• Developing & Implementing New Technology • Data Security • Program Management

    Developing & Implementing New Technology • Data Security • Program Management

  • Cybersecurity


Data Security, Digital Health, Electronic Payments, and More

42TEK, Inc. is a California S Corporation providing business and technology consulting to help organizations conceive, develop, implement, and maintain secure technologies in healthcare, payment processing systems, critical infrastructure, and environmental systems. Program management, project management, and compliance experience at Apple, Google, PayPal, Yahoo!, First Data, and Kaiser Permanente, as well as startups.

Data Security
Data Security

Certified Information Systems Security Professional (CISSP). Experience at First Data, Apple, Yahoo!, Kaiser Permanente, and others protecting credit card data under the Payment Card Industry Data Security Standard (PCI DSS) and personally identifiable information under the Health Insurance Portability and Accountability Act (HIPAA) and other laws and standards. Researching cybersecurity for network-connected devices ("Internet of Things" / Remote Patient Monitoring / Environmental Sensors).

Digital Health
Digital Health

Using clinical and engineering experience to help securely architect and implement technologies for mobile health, remote monitoring, and healthcare payments. Helping clinicians and technologists understand each other. Respiratory therapy experience in Intensive Care Units. Healthcare financial systems at Kaiser Permanente. Telemedicine at AppMedicine, Inc. Organizer, moderator, or presenter at more than 20 conferences and seminars on digital health, data security, and payments topics.

Electronic Payments
Electronic Payments

Over 20 years of experience in the payments industry at Apple, Google, PayPal, Kaiser Permanente, ViVOtech, Yahoo!, and BBPOS, ranging from transaction processing to card issuing, merchant card acceptance, POS equipment deployment and service, and PCI DSS compliance. Special experience in contactless (NFC) and healthcare payments.

Snyder Update: Blockchain / Internet of Things / Health 2.0

Please take a look to see whether any of these items are of interest. Especially the upcoming meetings with discount codes.

You probably know of my interest in data security and digital health. Over the last year, I’ve also been working on ways to use blockchain technology in these areas and am available for consulting and presentations.

– Check out my earlier blog posting about data provenance, data quality, and data security for Internet-connected devices at https://42tek.com/2017/07/23/iot-data-provenance-quality-and-security/

– Last year, I conceived and produced a half-day Blockchain Symposium in Redwood City, CA. (http://events.42tek.com – the site includes a number of references) Since then, I’ve either moderated or presented at several other blockchain events. See https://42tek.com/meetingsreferences-html/

– September 19, 2017, I presented Blockchain and the Internet of Things at the 38th IEEE Sarnoff Symposium at the New Jersey Institute of Technology in Newark, NJ. See https://ewh.ieee.org/conf/sarnoff/2017/. For a version of the slides, please request via the Contact Form on this web site.

–  October 1-4, 2017, I’ll be working at the Health 2.0 11th Annual Fall Conference in Santa Clara, CA. See https://fall2017.health2con.com. Email me at david@42tek.com if you want to connect there.

–  November 28-30, 2017, I’ll be attending the Blockchain Expo / IoT Expo / AI Expo in Santa Clara, CA. See https://blockchain-expo.com/northamerica/. Register with promo code 42TEK20 for a 20% discount. Free Expo Pass also available. (details below) Email me at david@42tek.com if you want to connect there.

If we are not already connected on LinkedIn, please see http://www.linkedin.com/in/dmsnyder and send an invitation to connect.


Blockchain Expo North America 2017 (co-located with IoT Tech Expo and AI Expo)

Santa Clara Convention Center 

November 28-30, 2017

See https://blockchain-expo.com/northamerica/

The world’s largest Blockchain conference and exhibition

Blockchain Expo will be arriving in the Santa Clara Convention Center on November 28-30 2017, bringing together 2000 people across key industries for three days of world-class content from leading brands embracing and developing cutting edge blockchain technologies.

Co-located with IoT Tech Expo and AI Expo which attract in excess of 7000 attendees, Blockchain Expo will showcase the latest developments in the Blockchain arena, in both emerging and more established markets.

The Blockchain for Industry conference track will look at a variety of platforms and services from startups to cloud providers, including developer networks, applications and APIs as well as the impact on legal, finance and government sectors with smart contracts.

Blockchain Technologies & Development will focus on the evolution of blockchain and its applications. The conference will explore the many launches and trials being conducted, the different uses of blockchain technology in these verticals, and the vast opportunities in these sectors.

>> 20% discount code valid for use with the Blockchain Expo, IoT Tech Expo and AI Expo: 42TEK20


IoT Data Provenance, Quality, and Security

I’ve long been concerned with the quality of data generated by field sampling and remote monitoring programs. First in environmental investigations — then in healthcare.

Internet-connected devices need to be designed to ensure that the data they provide is sufficiently reliable for its intended use, such as big data analytics.

“Gartner, Inc. forecasts that 6.4 billion connected things will be in use worldwide in 2016, up 30 percent from 2015, and will reach 20.8 billion by 2020. In 2016, 5.5 million new things will get connected every day.” (http://www.gartner.com/newsroom/id/3165317).

Many of these “Internet of Things” (IoT) devices contain sensors that will collectively generate petabytes of data and there has been much discussion of so-called “Big Data” analytics for managing and making sense of this data. Most of these big data discussions seem to assume that the data is good. The phrase “garbage in/garbage out” is fairly well known, but there does not seem to be much discussion of its importance for data analytics. Decisions based on poor data may yield the wrong results.

Key considerations to make sure that good data is used include the provenance of the data and its quality. That is, reliable knowledge about the source of the data (provenance) and an appropriate level of certainty about the timeliness and correctness of the data (quality). In this context, “correctness” means that the data is sufficiently accurate, precise, and specific. Correctness also means that the data is appropriate for its intended use.

Data users depend on an appropriate level of security for the data. This includes data at rest (in storage), data in motion (being transmitted), and data in use (being analyzed). Security is not just about confidentiality, but includes integrity (not corrupted or deleted), availability (able to be accessed when desired), and non-repudiation (once established, cannot be revoked or denied). Remote patient monitoring devices and environmental sensors are examples where high assurance regarding provenance, quality, and security can be important.

Until recently, more attention has been given to confidentiality than to integrity and availability. Thousands of articles have been written about preventing hackers from stealing information. Additionally, consciousness about security for Internet-connected devices has been raised due to the role of Internet-connected devices in recent Distributed Denial of Service (DDoS) attacks on web sites and Domain Names Services (DNS). While these are important issues to address, going forward, industry and government need to pay more attention to also ensuring these Internet-connected devices are producing high quality data and that the source of the data is adequately identified, so that consumers of such data can have confidence in what they are receiving.

Besides Internet-connected devices collecting and reporting data, other connected devices are used for executing actions, such as opening and closing valves. Some of these devices operate autonomously or semi-autonomously using data delivered via local, wide-area, or cloud networks to trigger actions. For example, local or remote sensors that trigger controls to shut down an overheating machine or shut it down when other conditions make it necessary.

Similar to remote data sensing devices, remotely-triggered devices need to have confidence regarding data provenance, quality, and security. In other words, confidence that information or commands are coming from an authorized and trusted source, that the information is correct, and that the system has not been compromised.

During the design, development, and implementation of IoT devices and associated structures, a systematic approach is needed to ensure that data provenance, quality, and security are adequately addressed. It is not sufficient to conduct security reviews after products have already been developed. Strategies and tactics are needed to (i) establish appropriate levels for provenance, quality, and security, (ii) ensure they are implemented and maintained, and then (iii) monitor compliance. Ideally, these will be expressed in a set of best practices for the design, manufacture, and implementation of Internet-connected devices.

Additional notes:

Blockchain technology, which is the underlying technology supporting Bitcoin and other cryptocurrencies, is starting to be used to address the issues of Provenance. Distributed ledgers built with blockchain technology provide a trusted, immutable, time-stamped record of transactions or assets.

Here are just a few examples:

  • “Chronicled leverages blockchain and smart labels to create an open system of authenticity, ownership, provenance & connectivity for assets” and “We sign sensor data and log to blockchain to secure data provenance.” See http://chronicled.com
  • “Health Linkages is the Data Provenance Company. We use blockchain and big data technologies to enable healthcare institutions to trust, protect, and share their data.” See http://healthlinkages.com
  • “Maureen Downey and Everledger have joined forces to launch the Chai Wine Vault, an unprecedented solution for securing the authenticity and provenance of fine wine. See https://www.winefraud.com/chai-wine-vault/. Also, “Everledger provides an immutable ledger for diamond ownership and related transaction history verification for insurance companies, owners, claimants, and law enforcement agencies. It was founded on April 10, 2015, and is based in London, United Kingdom.” See https://www.everledger.io
  • “Catenis Enterprise thwarts hacking attacks by always ensuring that every single communication sent to and from all devices uses cryptographic signature verification. This ensures that devices only accept commands and signals that are verified by military grade cryptography. Creating peace of mind for your security team and your company.” See http://blockchainofthings.com/downloads/CatenisDataSheet.pdf
  • “The blockchain is becoming the new standard for trust and verification of data. Tierion turns the blockchain into a global platform for verifying any data, file, or process. Use Tierion’s API and tools to anchor a permanent, timestamped proof of your data in the blockchain.” See https://tierion.com

* * *

See https://42tek.com/meetingsreferences-html/ , http://events.42tek.com/about-blockchain/ , and http://events.42tek.com/presentations/ for links to articles and presentations regarding blockchain technology.

Contact david@42tek.com to participate in discussions of best practices for IoT data provenance, quality, and security.

Blockchain & the Internet of Things

On July 13, 2017, I gave a presentation at the evening meeting of the Professional and Technical Consultants Association (PATCA) in Sunnyvale, California.  PATCA is Silicon Valley’s longest operating non-profit professional association dedicated to serving independent consultants and the client companies that use them. See https://patca.org/meetup/patca-evening-networking-discussion-meeting-30/.

The presentation explained how Blockchain technology works and how it is being adopted for a variety of IoT use cases. For example, distributed ledgers containing time-stamped, immutable records of device configurations and data generated by IoT devices. Also, enabling devices to interact and transact at the “edge” of the network, instead of in the “cloud.”


Blockchain Event – June 2016

In June 2016, we produced an event with a stellar list of speakers and panelists on BLOCKCHAIN – IT’S NOT JUST ABOUT BITCOIN AND FINANCE: Opportunities for the Internet of Things, Healthcare, and More.  

We brought together technologists and business people to exchange ideas on what can be done with blockchain distributed ledger technology and when it is appropriate to use it.

See the list of speakers and links to the presentations and quite a few relevant articles at http://events.42tek.com.

For more information, contact info@42tek.com.