrative market for our data. If we're going to get sold anyway, why shouldn't we get a piece of the action?

Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization's IT action plan. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.

Salesforce Service Cloud Intelligence: Leader Or Laggard?

Salesforce Intelligence Engine promises to route service calls to the right agents, balance case workloads, and ease service across channels. On some counts, Oracle has it beat.

7 Emerging Technologies IT Should Study Now

(Click image for larger view and slideshow.)

Salesforce on Monday announced the Service Cloud Intelligence Engine, with new capabilities that the company says will support skills-based routing of service cases, automatic balancing of case workloads, and the ability to transfer a service case from one channel to another (like from Twitter to chat or phone) without forcing customers to explain their problem over and over again.

If much of that functionality sounds familiar, it should, since some of these capabilities have been around for years. Nonetheless, Salesforce insists that it's innovating -- or at least will be innovating -- when the Service Cloud Intelligence Engine becomes generally available sometime in the second half of 2015. Here's a closer look at what it's describing as original.

The ability to route service cases to specific agents based on their knowledge of particular service issues is known as skills-based routing. Unified communications and workforce-management vendors like Genesys, Avaya, and Cisco have supported skills-based routing for many years. Where Salesforce says its "layer of intelligence" will differ is in being tied into the CRM system and all channels of interaction, whether they are email, social, mobile, chat, or phone.

[Want more on this topic? Read Oracle Service Cloud Upgraded, Explained.]

"Salesforce is also an integration platform, so we're seeing a lot of customers integrating with the back-office applications," said Michael Ramsey, vice president of Service Cloud product management, in a phone interview with InformationWeek. "We're taking any business event, whether that's part of a [service] case record, a qualified lead or opportunity [in CRM], or a custom, non-Salesforce-native process exposed through back-office integration, and we're routing that where it needs to go."

So the routing capability goes beyond just service issues, and it can be tied to alerts, rules, SLAs, and other conditions. That goes beyond what a workforce-management system for contact centers can do, but it sounds like an evolution of workflow capabilities that Salesforce introduced in 2010.

In another area where Salesforce says its intelligence layer will be state of the art, Ramsey says it will base its determinations of the "right" person to route things to on the array of live data in the Salesforce platform, not just on static profiles or LinkedIn recommendations.

This screen shot of Salesforce Service Cloud Intelligence shows a service case handed off from Twitter to email to support a detailed response.

"We know who resolved particular types of issues, we know whether they did it within a defined service-level-agreement, and we know who authored the knowledge article that was used to close the case," said Ramsey. "Obviously the concept of skills-based routing has been around for decades, but we're deriving our knowledge of the work that people can handle from the Salesforce platform rather than manually updated profiles."

Oracle announced in January that the latest release of its Oracle Customer Experience Service cloud is also tied into CRM. Claiming it delivers today what Salesforce is now promising, Oracle says it can tap data within its CX Cloud to power smart routing of service cases. Acknowledging that many companies don't want to throw out workforce management systems they've spent years tuning, Oracle also offers a pass-through mode that enables CRM data to be used for skills-based routing in third-party workforce management systems (something Ramsey said Salesforce can also do).

As for that ability to pass service cases from one channel to the next without forcing customers to explain their situation over and over again, that too is a known problem, but few companies seem to have overcome it.

"How many times have you had to repeat who you are over and over again because your call was pushed to a separate agent, even though you already explained your problem to the first agent you talked to?" Sarah Patterson, VP of marketing, Service Cloud, told InformationWeek. "[Sales Cloud Intelligence] looks at what is already happening on your case, so we can preserve that context across channels. We'll also be able to route to the best channel for handling the interaction."

Twitter, for example, only handles 140 characters, while email is asynchronous and not ideal for rapid interaction and problem resolution. Salesforce says the agents who start working on a case in email or Twitter will be able to move it to chat or phone without handing off to a new agent.

Salesforce executives said the Intelligence Engine will be standard functionality exposed in Service Cloud Enterprise Edition and above. It's not clear whether the upgrades will be available as early as July or will have to wait until later in the year, but count on more CRM vendors' competitors matching these claims.

Samsung Galaxy S6, S6 Edge Preorders Hit 20 Million, Reports Claim

In South Korea, reports claim that Samsung has already taken 20 million preorders for its new Galaxy S6 and S6 Edge smartphones.

Samsung, BlackBerry, Microsoft: 10 Killer Business Devices At MWC

(Click image for larger view and slideshow.)

Samsung plans to launch the Galaxy S6 and S6 Edgesmartphones globally on April 10.

In order to assure availability for their customers, wireless network operators around the world are placing huge orders for the two devices, according to published reports coming from South Korea. The fervent channel-filling activity suggests consumers may be interested in the Galaxy S6 and S6 Edge, too.

"Samsung received some 20 million pre-orders for the S6 and S6 Edge," said a top executive at a leading mobile network operator in Europe to The Korea Times. Samsung has taken orders for "15 million of [the] S6 and 5 million [of the] S6 Edge from mobile carriers worldwide. This is a record," claimed the unnamed exec. The source said his own employer had a favorable opinion of the device following its debut at Mobile World Congress in Barcelona on March 1.

These are not orders placed by individuals. Rather, they are orders placed by the companies that will eventually sell the devices to people at wireless retail stores. The large number of orders won't necessarily reflect sales to end consumers, but it is a helpful gauge of the impact the device may have. Unfortunately, similar preorder numbers for the Galaxy S5 or S4, which might be used for comparison, aren't available.

Apple typically places massive orders for its devices ahead of launch. Consider the iPhone 6 and 6 Plus, which racked up consumer pre-orders of 4 million in the first 24 hours and actually sold 10 million over the first weekend. In order to meet those numbers, Apple itself ordered in excess of 20 million devices from suppliers.

[Read about the coolest gadgets from MWC 2015.]

In the US, Verizon Wireless is the only company that has said when it will start taking orders for the Galaxy S6 and S6 Edge. Verizon is opening the virtual door on April 1, but did not say when orders for the two smartphones might ship. AT&T, Sprint, T-Mobile, and other carriers have so far remained silent about when to expect the devices. Moreover, there's no word at all on US pricing. Retailers in Europe have priced the S6 and S6 Edge at 700 and 850 euros, respectively, which amounts to about $760 and $925. Samsung's Galaxy S4 and S5 had full retail prices in the US of $649. Wireless network operators will sell the S6/S6 Edge with and without contracts, as well as through monthly payment plans.

The Galaxy S6 and S6 Edge trade in plastic materials for metal and glass. They sport 5.1-inch 2K screens, Exynos processors, 16-megapixel cameras with optical image stabilization, 3 GB of RAM, and 32, 64, or 128 GB of internal storage. The phones don't have removable batteries or expandable memory, but support QuickCharge technology and multiple wireless charging standards.

The smartphones will run Android 5.0 Lollipop out of the box with Samsung's TouchWiz user interface.

Docker Adds SDN Capabilities Via SocketPlane

Docker acquired startup SocketPlane to enhance the networking capabilities of its containers.

7 Linux Facts That Will Surprise You

(Click image for larger view and slideshow.)

Docker has acquired startup SocketPlane, which is developing technology to bring software-defined networking to Docker containers.

"We had a simple, first-generation network stack," said Scott Johnston, senior vice president of product at Docker, in an interview with InformationWeek. This was sufficient for developers running a few containers on a laptop or in a test environment.

But as Docker’s popularity has grown, applications can run on hundreds or thousands of containers across multiple hosts in a data center.

"We need the open source network DNA inside the company to guide the community to a next-generation API to address the scaling challenges and ephemeral nature of containers," said Johnston.

SocketPlane sets up network overlays to create a virtual network by using Open vSwitch to build VXLAN tunnels to connect Docker containers. Each container gets an IP address that stays with the container regardless of where it migrates.

[ Learn more about containers. Read Containers Explained: 9 Essentials You Need To Know. ]

According to Johnston, each physical host will have a container that runs Open vSwitch and will serve as a distributed controller for the virtual network.

Johnston noted that SocketPlane won't be the exclusive mechanism for linking Docker containers. Networking companies such as Cisco and VMware, and other open source projects such as Weave, can use an API developed by SocketPlane to link in their own networking stacks.

"We're not buying SocketPlane to compete with others in the community," said Johnston. "We want the expertise to guide the community in the development of this open networking API."

(Image: Stux via Pixabay)

We asked Johnston why the company didn't go with a project such as Neutron, which provides an API for networking in OpenStack. He said the scale and dynamic nature of containers and microservices creates new networking challenges. The design point for OpenStack is a virtual machine. Applications running on VMs may only need tens or a few hundred VMs to interconnect.

"In the world of containers, we see hundreds or thousands of containers making up an application," said Johnston. "When you stand up a VM, you stand it up for weeks or months. Containers may live for a minute, or move to a new host. The ephemeral nature of containers in a distributed app [is] different."

For more information on SocketPlane, Ryan Waller's blog Au Courant Technology has a detailed post on setting up a simple SocketPlane network connection.

SocketPlane will appear on a live panel at Interop Las Vegas, David Vs. Goliath: New Startups Driving Innovation, hosted by Alex Benik, a partner at Battery Ventures.

Johnston declined to provide financial details of the deal, but did say that the company will bring all of SocketPlane's six-person team on board. SocketPlane was founded in October 2014 and is backed by LightSpeed Ventures.

DroppedIn Vuln Links Victims' Androids To Attackers' DropBoxes

DropBox released a patch quick, but unpatched vulnerable Android apps that use the DropBox SDK may let attackers open up a two-way highway between victim Droids and their own Boxes.

Researchers at IBM X-Force have discovered a vulnerability in the DropBox software development kit (SDK) for Android that allows attackers to connect a victim's Android apps to an attacker's own DropBox account. The "DroppedIn" vulnerability affects any Android app developed with the DropBox SDK versions 1.5.4 through 1.6.1.

The flaw is in the implementation of the authentication mechanism used to give the app access to DropBox. It's supposed to work like this: while the user is providing their username-password combo to log in, the SDK is generating a large random number (a cryptographic nonce) to authenticate the device to DropBox. The trouble is, the proof-of-concept exploit the researchers have created "lets attackers insert an arbitrary access token into the SDK, completely bypassing the nonce protection," as they explain.

A victim could either be tricked into downloading a malicious app or infected via drive-by download. Either way, once the device is infected, the attacker has an open path from the victim's Droid to the attacker's DropBox -- through which the attacker could steal sensitive personal data and files from the device. This access would also go in the opposite direction -- the attacker could push out their own DropBox files, including malware.

To clarify, this exploit would not be a problem for the DropBox documents a user adds from their desktop machine, just files and data residing on their Android device.

Fortunately, DropBox has already released a patch -- just four days after they learned of the vulnerability. Plus, if the DropBox app is installed on the user's Android device, then the SDK vulnerability cannot be exploited anyway.

The trouble, of course, is that average users who don't use the DropBox app might assume they're not vulnerable. According to IBM X-Force, 1.4 percent of the top 500 Android apps use the DropBox SDK, including Microsoft Office Mobile and Agile Bits 1Password.

Mobile malware is a growing problem, especially for Android. In a separate report released this week, Veracode found that the average global enterprise has approximately 2,400 unsafe applications in its mobile environment.

Of the unsafe apps Veracode studied, 85 percent expose sensitive device data, 35 percent obtain or share personal information about the user, and 37 perform suspicious security actions, such as "checking to see if the device is rooted or jailbroken, allowing applications to perform superuser actions such as recording conversations, disabling anti-malware, replacing firmware or viewing cached credentials such as banking passwords."

“On average, 3 percent of apps on employee devices are malicious," says Veracode vice-president of mobile Theodora Titonis. She is a bit surprised to find that 35 percent of apps were sharing personal information of the user. “That number is increasing.”