Shanghai International Port Group is getting its New Information Management Platform with the help of Huawei and Accenture. This comes through the existing Huawei-Accenture Strategic Agreement. Under this agreement, Huawei will provide its hardware and software expertise and services. That will include Huawei’s hyper-converged infrastructure (HCI) FusionCube, OpenStack-based cloud operating system FusionSphere, integration server, software-defined storage, and network hardware. This is probably the latest cooperative achievement in the port information field. On the other hand, Accenture will help Shanghai International Port (Group) Co., Ltd (SIPG) to establish a comprehensive information management platform that will run on Huawei’s FusionCloud solution. SIPG is a huge business empire involving in port operations and similar businesses like port handling, stevedoring services, warehousing, logistics, and real estate development services. The group aims to become one of the global top-tier providers in this industry. To achieve this, SIPG is addressing several challenges in various spectra.
These challenges include capital scarcity, the streamlining of its management structure, ensuring service quality and controlling operating costs. The overall design information management system will be a new landmark for SIPG. In addition to above, Huawei and Accenture are also working together on the implementation of SIPG’s engineering system, human resources system, and master data management system. Not only that, they are also providing a private cloud platform. As a matter of fact, their business intelligence (BI) system implementation and optimization is also the part of this project.
New Information Management Platform
The deployment of new information management platform is one of their most challenging projects. Matt Ma, Huawei’s President of IT Cloud Computing & Big Data Platform Product Line, says, “Cloud has accelerated the digital journey for the majority of enterprises, and the integration of Huawei’s FusionCloud with OpenStack ensures the openness of the cloud platform. This will enable SIPG to establish and manage the private cloud, public cloud, and hybrid cloud, resulting in the provision of more innovative and valuable services to their customers.”
Woolf Huang, Managing Director of Accenture’s Products operating group in Greater China says, “I am pleased that SIPG has chosen Accenture to help design and implement a customized private cloud solution with highly industrialized applications to help refine its port operation and improve efficiencies. It is critical that we have the right technology and skills in place to make this project a success, and together with Huawei we are confident that we will be able to help SIPG make its digital transformation journey a success.”
In fact, the development of information management platform comes from one of the best combinations of Huawei’s industry-leading software and hardware portfolio and Accenture’s expertise in consulting, systems integration, and outsourcing.
This post is in continuation to my previous post. Any best performing CRM App may come to an end. Obviously, there are reasons to it. In fact, you start getting enough signals from various stakeholders like customers, sales, finance, or business. These signals will highlight what the existing app is missing to provide which is very much possible otherwise. Worse are the times when a key business app becomes a shadow app in the organization because of such reasons. And then there evolve all kind of support mechanisms like spreadsheets or manual processes to keep living with such apps forcefully but eventually losing grounds in terms of effectiveness, productivity, and usability. It is always better to wake in time and take appropriate actions than impacting business in terms of reputation and revenue. Let us discuss below the key factors that declare an app redundant thus seeking quick action.
- Every execution needs resources. It is important to assess if the time you spend in pumping in the inflow of data is worth getting the outputs. The time is crucial in business. Getting information in time and taking timely actions is critical. Automation and capturing the data at its point of origin are two important factors in that aspect.
- Priorities keep changing with the changing scenarios of the business. Any change in leadership brings a new philosophy. Sometimes, it is for the betterment of the organization. While in other cases, it is to demonstrate authority which might be harmful.
- Change in other business apps like ERP might cause integration issues with the existing CRM App. But it is important to attain because the business can’t survive without it.
- Expansion in business might create a need for a new and powerful CRM app which the existing one is not able to cater to.
Continuous assessment of existing CRM app is important
- Legacy experts of the existing app might leave the organization thus leaving the whole mechanism in the doldrums. Especially in those cases where you don’t find these experts in the market because of older technology.
Any CRM system must be able to create a substantial value addition in the business. It should have a good data quality, effective integration, and an ease of usage in the organization. Mobility is another factor that is quite important these days. Employees want to be productive on the move. And that is only possible if your business apps provide that provision. Nobody wants now to wait to reach the desk to perform an action on a desktop machine. You need to equip your employees with mobile devices and access to apps to clear off the pendencies as and when they appear. Of course, security is another angle that is quite significant to look into. Any business app like CRM can go redundant with the time. Technology is changing quite fast. You need to frequently assess business apps to ascertain if you need to scrap or refresh.
Scrapping a CRM system will mean that you throw out the existing one and create or implement a new one in place of that. Refresh means you need to create some new features in the existing app to make it more productive and juicy. Because we all know that no applications are immortal. Every app, in fact, has a shelf life. The value of the app deteriorates with the time and changing technologies. The same is the case with any CRM system. When you deploy it first, it is one among the best available in the market. But with the changing ecosystem, the whole gamut starts changing. Change in time brings new blood in the environment. Stakeholders keep raising new demands regarding automation and mobility that you need to take care of. And if you don’t take care of it sooner, it will start impacting your business.
CRM System goes obsolete with time
I will continue the same discussion in my next post by taking up the crucial points that create the need of revamping your existing CRM system or, for that sake, any business application.
I recently had the opportunity to sit-down with DH2i’s Director of Business Development, Connor Cox to discuss prevailing trends in the industry around what continues to be a very hot topic – digital business transformation.
There is a lot of talk in the industry about digital business transformation. What trends are you seeing, what are you hearing from customers?
CC: The most significant trend we’ve witnessed in the industry and also had our customer-base attest to is growing management complexity. This is a result of the rapid growth in technology solutions available—and the inevitable heterogeneity of modern IT environments.
Today in our experience, most mid-level to enterprise-sized organizations’ IT environments consist of a huge mix of different OS and application versions. Many of our customers we work with are simultaneously maintaining Windows and Linux installations due to various business and application requirements.
What challenges are customers facing in transforming?
CC: The giant conglomerate of technologies any given organization has under management in their IT environment makes any sort of transformation a complex and labor-intensive process. This means customers are forced to commit huge amounts of time and resources to large migration projects for any sort of modernization or transformation they want to take place.
Customers are also frequently faced with artificial limitations on clustering like OS and application versioning-standardization requirements. Working through these barriers often results in sprawling, inefficient environments in which customers aren’t able to get efficient utilization out of available IT infrastructure.
So, what’s the answer?
CC: The answer here is pretty simple. New Smart Availability technology allows you to bring your disparate technologies into one, unified management framework for Windows and Linux instances or containers. The technology leverages standalone workloads for the most simplistic and flexible management experience. Built-in intelligent automation ensures that all these managed workloads remain compliant with SLAs and business requirements. So not only does this technology simplify overall management and modernization, it also proactively ensures peak performance for your workloads under management.
Can you explain the difference between high availability (HA) and smart availability? And, why should customers care?
CC: Smart Availability is a much more comprehensive solution than traditional high availability. Not only does it fulfill a larger scope of purposes, but it is totally geared towards holistic optimization of your IT environment. It destroys the paradigm that all high availability solutions are complex to manage, extremely expensive and only good for dealing with unplanned outages.
IT pros need to care about Smart Availability because it provides the means for organizations to achieve nearest-to-zero total downtime—planned and unplanned. The technology is “smart” because built-in, intelligent automation keeps Windows and Linux environments running at peak performance and efficiency through a proactive focus on maintaining best execution venues for all native and containerized workloads.
Smart Availability is so valuable to customers because it intelligently allocates instances and containers across any mix of physical, virtual and cloud hosts in an IT environment to make sure all SLAs and business requirements are met. It also provides unparalleled clustering flexibility by leveraging standalone instances and containers—culminating in easy workload portability from any host, to any host, anywhere, at any time. This high degree of agility and unified management pane for Windows and Linux makes IT modernization extremely easy and unlocks all sorts of other benefits such as cost savings and consolidation.
You just launched DxEnterprise version 17 software. It has been a solution embraced by Microsoft SQL Server and Oracle environments, and now you have added Docker container support. Can you tell us about the new solution and what you describe as “stateful containers?”
CC: Absolutely, we’re very excited about DxEnterprise v17 software and the huge innovations it is bringing to our product capabilities—support for Docker and Linux OS. This product is a multi-platform Smart Availability solution for Windows, Linux, and Docker that helps customers drastically simplify HA while saving money and consolidating their environments.
Stateful containers are any containers that contain an application instance that requires stored data to do its job. Typically state is stored in a database, cache, file, etc. In the scope of DxEnterprise v17, our greatest focus is on stateful, containerized RDBMS applications that make up the backbone for businesses. DxEnterprise Smart Availability technology allows us to manage these stateful, containerized workloads on Windows or Linux and enable easy failover across different OS versions or Linux distributions respectively—all while maintaining data persistence. In addition to data persistence, a huge strength of this technology is the ability to manage these stateful containers alongside non-containerized application instances from a unified management platform.
Anything else you feel IT professionals should know and/or be thinking about?
CC: Just as a general word of encouragement—if management complexity is really making life tough, don’t be afraid to look past convention. So many IT pros have been stuck in the same inefficient practices with the same inflexible technology for years, and they never cross the threshold of thinking about a different approach because what they’re doing is “How things have always been done.”
We are fortunate to be living in an era in IT where tons of new startups are flourishing and bring groundbreaking technology to the market at a rapid pace. So don’t be afraid to evaluate new technology, because many of these new vendors are bringing forward technology that can positively impact your work in the IT industry in a huge way. I for one can guarantee you’d be surprised what you might find.
Ransomware is one of the biggest threat to any business of whatever size. There is only one way to escape once you are in the trap of hackers. And that is to pay the ransom. In fact, depending on the level of the hacker, you never know if the complete data is safe or not. What if the hacker replicates the whole data during this process? You will still be in a trap despite paying a heavy amount. That is where CryptoSafeGuard comes into the picture. BackupAssist launches this Ransomware Protection tool for Small and Medium-Sized Businesses (SMBs). The new software protects backups from encryption by Ransomware. That means as the product claims, SMBs need never pay ransom again. BackupAssist® is a frontrunner in automated Windows server backup and recovery software for small and medium enterprises (SMEs). This is the worldwide launch of CryptoSafeGuard™ ransomware protection.
CryptoSafeGuard™ ransomware protection is robust enough to protect an enterprise at a very affordable price. Basically, CryptoSafeGuard protects backups by stopping the back up of infected files and thus preventing encryption of backups. That proves its strong capability against ransomware. It has a capability of complementing existing anti-malware solutions thus adding an extra layer of detection at the data level. In fact, due to this, it also provides extra shielding around backups. What they call it as – Active, simple and non-intrusive.
Basically, there are four key pillars of this product. If we look at the capabilities of CryptoSafeGuard, those are as below:
- Protects – It protects your backups from corrupting your backups from the BackupAssist computer.
- Detects – It continuously scans and detects the effects of ransomware activities in the source files under backup protection.
Key Ingredients Of Ransomware Protection Tool
- Responds – It automatically raises alerts to your administrator upon detection of crypto-corrupted files. These alerts can happen via SMS and E-mail.
- Preserves – It intelligently blocks future backup jobs from running thereby keeping the last-known good backup safe and intact.
“As a public services organization supported by tax dollars, we are extremely cognizant and cautious in how our budget is allocated,” says Mike Luu, Information Services Director, City of Milpitas, California. “We didn’t have an ‘enterprise-sized’ budget to spend on ransomware protection. However, we would be negligent if we didn’t invest in protection against the type of malicious software that could block access to our computers and data, and therefore our city services, until a sum of money is paid. And, that sum can be large – too large for an organization like ours. This is exactly the position some of my colleagues have found themselves in – it was ugly – and it wasn’t anything I wanted even the remotest possibility of having to deal with here. BackupAssist’s CryptoSafeGuard will deliver the extra layer of protection organizations need at an affordable price.”
A 2016 Osterman Research report “Best Practices for Dealing with Phishing and Ransomware” offers some interesting statistics. It says 51% of those responding to a survey had been successfully infiltrated by ransomware, malware, or a hacker one-to-five times. “Ransomware is a very real and critical problem that every organization regardless of size must address through a variety of means, including good backup processes and technology – such as BackupAssist and its CryptoSafeGuard solution,” says Michael Osterman, President, Osterman Research.
Ransomware Protection Is Essential for an enterprise
“Many businesses that are hit by ransomware have to pay ludicrous fees to restore operations – some are even forced to shut-down. But, ransomware has one big weakness. If you’ve got clean backups, you can simply wipe the infected system, and restore your data – all without paying a cent in ransom. But, ransomware has gotten smarter – it knows this and now looks for ways to encrypt your backups too so you can’t use them,” says Troy Vertigan, Vice President of Sales and Marketing, BackupAssist. “That’s where CryptoSafeGuard comes in – actively protecting your backups – eliminating the threat of ransomware infection.”
CryptoSafeGuard is available September 1, 2017, and is includes with BackupCare. The subscription of BackupCare starts from $106 USD for 12 months when you bundle it with a new purchase. In fact, you can request a free trial of CryptoSafeGuard software by visiting here.
Cyber threats are increasing in a larger fashion. That calls for a higher scale of cyber security irrespective of the size of the business. Of course, data security is of prime importance for any business. Creating a security positive culture in your organization while you are scaling up in terms of growth of manpower and revenue becomes more important. As far as cyber security is concerned, it is not the task of a single person. Of course, fencing is IT’s task in terms of creating a cyber security checklist. But then if an employee breaches it in lack of education and awareness, the whole effort goes waste. That is why what you do and why you do is important to make others understand. And thus, it becomes part of the organizational culture. In addition, there has to be a review mechanism in place.
What you do today may not suffice tomorrow. While the business scales up, technology also needs to scale up in parallel, to cater to the business needs. Well, if you don’t treat a cyber attack as a risk for your business, then there is something intensely wrong. Because cyber crime is increasing at a tremendous speed. Hackers are looking for potential targets that could be a small, medium, or a large business. Are you ready for a cyber attack? Let us have a look at the cyber security checklist and go for a quick self-audit. Let us start with the checklist having most critical points to take care of:
- Passwords are the least important components for employees. You need to ensure that every employee has a strong password. And you also need to educate them on each point that why it is important to adhere to. Ensure that there is a password policy in place. In fact, automate it in such a manner that you employees have to change their password after every fortnight or so.
Key components of Cyber Security Checklist
- Two-factor authentication is another important factor. People don’t hesitate in sharing passwords but when it comes to sharing mobile phones, 90% of them hesitate in doing so. Hence ensure there is a two-factor authentication mechanism, in place. There are many ways to do so. Like, SMS authentication, OTP, thumb, retina, or hand scan. It depends on the severity to adopt the respective mechanism.
- Ensure to restrict device usage to an extent that chances of malware attacks are minimized. Any malware attack on a device connceted to business environment might invite data theft.
- Backup have to be intact, complete, and authenticated. Cyber attacks can jam your business to a standstill within a spark of a second. Ensure you have local and remote backups in or near to real-time environment.
- Ensure that all devices in use have antivirus and antimalware in place with latest versions and updates.
- Be cautious in allocating admin roles. Have a complete audit trail of admin roles. The same is true for other critical roles and data access. Restrict rights to extract data and dsitribute data.
- Make everyone aware about Phishing emails and the kind of alert they need to raise.
- Encrypt sensitive data. Ensure any dubious looking data request even from a familiar or higher level email account need to undergo high level of scrutiny to prove it genuine.
- Ensure all your data on cloud and web have a protection shield.
These are the key ingredients of Cyber Security Checklist.
Data security is the biggest concern for any business or enterprise. Without considering the size of a business, it is of utmost importance. But how many businesses understand this? In fact, how many businesses understand that data security has to do a lot with organizational culture? And hence Security Positive Culture is a critical task. As a matter of fact, keeping it as a high priority task is not a bad idea. Rather, there needs to be a constant focus on it. Who performs and how, is management’s concern. But first thing is to understand its gravity and intensity. A business needs to ensure that all apps and servers are secure enough at any point of time. Obviously, as you scale up your business, the existing measures might fall short in providing ample security. That is why there is a need for a review mechanism.
When we talk of Security Positive Culture, it is important to understand that roots need to be very strong in this matter. Of course, there is nothing like a hundred percent secure system. But there has to be a mechanism to find out the gaps on a regular basis in the existing system. That is what defines the upgrading of data security mechanism. There is always a middle way to it. A right balance is a must for which there has to be a right assessment system. Like, the way we identify bugs in a software and then categorize them on the basis of their severity, the same need to be done here. Sometimes managers and developers become dumb. They act as per the directions from the business. That is why business has to be sensitive about the data security and hence Security Positive Culture.
Security Positive Culture Is Critical As You Grow
Actually, security awareness is a two-way process. While business obviously has to understand the gravity of matter but it is the technology department that has to educate the business on HOW part. Ownership is important. And more important is clarity of ownership.
Imagine a startup scaling up with the substantial gain of users in their online community. Of course, the business has a business app in place. On daily basis, there is an increase in their user base. New users are registering on a regular basis without considering the presence or absence of data security measures in the app. What it means is that there is a constant increase in their app download on the end user’s mobile devices. While this startup knows that its database in not as secure as it should be. Thus the whole user information is at risk. The reason is the cost. The startup know there is a cost in embedding security features and making their app and database secure. But in need of funds and scaling up, it compromises in spending money to make its system secure.
While the app is unique and popular hence attracting large user base but the users are not aware about the vulnerability and risks that are there in using this app. It is a sort of blind game. Nobody at the startup end gives high importance to Data Security. That is what is happening in today’s world. 8 out of 10 startups give least weightage to invest in Data Security and thus tend to fail sooner or later. After all, customer trust and loyalty doesn’t come for free. There are many things that cusomter takes for granted. Security of customer data is one of those. And the moment a customer comes to know there is a breach in that trust level, it backs out. As a matter of fact, social media plays a major role now a days. It takes no time to make things go viral. Especially things like this.
Data Security Is A Point Of Customer Trust
Online threats are scaling up at a faster pace. You never know who is eager to steal and exploit your business data. Data security, hence, is of utmost importance. But as a business, you not taking care of it at all in that direction is a crime against your customers.
Retail sector across the globe is banking more on e-commerce. That means retail becomes e-retail. The impact is so high that it is causing a substantial impact in the US retail segment. In 2016 and 2017 we can see a number of brands of repute have been closing their physical stores. As a matter of fact, any retail with no backing of e-retail is prone to witness this kind of incident. In fact, the retail business in Asian markets is able to bounce back only because of their increasing dependence on e-retail. Rather, latter’s growth is redefining the success of former. Marc Woo, Head of e-commerce, Google says APAC accounts for more than 40% of the global e-retail business. Mainly China, Australia, South Korea, Japan, and India are dominating in this segment in the region. In the same manner, Southeast Asia will be the next leader in the region.
In 2015 Google conducted a study jointly with Temasek. Its title was “e-conomy SEA: Unlocking the $200 billion digital opportunities in Southeast Asia (SEA)”. The study predicts that the internet economy in SEA region will reach $200 billion by 2025. In fact, e-commerce alone will account for $88 billion by the end of the same period. That is actually phenomenal. As a matter of fact, e-retail will outpace physical retail by a wide margin. It would be almost 32% 10-year CAGR vis-a-vis 7%. Rather it has a realistic potential of reaching $120 billion market size. But there are certain pre-requisites to achieve these mighty targets and estimates. The challenges for Southeast Asia are no less to become a #200 billion. These include logistics, infrastructure, last-mile delivery, and automation.
E-commerce is the key to success
Barring Singapore, all other countries need to improve a lot. Unless all other countries pace up, it will be a difficult task to achieve. Logically, a high stake in the digital economy and electronic transactions is the key to success.
Enterprise agility is a direct derivative of business process management or BPM. The focus of BPM is changing from business revenues to the customer. It is the customer focus that is now creating a need for BPM application in the business. While if we look at earlier days, it was the requirement of reducing costs in the business processes raising the need of buying a BPM application. But there has been a complete change in the requirement. To facilitate customer, businesses are deploying BPM in order to optimize their business processes to stay more customer centric. So much so that businesses make the quality and delivery standards according to the customer requirement and not as per the business comfort. Rather the comfort factor is directly proportional to the customer. It comes only if your customer ensures that the situation is under control and thus he is comfortable.
Now, if we look at business process management and its relation to enterprise agility, many scenarios come into the picture. It is interesting to understand why do we deploy business process management. The sole aim is to align business goals and processes with the evolving business. And this becomes, in fact, a continuous process. Because business evolution is a non-ending exercise. In that regard, a BPM application assists businesses to define steps to perform a business activity. Once this is clear, the next step is to map these definitions to your existing business processes. And then you need to take care of gaps. This will help in streamlining the existing process and thus the improvement will reach to a next level. And the same journey continues thereafter.
Enterprise Agility Is A Direct Derivative of BPM
As a matter of fact, business agility or as we say enterprise agility is becoming synonym with business process management. A small volume of maturity in BPM software brings an exponential increase in enterprise agility.
This is the last post of the series of interaction with Phil Trainor from Ixia. In this post, he will be talking about cyber security strategy. In the previous posts, we have covered Ixia’s Solutions, Edge Security, Inline Security, importance of network monitoring, and Network Security Landscape. So when we prompt Phil with this question – What should be the key components of Cyber Security Strategy for enterprises? His answer comes as below:
Organizations need to constantly monitor, test, and shift security tactics to keep ahead of attackers in the fast-paced threat landscape we all deal with today. This is especially important as new cloud services and increased IoT devices are routinely being introduced. To do this effectively, organizations must start by studying their evolving attack surface and ensure they have the proper security expansion measures in place. Simple but effective testing and operational visibility can go a long way to improving security.
Cyber Security Strategy Framework
Some of the key components of Cyber Security Strategy for Enterprises are:
What are the key highlights of Ixia’s solutions? Ixia delivers a powerful combination of innovative solutions and trusted insight to support network and security products, from concept to operation. Whether preparing for the product launch, deploying an application, or managing a product in operation, They offer an extensive array of solutions in testing, visibility, and security—all in one place.
Ixia test solutions provide an end-to-end approach for organizations to test devices and systems prior to deployment and assess the performance of networks and data centers after upgrades or changes. To verify new service implementation, new device insertion, or network expansion, Ixia test solutions help organizations perform extensive pre-deployment testing to ensure current network functions are not compromised. This testing must be high capacity and must simulate network and application oversubscription in order to stress network upgrades to their limits.
Ixia security solutions allow organizations to assess network security and resiliency by testing and validating network and security devices with real-world application traffic and attacks. Using these solutions, organizations can perform assessments before production deployment and establish ongoing best practices that harden security by assessing individual devices, networks, and data centers. In operation, their solutions monitor traffic—clear and encrypted—to keep malware out, enable security tools to be more efficient by filtering out known bad traffic, and ensure security is resilient and highly available.
Ixia visibility solutions are uniquely positioned to help organizations manage and monitor change in their networks. Ixia provides 100% access without dropping packets, as well as visibility intelligence, load balancing at line rates, and context knowledge to serve the right data to the right tool. They have a complete visibility portfolio on the market, allowing our customers to build a visibility architecture that best fits their network needs today and in the future.
Ixia’s wireless and IoT test solutions address the complex challenges mobile operators face in rolling out high quality, differentiated services. Mobile operators can use their award-winning LTE and Wi-Fi test systems and services to subject devices and configurations to high stress, high-scale conditions and a wide mix of voice, video, and data applications. Operators can evaluate the subscriber experience in the face of mobility, system overload, and even device failure on a large-city scale. And with IoT test solutions, they can ensure that their Wi-Fi implementations are robust, cause no interference, and operate as specified.
Phil Trainor is a master in network security, inline security, network visibility, and network monitoring. In this post, he guides us why Edge Security is not enough. We have been talking to him on these topics in previous three posts. In the first post, we talk to him on the changing paradigm of network security framework. How is increasing trends of cyber threats responsible for this? How, on one hand, is the dependence the on internet increasing on every step of business? And how, on the other hand, it is increasing risks and threats in shape of malware, ransomware, and other kinds of cyber attacks.
In the second post, Phil talks about network visibility and network security. The more is the visibility, the higher it becomes easier to safeguard your network. Of course, you need to deploy right tools and strategies for that. Going further in the third post he talks about Inline Security.
Why is mere Edge Security not enough for any network? This was the question to Phil and here comes his reply. Network security is a critical concern for enterprises, government agencies, and organizations of all sizes. Today’s advanced threats demand a methodical approach to network security. In many industries, enhanced security is not an option. Installing traditional antivirus and firewall software is not going to be enough to combat radical intrusion mechanisms. Even after discovering and being disclosed in public, vulnerabilities can remain unpatched for months or even a full year, exposing an organization to even simple attacks.
Edge Security Is Not Sufficient
According to research reports, it takes nearly 60-70 days for an average company to fix a vulnerability. This gives attackers plenty of time to gain access to a corporate network. Even a mid-sized company have to fight against thousands of vulnerabilities on a monthly basis. An ideal network security application should be able to address varied threat situations impeccably. In order to protect users from disadvantageous outcomes of malicious interventions, the network security system of any organization should go beyond the contemporary threats.
What is Inline Security? How many of us would be knowing this? Phil Trainor continues with us in this third post in the series. While in the first post he enlightens us with insights on Network Security Landscape, in the second post he talks about a deep correlation between Network Security and Network Visibility. In this post, he is educating us on Inline Security. And in the next post, he would be talking about Edge Security. That is not all. He will continue talking to us further in a couple of posts. So, let us read below what Phil Trainor has to tell us all about it.
A resilient Inline security framework ensures tool failures do not become network failures. Network architects understand that just like when building a skyscraper, resilience starts at the foundation. A proper network foundation begins with a stable bypass architecture where inline tools can operate at line speeds without affecting traffic flow in the event of failure. But with different security tools requiring different data access, a simple bypass may not be enough. Adding a network packet broker to that bypass intelligently routes traffic to different security tools for inspection. Without these two working together, packets could be lost, failures could bring your network down, and security holes could emerge. There are several ways to create an inline security architecture. Creating a resilient inline security architecture requires attention to details. The result will reduce network downtime, enable upgrading tools with zero network impact, and extend the useful life of your security investments.
Ixia’s Inline Security Framework
Ixia’s Inline Security Framework offers a proven solution for optimizing inline deployment of security tools while delivering greater security resilience and lowering cost. An intelligent framework including bypass switches and inline packet brokers helps ensure availability, optimize performance, and streamline operation by network security teams.
What is the importance of Visibility in the Network and how it plays a critical role in Network Monitoring? We are talking to Phil Trainor from Ixia. This is the second post in the series. In the previous post, he talks about the changing scenario in network security landscape. Here, in this post, he continues with his insights on network monitoring and its close relationship with network visibility. Let us read below what he has to say on this, in his own words.
IT Networks are growing more complex these days and so are the compliance procedures that are keeping them in check. Network attacks are growing in both volume and frequency, creating a storm of threat data. IT administrators are increasingly realizing the importance of not only the right tools and people but also greater intelligent management. It is here that the importance of network visibility tools and practices play a key role in quickly identifying, interpreting, and acting on threats.
Visibility provides real-time, end-to-end visibility, insight, and security into physical, virtual, SDN and NFV networks, delivering the control, coverage, and performance in a seamless fashion to protect and improve crucial networking, data center, and cloud business assets.
Network Monitoring needs complete network visibility
IT security and analytics tools are only as good as the data they are seeing. IT’s fundamental challenge is to ensure that the infrastructure behind these tools delivers applications that are reliable, fast, and secure. This means that IT needs total visibility of the network. With the current level of network security threats and a complete dependence on the business on the data network, you cannot afford partial network visibility. You need lossless visibility. Better network visibility can improve mean time to repair by helping pinpoint problems. A visibility architecture helps eliminate specific concerns by organizing and integrating your monitoring strategy with your security architecture and problem resolution processes.
How has the landscape of Network Security changed during last decade? This is the question I asked Phil Trainor- Head- Security Business, APAC, IXIA. Phil Trainor has more than 14 years’ experience in senior network security engineering roles for global technology companies and currently leads Ixia’s security business for the APAC region. In addition to his title role, Phil also heads up product direction and business development of Ixia’s BreakingPoint Security solution. Ixia, recently acquired by Keysight Technologies, provides testing, visibility, and security solutions, strengthening networks and cloud environments for enterprises, service providers, and network equipment manufacturers. Ixia offers companies trusted environments in which to develop, deploy, and operate. Customers worldwide rely on Ixia to verify their designs, optimize their performance, and ensure a protection of their networks and cloud environments to make their applications stronger. Here is the answer below by Phil Trainor on Network Security Landscape.
Network Security Landscape and Cyber Threats
The world of cyber threats expanded dramatically over the last decade—and not just because of an increase in the amount of malware. Organizations are dealing with larger attack surfaces. Exploits of Internet of Things (IoT) devices have transitioned from speculation to reality. Users and organizations got direct experience with ransomware as attacks targeted nearly every mobile and desktop operating system (OS)—and the ransomware moved from the hands of elite programmers into the hands of novice hackers. Today almost all malware is made to steal money or corporate secrets. Professional hacker gangs are making millions of dollars each day harassing home users and corporations with almost no threat of being caught or prosecuted. Malware has gone from mild viruses and worms to identity-stealing programs and ransomware.
Network Security Landscape and Cyberspace
The explosion of outbreaks has forced corporates to take a look into threats posed by cyberspace –most of the companies now have Chief Information Security Officers, committed staff and improved funds for security. Cyber security is a field extremely influenced by technology trends such as digitization, the increase of fintech, ‘connected’ cars and homes among others, and supply-side cyber security companies persistently develop new solutions to combat cyber-threats arising from these trends.
Network Security Landscape and IDC Foercast
IDC forecasts worldwide revenues for security-related hardware, software, and services will reach $81.7 billion in 2017, an increase of 8.2% over 2016. Global spending on security solutions is expected to accelerate slightly over the next several years, achieving a compound annual growth rate (CAGR) of 8.7% through 2020 when revenues will be touching $105 billion. The swift growth of digital transformation is forcing companies across all industries to proactively spend on security to shield themselves against known and unknown threats.
Something important happening in terms of Security Assessment Program is worth pondering. Australian Insurtech enterprise Cyber Indemnity Solutions (CIS) collaborates with Fortinet on a critical program that will keep analyzing weaknesses in security framework in organizations. Fortinet, as we know, is a global security solution provider. The two companies launch the program across Australia/New Zealand. In fact, they don’t stop there. They have aggressive plans to cover the Asia Pacific region soon. Greg Hodgkiss, CEO, CIS acknowledges that this collaboration is a key component in risk management. As a matter of fact, on-premise and cyber security have become apparently the major portion of cyber threat for enterprises all across the globe. As the risks are increasing manifold in the cloud spectrum, it is quite prominent for enterprises to focus on its security aspect and thus look for the right partners to ensure the right solutions.
Security Assessment program is not simple to deploy. It will vary from industry to industry. In fact, it consists of a number of technologies and various aspects. Like technology to impart best practices, strong protocols, user behavior, and usage patterns. Only cyber insurance solution providers covering this complete paradigm can think of appropriate insurance cover. As Hodgkiss says, “Businesses face an ever-increasing range of complex and evolving cyber-security threats yet most businesses lack the budget or expertise to deal with these threats effectively. The most significant damage to any business is the permanent loss of critical business data, which can be a result of an attack, employee maliciousness, or simply human error.”
Security Assessment Program Is Important
This Security Assessment program between CIS and Fortinet include Fortinet’s Security Fabric, FortiGate enterprise firewall, and FortiAnalyzer central logging. Jon McGettigan, Senior Director, Australia, New Zealand, and South Pacific Island, Fortinet confirms that this solution is important because both organizations have an exhaustive presence in the area in terms of investment and resources. In fact, Australia’s new data breach law demands this level of security assessment program for cyber insurance.
McGettigan adds, “Over the next several months, we will monitor the market response to Fortinet and CIS’s joint offering. If it meets our targets, we will extend the collaboration to more markets in the Asia Pacific region.” He concludes by saying, “The opportunity for the channel is to have a different conversation at a high level in the organisation – cyber insurance needs to be flexible and bespoke to each customer. Creating a robust cyber security posture helps each organisation in being aware of the importance of protecting their critical data, and creates an opportunity for the channel to add value through implementation and services to create that solution.”
CIS will extend this Cyber Security Assessment program CIS to ‘Crimson Risk’. In fact, Crimson Risk, of which CIS is an integral part, is an association of cybersecurity companies providing advanced level risk assessment, monitoring, and consulting services. Thus, the new collaboration with Fortinet will also help CIS in expanding the Security Fabric to Crimson Risk clients.
Security Assessment Program Is To Mitigate Cyber Risks
Hodgkiss emphasizes that the target is to create a holistic risk assessment framework that covers business risk from all directions. He says, “It takes the form of a comprehensive questionnaire looking at IT, governance and compliance, human capital and third parties, and existing insurance coverage. The assessment report will provide the customer with recommended remediation and mitigation actions including insurance to indemnify them against data loss an additional layer of protection against cyber threats.”
Most of the organisations don’t trust standard cyber insurance policies. It is because these policies don’t cover all business risk and full data loss. That is why this program ensures a deep risk coverage and higher indemnity cover for their clients having crucial digital data assets. “Ongoing threat monitoring, sophisticated artificial intelligence platforms and constant review of the business changes will continue to provide a high level of protection for the business,” he says.
“Protecting a business against losses associated with cyber risk makes good financial sense and should be a key component of the cyber risk mitigation strategy. To support the risk assessment service, we can now also uniquely offer high indemnity, broad coverage, insurance to compensate data owners for the cost or profit impact of a cyber-attack, or if critical data is permanently lost,” Hodgkiss concludes. Hope it clarifies various aspects of Security Assessment and how critical it is to deploy in today’s life of cyber risks.
Fuzz Testing or Fuzzing is quite useful in many ways. In fact, it is a quality assurance (QA) technique to discover coding errors and security loopholes in software, operating systems or networks. A lot of enterprises, banks, e-commerce sites, etc. use this technique. It involves pumping massive volume of random data, that we call as fuzz, in order to simulate an attack and make the test application crash. As a matter of fact, many organizations do it on their production server. In case they find a vulnerability, they then apply a software tool, that we call a fuzzer. A Fuzzer determines the potential reasons for the crash. Barton Miller at the University of Wisconsin in 1989 was the first to develop this concept of Fuzz testing. And gradually the concept has become so hit that it has become an essential technique to incorporate.
While the other testing techniques, we use before the launch of a product. But Fuzz Testing stays an integral component even after the deployment of an application on the production server. Usually, this technique works best to detect vulnerabilities that can emerge due to a buffer overflow, cross-site scripting, denial of service attacks, format bugs, and SQL injection attacks. As a matter of fact, Fuzz testing is less effective for in identifying security threats that are not responsible for program crashes. These could include spyware, some viruses, worms, Trojans, and keyloggers.
Fuzz Testing Is A Very Useful Technique
The benefit of fuzz testing is that it is quite simple to incorporate. Yet, it offers a high benefit-to-cost ratio. In fact, that is its strength. This is because it often identifies defects and vulnerabilities that the developers and testers overlook when they write, debug, and test the software. In fact, this kind of technique is powerful enough to find the most serious faults/defects/vulnerabilities. But here is a word of caution. You should not use it for creating a complete picture of the overall security, quality or effectiveness of a program or application. Rather, it works best when you use it in conjunction with extensive black box testing, beta testing, and other debugging methods.
Cost Optimization is moving from what you pay as per provision to pay per use. Like, earlier you had to pay as per provision irrespective of how much of that provision are you going to utilize. But gradually the things are turning more in favor of the consumer and seller has to change the costing, delivery, and service patterns as per customer requirement. Hence, now the stage has come where in most of the cases you have an option to pay per use rather than the complete contractual amount. Of course, pay per use will not work in cases where your utilization is higher. Optimization can happen in many areas like billing consolidation, removing resources that are not in use, match usage to the storage class, right-sizing before migration. But some areas are difficult to achieve like planning/architecting for cost before migration, instance on-off to meet test-staging work hours, reserved instances.
Still tougher to achieve are spot instances, instance scaling to meet external demand, right-sizing after migration. As a matter of fact, the scope of optimization is always there. Because the conditions don’t remain same in terms of delivery, consumption, and upkeep. The variation itself calls for observation and evaluation on regular intervals.
Cost Optimization Is A Regular Activity
There was a mention of five pillars of cost optimization during recent AWS Startup Day as below:
- Right sizing your instances – CPU, RAM, performance requirements
- Increase elasticity – Automation of start and stop can happen on the basis of access control system. Tagging is important for elasticity and rightsizing. Setting appropriate alerts is important in those cases. In fact, when we talk about tagging, it can happen on the basis of Business tags, technical tags, etc.
- Pick up right pricing model – Like, three pricing models by AWS are – on demand, reserved, and spot. First one is for spiky workloads, the second is for committed or baseline.
- Match usage to storage class
- Measuring and monitoring – There has to be a mechanism in place that you are able to sustain including
- Cost review process
- Definition of policies
Cloud Migration Benefits are tremendous as was visible during the AWS Startup Day event. Only pre-requisite is to choose right partner in your journey to ensure hassle free migration in the least possible time. And once you are clear about migrating your on-premise servers to the cloud, it becomes easier to convince your management about the key benefits. Of course, this migration will include data, application, and other servers. In fact, these days, it is not a set of separate physical servers serving your enterprise server needs on-premise. And once you decide to migrate to the cloud, it is not about the space and infrastructure that you are able to save on but a lot more. As a matter of fact, by reducing your data center size you are cutting down operational as well as capital costs on various fronts. In addition, there are other tangible and intangible benefits.
So let us discuss the key Cloud Migration Benefits. These could be as below:
- Lean Innovation and Culture: Migrating to the Cloud not only benefits IT department but it also sets an example for others to follow. In fact, it becomes a key to evolve Lean Innovation and Culture.
- Cloud Economics: There was a mention of this in my previous post along with some useful case studies about some most successful and fast-growing global enterprises.
- Two factors TCO & Business Value, and Cost Optimization
- Lower infrastructure cost: Of course, your infrastructure cost goes down with this.
- Economies of scale
Cloud Migration Benefits are Absolute
- More infrastructure: In fact, you get more at lesser cost when you migrate to the cloud. Rather, it is a myth that you have to invest more. That is not the case. As a matter of fact, if you think of similar setup on-premise, the investment would be humungous.
- More usage
- More customers
- Reduced process
AWS Startup Day by 10000 Start-Ups and Amazon Web Services was in New Delhi on 28th July. 10000 Start-ups is a NASSCOM initiative. In fact, the launch of the apps/features has become easier with web servers and web services. In addition, it has become much easier to scale up and scale down. Not only that, the new roll outs take shorter or almost negligible time. If not, that is, at least, the demand of the business. That is Zero down time and 100% availability. Although it is impossible to attain this under all circumstances still businesses and enterprises with the help of right kind of technologies and reliable partners providing those technologies and support mechanism are able to achieve this. Effectively the key contributing factor is the cloud. Provision faster and provision with agility is the prime challenge for enterprises in today’s competitive environment.
Pull and store data faster and accurately is something that is quite important for any business. This was one of the key highlights of the AWS Startup Day. There are, of course, pressures of bringing down the cost of ownership. These pressures are tremendous, in fact. And the purpose of this for everyone is to reduce costs. Like, Netflix runs hundred of micro services on the cloud at the same instance. Any time it takes a few seconds or a few minutes to spin up a new set of services. All this happens in the cloud. Users just take it for granted take the moment they connect to Netflix, it’s too work instantly would any hiccups.
AWS Startup Day was quite insightful
Similarly, Hotstar running over a dozen of channels online was also a point of discussion in one of the case studies during the AWS Startup Day. Traditional on premise hosting versus cloud was the key evaluation. Finally, the cloud was the winner keeping in mind that a huge amount of viewers would be availing the services. And nobody likes disruptions while watching a movie or a TV program online.
ATMs have cameras but how many have tracking and alert mechanism to notify a person spending time there without any withdrawal. Why we can’t create an alert mechanism for any dubious actions at ATMs and other sensitive locations with the help of these intelligent cameras? How about shop floors? Terrorism? Factory mobility, automation, connected safety, connected supply chain, improved asset utilization can be done with IIoT. This can, in fact, compliment Industry 4.0. We are talking about some real life IIoT examples.
Sensors in the helmet can alert family members about a person drunk and driving, not only to controlling agencies but also to family members. There are Non-invasive sensors and invasive sensors (cloud). In a steel plant helmets are necessary. Alert about any person not wearing a helmet is a good idea. Similarly, same goes true for Gas leakage alerts? Some other useful areas are – To monitor current performance against plan, To identify areas of improvement, To identify the problem as it occurs. Preventive maintenance/safety to improve throughput is another good example. Dust waste accumulation monitoring can help a lot with automation and alert mechanism. Similarly, On production, line noise tells a lot about rolling machines. In fact, deployment of such IIoT Examples can really do wonders.
In the same manner, Vibration sensors can do wonders. There can be a tremendous improvement in Passenger experience at the airport. NFC/thumb impression at airports for entry can ease life at both ends. In addition, deployment of Intelligent baggage system to track if your baggage is on the same aircraft or not is also a wonderful idea. As a matter of fact, The Oil industry, mining industry can tackle gas leakage and human safety with IoT. In fact, Driverless cars can help in a decrease in accidents. Actually, What India did in IT needs to be done in IoT. That will create another landmark in Industry 4.0 and set an example for others to follow. These are some IIoT examples to start with.
When Dr. Neena Pahuja, Director General at ERNET India, Department of Electronics & IT (DeitY), talks about Industry 4.0 and Internet of Things (IoT), it comes with a lot of real life examples. This is how it goes. We all are using the internet. Are you able to connect to your factory in real time from anywhere in the world? Is the Internet in IoT about innovation or connection? What if instead of IoT we talk about the internet of everything? Industry 4.0 is a new revolution. A control system talks about how to connect different things. It gives a phenomenal strength and value when there is an integration of various components in an Enterprise.
The first wave of industry came in 1782. In fact, Today we are witnessing Industry 4.0 revolution. What are convert physical systems? It is people, products, vehicles, and everything that an industry comprises of. If you are able to get a problem in the industry when it occurs, you’re able to control it much faster. In fact, IoT is a composition of various hardware, software, and actions. These factors like Sense, embedded systems, fork computing, communicate, analyze, and act is the internet of things. Like an Artificial lake, artificial limbs, or personalized products through 3D printing.
Industry 4.0 is a worldwide revolution
In medicine, there are bodies used for teaching in our country. While in some countries they use 3D printing and artificial intelligence to perform it. No longer today doctors need to measure body parts for replacement. In fact, it is done through a body scan. As a matter of fact, Assets on the airport, hospitals, hotels can be tracked through IoT. A small smart device at a very nominal cost can help to do it. IoT can help in asset tracking, supply chain tracking, noise/vibration tracking, gas/water/oil/power leakage, field force management, tracking using intelligent cameras etc. In industries like Oil and Gas, leakage can be sensed through sensors in real time. Industries can come to know where their mobile workforce is at any moment of time. One of the start ups in Bangalore having an intelligent camera to alert in real time in case of any incidence. These are some of the best examples of Industry 4.0.
Mark Lazarus, CTO APJ, Nimble Storage, brings some engrossing insights about backup, restoration, and a lot more. Isn’t backup data for restores? What else could I use it for? May be for Test/Dev environment, Patch testing, Verify backups and even DR. What if your backup media wouldn’t cope at the time of crisis? In today’s circumstances, these are the key backup and secondary storage challenges. Mostly we experience slow backup and very slow restores. As a matter of fact, it is trapped data on the backup device that can’t be used without restore. Then there are specialized and siloed backup infrastructure that demands separate manpower and attention. One option is to move everything to All-Flash which is still relatively expensive for non-primary storage. Another option is to move everything to cloud but then it has high latencies and is costly to recover.
The best solution from Nimble Storage is storage secondary flash array. This is a new type of backup Storage. In fact, it is flash-enabled storage to deduce & capacity optimization. Rather, it is Multi-cloud flash fabric. It comes with many important features. Firstly, it helps in predictive analytics. Secondly, it acts as an Optimizer for data protection and secondary storage workloads. Flash based performance is for instant restores and recovery. It is an application aware storage mechanism. As a matter of fact, by using flash you can put your backup data to work for Dev/test, QA, analytics. Simplify data management through deep integration. In fact, it is a validated design. In addition, it works seamlessly with your primary data.
Nimble Storage optimises IOPS and Effective GBs
Some of the key features of this new solution from Nimble Storage are:
- Minimize impact on production VMs
- Simplify scheduling
- Application aware consistency
- Verified recoverability
- Multiple uses like Test, Dev, training, and troubleshooting
- Effective capacity
- Deduplication & compression – Inline, 18;1 compression. But then it depends on the type of media and data files
- Read/write IOPS
- Connectivity options
As a matter of fact, Data Efficiency is a function of data and time. Retention period plays an important role. So does the performance and capacity which means IOPS and effective GBs. In a way, it is a perfect match of primary storage and secondary flash array. SFA helps deliver DRaaS that doesn’t break the bank. Thus Nimble Storage adds a new paradigm in storage and restoration with speed and accuracy reducing risk to minimal. That is actually a boon!
Instant On Security for Always-On Enterprise by Ankur Patial, Technical Consultant (Cyber Security), TrendMicro was an interesting topic during this year VeeamOn Tour. There is a rapid growth of cloud computing. But the shocking report is that cyber crime will reach 2 trillion by 2019. And that is not too far. Prominent of these are hacking, malware, ransomware, and so on. There needs to be timely detection, recovery, containment, and investigation. In fact, ransomware has moved from B2B to B2C. Earlier hackers were touching only businesses. But now they are targeting individuals, professionals, and enterprises at the same time. Interestingly it is quite easy to become a hacker. $50 is the cost of ransomware kit online. You just need to pay $50 online and the kit will help you attack your target with a sure rate of success.
Encryption is just the beginning component of Ransomware. In fact, Ransomware criminals are raising the stake. There will be more server vulnerabilities exploited. Thus Instant On Security has become the top most necessity of any enterprise. On the other hand, the data center has evolved much faster than anticipated. We have Physical servers, virtual servers, virtual desktops, hybrid environments, public cloud, containers. In fact, life has moved in the same sequence. Initially, we had physical servers. Then came Virtual Servers. Thereafter virtual desktops. After that, we had hybrid environments. Now we have public cloud and latest are containers. The landscape keeps growing. So is the scope and challenges. Every security element has a key role to play. Like Firewall, IPS, load balancer, web tier, and app tier.
Instant On Security Enterprise Is Today’s Mantra For Survival
Attacks come in various directions. Like, Content and applications, Platform, applications, Operating systems, and Network. The utmost important element is to remove complexity. As a matter of fact, remove platform support issues. Because in a complex environment, there are thousands of supported kernels with rapid updates. Thus support for leading orchestration tools and automation are needed to reduce complexity. For that, you need to eliminate manual security processes by scaling up and down without gaps. Secondly, scan for vulnerabilities and recommend or something security based on policy. Thirdly, install security controls for maximum performance. Finally, bake security into workloads with automated policy creation. As a matter of fact, your security solutions need to intelligent instead of blanket policies to avoid performance issues. And also to create an Instant On Security environment.
As a matter of fact, build a workload centric security strategy. For an Instant On Security system, you need to perform certain actions. Control bottlenecks with deep security with automation. Stop advance attacks and ransomware. In fact, layered Security delivers maximum protection. In addition, you need to accelerate compliance. There have to be multiple controls with Central management to attain this. Stop unauthorized changes. Lock down applications and servers. Monitor for changes. Create alerts. Defending against Network and app threats is very important. Intrusion prevention is another area to take care of. Overall, you need to protect everything against vulnerabilities. For this, Security Audits need to be faster, accurate, and effective. There have to be automated and intelligent scans.
Instant On Security is critical for any enterprise
For a smart protection Network in an Enterprise, you need to have an effective Instant On Security model. Some of the key elements for this are Sandbox analysis, Machine learning, Behavioral analysis, Anti malware & content filtering, Response and containment, Integrity monitoring, and Application control. Hybrid cloud security comprises of intrusion prevention, host firewall, integrity monitoring, and log inspection. When we talk about Big Data, we can seggregate in three sections. There is Known good data, known bad data, and unknown data. Biggest problem is unknown data.
Dr. Kapil Dev Singh, founder, and CEO, Coeus Age talks during VeeamOn Tour 2017. Creating an Always-On Enterprise is prime for every business. So needs to be IT availability for Always-On. Always-On means high availability Enterprise. Consumers are changing. The Internet is a great enabler. It has democratized everyone having access to the Internet. This leads to a collective voice. In no time a simple post can become bigger. An email is always one dimensional. Internet posts are two dimensional. Today people spend most of their time on the internet. Most of the things are happening through the internet. Where and who has changed to how and why. Consumers are gaining ground. Similarly Always-On in gaining ground. Almost 40 percent of Americans now work from home. That is offering demand of Co working space.
Earlier it was 9 to 5 and in office. Now it is anytime anywhere to become an Always-On enterprise. Your laptop and smart devices have become your virtual office. Concepts of the holiday, no working day, no data available, service unavailable cease to exist if a business has to survive. There are critical businesses where if their Network is down even for 15 minutes, their entire months business is washed out. A platform like NSE can afford to be down. The deep structural shifts are happening. During 2000 business growth, linear expansion, resource slack were important. During 2009-2013 it was about business sustenance, core defense. Now it is all about business agility, risk management, and efficiency. Business priority is operational efficiency. You need to convert disruptors to value creators.
Always-On Enterprise Is A Big Challenge
There are some classic examples of Always-On Enterprise. New Zealand airlines were in the loss for ten years and today they are one of the most prominent airlines in the world. In fact, it is all because of digital adoption. What is always-on? Your input, process, and output have to be Always-On. An organization’s processes must be agile to support the experience of the stakeholders. A break in process or a slow process impacts the experience. The currency for all this is nothing but data. It depends on the degree of automation and integration of various organizational processes. It requires leadership, capability, and strategic focus to create it.
As a matter of fact, Digital technologies, application overhaul, IT architecture overhaul, IT efficiency, IT security/BCDR, IT assets consolidation, internal IT usage, outsourcing are some of the emerging technologies and strategies. Rather, 9 out of 10 Indian enterprises may not be ready for an Always-On paradigm. In addition, Flirting, building, converging, transforming is the paradigm shift in application development from 2014 to 2017. In fact, It is important to work fast for any business to become an Always-On Enterprise. Because that is going to be the key to survival in this tough competition.
VeeamOnTour 2017 was quite an enlightening day. It was interesting to hear Ashok Acharya, Regional Director, India & SAARC, Veeam. He was speaking about Digital Future and High Availability. In fact, both have a deep connection and interdependence. The business needs are changing drastically. There was a time when field workforce was never an integral part of all communication in the organization. Because they were out of the organization most of the time. The same is not the case now. Even if an employee is not in the office for few hours, days, or months, he needs to stay connected always. Life has moved from pen and paper to pagers to desktops to laptops to smartphones over last three decades. Today we live in a world where almost everything we do on the smartphone. Younger generation prefers to have tablets and smart devices even for watching movies and entertainment.
Even in any enterprise Not sitting at your home you can watch movies. Or even when you are on the move. Things are changing drastically. There is a paradigm shift. Going further there is an era to come off robotics and huge data. Digital Future and High Availability is the key to this. In the 1990s we didn’t like to sit with strangers in a cab. And today we have a cab sharing concept. By 2025 180 with 21 zeroes of bytes of data. Uber has a valuation of $64b just because of the driver’s data they contain. Similarly, Tesla uses data and artificial intelligence to learn patterns of behaviors. The secret formula for success is nothing but 24x7x365. The cost of poor availability can be catastrophic.
Digital Future is Mobility and Availability
Loss of revenue and brand value of the key to focus on. External threats – DDOS attacks are becoming the major threat. Cyber attacks are a major risk. Is the cloud safe? Amazon, Verizon are recent examples of cloud vulnerability. Even the major companies are not taking care of validation of backups. Think of a partner that is always there on availability. You need to experience availability rather than just going by words. Digital Future is all about this and a lot more. And it is not too far!
I recently had the opportunity to sit-down with the CEO of StaffConnect, Bulent Osman. For those that are not already familiar with the company, I was impressed and expect you will be as well. As background, StaffConnect delivers a platform that enables organizations to transform how they reach, communicate and engage with employees. The app strives to inspire employee engagement, with the end result being an emotionally connected workforce that works harder and smarter, leading to the best possible customer/client outcomes, and in for-profit companies – ultimately driving greater profitability.
Q: What is the back story on StaffConnect – when and why was it founded? What was your “ah-ha” moment that led to the company’s establishment?
A: Throughout my high-tech/enterprise software career, I have seen firsthand the impact of a disengaged workforce. During my tenure at a well-known and highly respected, global organization, a name that mom would know, the point was truly driven home. Here, there was a lack of connection to a clear goal or purpose, and not knowing that what we were doing was making an impact. There was minimal communication from leadership regarding strategy, etc. Churn was frequent – and a clear theme emerged during exit interviews – lack of engagement. And, because turnover was high, the resources we expended on recruitment and training were crazy. You didn’t need to be a rocket scientist to make the ultimate connection that unhappy employees = sub-optimum effort, as well as employee turnover (and the associated costs) = sub-optimum customer experience = a hit to bottom-line corporate profits.
StaffConnect Incorporates a Management Console
Alternately, during my time at a startup, I had experienced the positive results of an emotionally committed workforce. Perhaps it was the nature of the beast – we were physically together much of the time either in the office or on the road, regardless of title. Communication was seamless. We felt like the company’s win was our win. And our tireless efforts and almost religious dedication reflected it.
During my time at that global software solutions provider, I had what you refer to as my ah-ha moment. This company had a huge HR department. Employee communication and engagement was a priority. Yet, they were failing at it. And, I saw the pain that resulted in that failure. I knew that technology would be the key to overcoming it. As I thought about the necessary solution, it also became clear to me that it should not only improve workforce engagement but also measure it.
This is why StaffConnect incorporates a management console to measure and report on engagement across the workforce. My other firm belief is that technology needs to be defined by domain experts that understand the use case. Our unique AppSuccess program, which works with our customers to define winning content and communication strategies ahead of implementing the mobile platform, is designed specifically by internal communication leaders that really understand how to make our customers successful.
StaffConnect Tranforms Employee Experience
Q: Could you briefly introduce and describe the StaffConnect platform? How has it evolved over time? Is the app development customer driven?
A: StaffConnect was specifically designed to be a powerful employee engagement platform that transforms the employee experience by enabling large enterprises to connect, communicate and engage their entire workforce, especially remote, non-desk employees. The customer-branded mobile app gives employees ‘a voice’, with access to company and user-generated content to increase loyalty and productivity. The cloud-hosted platform empowers employers to target that content, with analytics, to deepen engagement with everyone. Our domain expertise supports large businesses from around the world to inspire their workforces to deliver better performance, improved customer experiences, and greater shareholder value.
Our original product was comprised of features and modules which could be configured to order. Over time we have learned the most popular features and gained in depth understanding of how they are being used in order to further innovate. We have also added new features and integrations based on customer feedback and we now offer three defined products which meet the needs of different sizes or types of business along with three tailored AppSuccess service packages.
Q: Is all app development and QA done in-house? Do you Beta new features w/customers before GA launch?
A: We have a talented team of developers working out of our head office and all of our development work is managed by this team. Whilst we have dedicated QA professionals, the entire StaffConnect team is considered as QA – we use our own version of the app across our entire team and all of us take responsibility for delivering the highest standards in our product, working to rigorous testing schedules with the development team.
StaffConnect addresses employee engagement with future needs
Mobile technology to address employee engagement is a new and emerging market. Working closely with our customers to understand their use cases and future needs is imperative to us staying ahead of the market and making sure we always meet market requirements. We have strong ongoing relationships with all of our customers their feedback and insight on new features is invaluable to our continuous innovation.
Q: You recently announced customer growth of 55% — are there any particular geographies and/or verticals where StaffConnect’s acceptance is the strongest? Why?
A: We have experienced strong growth in our core markets of UK and US, but we have also seen a big rise in customers from other regions around the world like Australia, Scandinavia, and the Middle East. We are also experiencing growth in new markets, manufacturing, mining, construction, travel, non-profit and healthcare are all strong markets for us. Any market that has a large proportion of non-desk workers are all ones where we see StaffConnect making a big impact.
StaffConnect is for any forward thinking modern enterprise
Q: Who is your ideal customer?
A: Our ideal customer is any forward thinking modern enterprise. Our solution is “mobile-first” which means unlike enterprise social messaging tools, it does not require a corporate email address to set up a user. This makes it ideal for the billions of non-desk workers around the world – the baristas, the healthcare workers, the airline crews – that are often forgotten when it comes to receiving critical updates and accessing important corporate information. Our management console is designed to be able to segment users so that our customers can be very targeted in their communication strategy – delivering relevant updates and information to specific functional teams or regions. We also passionately believe that engagement has to be two-way traffic to really be effective – giving employees a voice is at the heart of what we do and many of our features have been created with this in mind – employee feedback is really important to our customers as well as encouraging employee generated content and content sharing.
Q: Where can we go to learn more?
A: There is a wealth of information on the StaffConnect website. May I suggest starting here: https://www.staffconnectapp.com/staffconnect/ to learn more about the StaffConnect App, Admin Console, and AppSuccess program. Once you have gotten their feet wet, a demo can be requested here: https://www.staffconnectapp.com/demo/. And of course, we love to brag about our customer success, some of which can be found here: https://www.staffconnectapp.com/customers/.
When it comes to Artificial Intelligence, Robotics, Automation etc., a large amount of negativity starts floating around. Like, reduction in jobs, forced retirement, layoffs, and so on. On the other hand, I feel, these initiatives bring in a lot of parallel opportunities. In fact, it might increase job opportunities rather than cutting them off. Definitely, it might demand a transformation in job profiles, roles, and responsibilities. In addition, such kind of initiatives always brings in an ease and comfort in the job. For instance, Artificial Intelligence, Robotics, Automation etc, increase efficiency, decrease rejections, and thus enhance business profitability. And when an organization grows, there is always a scope of expansion or diversification which again brings in newer job opportunities. Of course, these require a hefty capital expenditure in first go. But then there is always an assessment of ROI and Value for Money.
When an organization decides for investment in Artificial Intelligence, Robotics, Automation etc., it all depends on projections, case building, and right presentation of the proposal. More businesses these days are leveraging the cloud to store data. But there is a significant amount of opportunities to monetize and to extract business insights from the data. For instance, Veritone. Veritone is an AI SaaS provider. Recently, they have partnered with Quantum to provide users the ability to deploy cognitive engines that help in analyzing enterprise data stored.
Artificial Intelligence, Robotics, Automation
It will be absolutely interesting to understand how enterprises can analyze and monetize the data they currently have stored. Or, more interestingly, how AI deployments can help to unburden the workforce, democratize costly services and ingest a huge amount of big data for actionable use. The question is if one-time capital investment saves a large spend of recurring or operating expenses, what will be your choice? Keeping in mind that this one-time CapEx will also come with a unique set of benefits. Definitely, Artificial Intelligence, Robotics, Automation etc. are the best bet for any industry across the globe. Only thing is to decide fast.
Yesterday I was at the Manufacturing Innovation Conclave organized by CII (Confederation of Indian Industry). Many interesting things you get to know at such platforms. Because this is the platform that collaborates industrialists, government bodies, and professionals. While there were people representing manufacturing industries of India, people were also there who are vendors for these businesses. And these people on the other side are consultants, suppliers, business enhanceers, investors and so on. In addition there were specialists of national and international fame to talk about the burning issues manufacturing industries are facing and at the same time proposing the best possible solutions to cope up with Industry 4.0 revolution that is emerging across the globe. Many interesting points are there to talk about from the yesterday’s conclave. These are the key learnings, takeaways, and innovative ideas to adopt in order to enhance the manufacturing paradigm in the country.
The concept of low cost labor is transforming to high value manufacturing. Now industries while setting up a new manufacturing plant overseas don’t look for the former but latter. That was the first important point of Manufacturing Innovation Conclave. The world is changing from Mass Manufacturing to Mass Customization. India has to emerge as some key reason for becoming a global manufacturing hub. Like, China we know for volumes and economy of scale, Germany we know for high-tech engineering production, and when it comes to the US, the world knows it for innovation. Similarly, when we talk about Japan, it is about Quality and Reliability. But when it comes to India, there is no such significant impactful point to feel high about.
Manufacturing Innovation Conclave is about Industry 4.0
Innovation is nothing but Ideas to Impact. That is what manufacturing innovation conclave is all about. These ideas can be in various buckets. Like, ideas that fail and ideas taken to the market. But one thing is very important in this regard. Fail fast in cae you have to fail. Velocity, Veracity, and Value play a major role in today’s competitive environment. The emerginb business environment is all about Collaboration, Cooperation, and Cohesion. Industry 4.0 is all about cloud, innovation, digitization, automation, robotics, IoT, and Analytics. Cobot (Collaborative Robot) is better than Robot in industrial environment.
Hardly few companies draw value out of this beautiful concept of customer feedback. In fact, most of the organization doesn’t value it. They just do it because it is part of some ISO certification they are part of. And for the sake of clearing the audit process, they have to create documents in this regard. In reality, it is neither in the blood of an organization nor top management’s priority. Hence, there is an altogether lack of seriousness in this regard. As a matter of fact, as an organization you should ask yourself – Do you deliver product or service? Or Do you deliver value? There is a huge difference between the two. It is only the question of understanding the philosophy. The day your organization understands it, there will be a clear cut direction, alignment, and integration. Rather, there will be a sense of urgency of closures.
Organizations lack that sense of closure. In fact, most of the organizations love to keep things or issues open for long than focussing on closures. It is part of the culture of an organization. Keeping customer feedback aside for a while, in almost 80 percent of the organizations leadership is not accessible to the customers. Why CEO of an organization can’t be accessible easily? And then we talk of confidence and sense of protection in customer. There are the small but impactful things that bring a lot of confidence and sense of protection in your customer.
Customer Feedback lacks Sanctity
That is the reason behind low rate of customer feedback. Hardly 5-10 percent of customers feel like giving feedback. It is all because of lack of confidence in action on it. Most of the customers feel there will be no action on the feedback. Hence, even those who give feedback, don’t provide it seriously. As a matter of fact, any organization’s one of the top goals should be how to increase the customer feedback percent and action percent in a holistic manner rather than just doing it for the formality sake.
Amazon’s Empty Chair Concept is a wonderful example of customer obsession. In every meeting that happens in Amazon one chair is empty and that chair is the chairperson of the meeting. In fact, it is indicative. And it indicates Customer. Hence, in every meeting in Amazon, the customer is of utmost importance. Another great example of customer obsession is two videos of Brussels Airlines. You can find both easily on Youtube. One is “Happy Birthday” and the other is “It’s a Boy”. What an amazing feeling it brings when you watch these videos. That is what should be the prime focus of any business. And there are examples that businesses have reached the limit of the sky with this customer obsession approach. And some businesses, on the other hand, are not there in existence anymore who didn’t focus well on their customers. Therefore, the customer is the prime key.
As we all know the three key pillars of an organization are Processes, Systems, and Initiatives. But more important is to understand how do you measure them in your organization? Secondly, How do you sustain them? It is also important to know that the organization where top leadership involves in their organization’s customer obsession journey have higher chances of business growth. In fact, there are examples where the top management is eager to work with people who are obstinate about customers. Like the founders of Flipkart, deliver the packets at times to their customers, not for any other reasons but to get their insights about the service and delivery of Flipkart. Empty Chair Concept is just a symbolic approach that can happen in many ways. It is not important to copy the concept to demonstrate your customer obsession. There are many examples like this.
Empty Chair Concept Makes Customer as Top Stakeholder
Similarly, working on the same Empty Chair Concept, Premji of Wipro meets 5-6 customers every month just to understand their problems.
An organization striving for Zero Customer Complaints ultimately fails to survive. This is how? The sole target of the whole organization becomes to achieve no complaints from the customer. In that journey, they intentionally stop recording customer complaints in order to show their results matching their targets. The management is happy but customer unhappiness is at an increase. And finally, it bursts to bring disasters in such a way that the organization loses all its potential customers. The organization culture has already taken a bad shape. Finally, it had to drop its best of the employees in the lack of business and survival. Such kind of goals, thus sometimes are quite disastrous and killing in nature. Instead, another company realizes this proactively and changes their goal from Zero Customer Complaints to Increasing Improvement Opportunities. The whole scenario changes in the organization. Everyone has a suggestion for improvement.
In fact, zero customer complaints or increase in customer complaints doesn’t reflect the actual health of an organization. At the most, it can reflect the health of a sub-process. If we see in above paragraph about the organization changing its goal to increasing improvement opportunities starts working as a catalyst to business growth. Definitely, all improvement suggestions will not be feasible or appropriate. There has to be a cost-benefit analysis for each such improvement. But then striving on improvements in an organization as a culture is not a bad thing at all. Rather, it helps in business maturity and ultimately in business growth.
Zero Customer Complaint Doesn’t ensure Business Growth
But eventually, these opportunities must encash in time. If they stay in papers and there is no action on them, the whole exercise is of no use. And moreover, it has to have a viral effect in the organization. Everyone must be in its grip all the time. There has to be a timeline and action plan for each improvement. If you have Zero Customer Complaints as a goal in your organization, change it immediately.
Customer Excellence culture is difficult to create in an organization but is not impossible. Though it doesn’t happen overnight. But every bit of effort in this direction counts a lot. It demands everybody’s involvement in this mission. Unless it flows in the organization’s blood and reflects in every employee’s actions, it stays merely in papers and doesn’t translate into success. If you are a customer-centric organization, you can achieve your business growth. Else, you will lose the battle sooner or later. Recently there was a fear in the global arena that your ATM or Debit card data is not safe and is easy to breach. Immediately, one of the banks acts proactively and releases an app with the help of which their customer could switch off their ATM/Debit Card within second after installation that app on their smartphone and two-step authentication. Such actions create trust and confidence in customers.
Such is the demand for Customer Excellence in today’s scenario. It requires restructuring, strengthening, and innovative actions. You need to cater to the customized product needs of your customers. In fact, it is utmost important to listen to your customer. No doubt, building a culture in the organization is a time-consuming issue. But nonetheless, never let your teams live in silos. In fact, let them understand if they are there in the organization it is just because of the customers. No customer means no business. And no business means no need of employees in the organization. Therefore, it is important to set the benchmark for customer excellence. Because this automatically brings business excellence. Hence, building a culture of excellence is important and that too in every area of activity. Different organizations do it in different ways. Like KPIs, Methodologies, BSCs, or any other manner. But mostly the goals are same.
Business Excellence comes from Customer Excellence
Therefore, if a business has to survive, it has to strive for customer excellence. If an organization’s vision and mission are devoid of the word “customer” it needs to revise the same.
CII Awards for Customer Obsession 2016 was a great insightful event to attend today. Few things are very clear out of it. It has a direct connect with technology, behavior, measure, and translate to evidence. Let me explain how? Without technology, a business can’t survive in today’s competitive world. It also involves human behavior that matters most. You need to measure both with the help of analytics. This measurement helps you to translate the things to evidence. The facts and figures make it easier to stand by your words and claims. Customer experience has become the utmost important factor for business growth. Customer Obsession has to be in the culture of an organization. Hence, Customer centricity has to be in the blood of an organization. Keeping that in mind NCH or National Consumer Helpline has come into existence in India. Though it is active in Delhi right now.
Don’t keep success in your mind. And don’t keep unsuccess in your heart. Because both the acts behave as a showstopper in terms of performance. And that is where the new mantra of India comes into the picture. It is Perform, Reform, and Transform. Because without performing you can’t reform and without reforming you can’t transform. The best way is to change your habits and look at the whole scenario in a new perspective. Looking at current competitive environment benchmarking customer experience or customer obsession can’t happen in a holistic manner. What customer expects today is better, faster, and cheaper. For instance, when it comes to e-commerce or e-retail it is the value products and deliveries that matter most. Similarly, if you are in hospitality, understand your customer’s priorities best. That is how you can win in this tough competitive world of business. Thus comes customer obsessions.
Customer Obsession means business growth
Thus customer obsession has a direct connection with business growth.
Do you live at your workplace? Or just like others just treat it as a money generating place? Is your connection with your organization merely for the sake of salary or it is much beyond that? How do you treat your workplace and how does it treat you in return? Do you miss your workplace when at home or vice versa? More importantly are you passionate about your workplace? Do you ever feel you are in love with it? And if you feel, do you try to find out the reasons for falling in love with it? Is it the quality of work, place, or both?
And two more important factors in it are management and people. These two factors can create a high amount of motivation or demotivation depending on the culture of an organization. Are you a quantum of energy when you reach your workplace? As a matter of fact, are you ready to fire all your energies to fetch out best of the results during the day? Are you able to motivate your team like nobody else can?
Do You Live At Your Workplace?
All this can happen only when you are able to live every moment at your workplace. Just introspect, do you live at your workplace? Your workplace, in that case, must be able to give you an atmosphere where you feel free, relaxed, and full of energy to deliver the best out of you. And how does it happen? Here comes the role of HR, People Managers, and the top management. Because a lot of good ideas will come in this regard from HR and People managers, but it is the top management that has to approve those ideas faster in order to get the results faster. If you as a manager feel your workplace is dull, you need to take some quick steps to make it lively.
How about a small library, recreation room, a room to relax, some indoor games, some good facilities like vending machines, a high amount of discipline, good processes in place, a workplace with no pressure. In fact, how about making it a place like a prayer room? And then once these things are in place then check again Do You Live At Your Workplace?
If you have to chose among Engagement Commitment Passion for your organization, what will be your preference? And how do you connect the three strong pillars for an organization or project management? Engagement is something very important for your individual units those are employees or team members. Each individual team member has to have an interesting engagement factor in his job to make it more lively. Working just like a robot mechanically with no human factor in it makes a job dry and uninteresting. And I think with a high factor of engagement comes the high level of commitment. The more you are able to engage your team members the more amount of commitment you can fetch of them. Like engagement, commitment also varies from person to person. It also depends on the passion factor in a team member. A right mix of engagement and commitment creates passion. It reflects in many ways.
When we talk of passion out of three key pillars of Engagement Commitment Passion, it has various touch points. If you are able to generate passion in a team member, it can do wonders in terms of deliverables and results. It is the passion for organization, passion for the job, passion for the work you assign to your team members, passion for deadlines, passion for results, passion for winning every streak. Management has a key role in generating Engagement Commitment Passion in all their employees but then it has to percolate down the line in a very swift manner. The faster it goes down the line, the quicker are the results.
Engagement Commitment Passion – 3 Pillars of Growth
Whatever is the level of an organization these three pillars of Engagement Commitment Passion are the key ingredients to its development. In fact, in the growing phase, these are the most important factors to ensure your consistent growth.
A whopping investment of 5,000 crores is something extraordinary in an Indian scenario. This is probably the first time any enterprise in India stands to invest such a huge amount in a spectrum of three years. Samsung Plant Mega Expansion in Greater Noida is a live example of this. And out of 5,000 Crore, around 1,000 Crore is already spent in terms of infrastructure, development, expansion, technology, automation, and training. Probably for the first time Samsung has got a right partner in State Government to help them in achieving their large goals. And, in fact, for the first time, a state government has been so proactive and smart to take such futuristic steps and help an enterprise to achieve their goals so fast.
That is probably something that was, at one moment of time, on the verge of dropping the idea at Samsung’s end. The previous government was not capable of understanding and coping Samsung. It is good that government changes after every 5 years. Any change brings a lot of new challenges as well as opportunities.
Samsung Plant Mega Expansion Creates A New Future
It is precisely an investment of INR 4,915 Crore for Samsung Plant Mega Expansion with a clear cut commitment to Make in India, Make for India. So far out of their complete production in India, there is a chunk that goes outside India. In fact, out of its total production in India, Samsung caters to around 60-70% of the requirement of the Indian market. Rest comes as an import from other countries. This investment of INR 4,915 will happen in a span of three years. This is, in fact, the first year.
Within a period of few months, Samsung has invested around INR 1,000 Crore so far. And for the first time, this production will cater to 100% needs of the Indian market with no import targets. And the additional production will go out of India as exports to various countries thus bringing in foreign revenue. Samsung is India’s biggest consumer durables and mobile phone brand.
This is quite an interesting fact that there is always a tussle between the three in any organization. I am talking about People Process Technology, the three strong pillars of an organization. But then it is important to understand the exact relationship between the three. Also, it is important that in this case, all three marry and live happily together. Logically, it is people that run a company. Even if your processes are world class and so is the technology if the level of people is not improving on a regular basis, everything fails. Because it is the people who have to drive the technology. A deep level understanding of technology is a must to run it optimally. If the people lack in training to exhaust or consume the state-of-the-art technology, then there is no use of that technology in the organization. I have seen in many organizations they do a lot of investment in new technology. But it stays only to the extent of investment and procurement. Afterward, they dump it somewhere in the dust because there is no capable driver to understand and run it as per business needs.
The same is true for processes when it comes to chose from People Process Technology. Even if you have right kind of processes in place, it is the people who have to adhere to it aesthetically. And what about enhancement in these processes? How will it take place if the people in the organization are not thinking in that direction? Therefore, a regular mechanism has to be in place to control it completely. Better if you are able to automate the processes.
People Process Technology and the Organization
Another philosophy says that if your processes and technology are strongly bonded, it becomes easier to drive people in the organization. That is true too, to a large extent. Assume that you have technology driven processes with complete automation and alert mechanism in place. Any deviation from process clearly escalates it to the right place and blocks the person to misuse it. Someone at the higher level will have to unlock it using his credentials. In my opinion, all three – People Process Technology are equally important. Any organization is successful where these three pillars are not treated as competitors but catalyst to the growth of that organization. All three have to sync well in order to produce the best!
Corporate Toastmasters is a beautiful concept though not so widespread in India currently. But soon it will increase its density and velocity knowing the benefits a corporate incurs out of it. A recent visit to Toastmaster Event in Noida at a corporate office was quite insightful in this regard. It was wonderful to meet Mike Storkey, International President, Toastmasters International. Also, Deepak Meno, Second Vice President, Toastmasters International was there. The agenda was to conduct a training program for the district officers. Many of the officers were meeting each other for the first time. An open house was also there for the club members. The purpose of this open house was to provide them a chance to interact with these two prominent leaders and other District dignitaries.
In India, InterraIT Toastmasters Club was the first corporate Toastmasters club that came into existence in 2006. By now, under the mentorship and leadership of Mr. Asoke K Laha, Founder and CEO InterraIT, it has gained many distinctions at national and divisional levels. As a matter of fact, Toastmasters provides the members an excellent platform to master in many spectra of leadership. Like, express themselves, socialize, and scale up their communication and leadership skills in a very catalytic and favorable environment. It also gives them a chance to connect with their peers from other organizations and districts. This way, they are able to exchange notes and ideas. This, in fact, works out to the benefit of both sides.
Corporate Toastmasters is a beautiful concept
Mike Storkey and Deepak Menon shared their valuable insights on Toastmasters and how it is important for an employee to scale up their leadership skills. During the open session at Corporate Toastmasters session, there were many intriguing queries from the attendees and media. At times, it becomes difficult for an employee to choose between his job and his journey of Toastmasters. But then it is important to focus equally on both. Because while the job is important for the present, it is the Corporate Toastmasters journey that is very important for future. In fact, not only future, it also helps a lot during their present career journey. Rather, it boosts them to rise faster in their career.
VMUG declares the release of new EUC Explore Experience for VMware Users. VMUG is nothing but the VMware User Group. The new feature EUC Explore delivers the Digital Workspace experience. EUC Explore aims to connect IT professionals, using EUC solutions. In fact, even the enthusiasts who have an interest in the subject are eligible for it. As a matter of fact, it is a unique platform to connect industry experts from VMware, EUC vendors, and community members. A number of sessions including technical insights are there on the EUC products by VMware. In fact, you can learn a lot of things from worldwide industry experts and global practice leads. Like, learn architecture and implementation of best practices. The two-day event includes a number of conferences that are dedicated to all things EUC in either New York City or Minneapolis.
That is not the end. There are EUC-specific tracks at VMUG UserCon events in Boston and Atlanta. As Matt Heldstab, Senior Windows Administrator at Minnesota State Colleges and Universities System states, “VMUG has always been a valuable resource for professional development at our organization, Targeted events such as VMUG EUC Explore give attendees an opportunity to interact with subject-matter experts that would ordinarily be reserved for worldwide conferences such as VMworld.”
VMUG 4 EUC Explore Events in 2017
The Explore conference is in New York City on 16th June while in Boston it is on 1st June. Both these events shall be featuring EUC technical expert Shawn Bass, VMware EUC VP & CTO. In fact, Shawn will deliver the Digital Workspace vision to address key market trends, IT priorities, and increasing complexities in the IT environment. There will be latest announcements in the EUC portfolio. In addition, you will also learn how these initiatives collaborate to deliver a customer simple, enterprise secure experience which enables enterprises to transform in a meaningful manner.
Shawn will also throw light on VMware’s collaboration within the ecosystem with various stakeholders. He will also show the relevance of the digital workspace strategy on technology leaders in the industry. For EUC Explore events, registration is free and the event is open to all members in the tech industry. In fact, this is a golden chance to attend the event as there are only 4 EUC Explore events in 2017. And you should not miss out on this unique end user computing event. To get further details you can visit the event page here. You will find the most up-to-date information, agenda, and VMUG registration link.
New IIoT (Industrial Internet of Things) chip with embedded cryptographic RoT (Root of Trust) is launched by WISeKey. This chip has machine learning capabilities thus making it smart and fit for intelligent activities. The new chip will become an integral part of the company’s IoT cybersecurity vertical platform. This, in turn, will allow IoT devices to organize in a self-manage mechanism into trusted networks. In fact, it will happen on the basis of mutual authentication, identity, and integrity. That way, it makes the complete integration quite secure and safe. Actually, the IIoT chip embedded with cryptographic RoT and problem-solving Artificial Intelligence (AI) solutions is something that has come up for the first time. In fact, this new technology empowers IoT connected devices that can deliver a recognized identity and a valid integrity report to shake hands with peer devices within the community.
Logically, this new IIoT chip will enable autnehticated sensor data. Because, as of now, most IoT devices have no embedded secure systems. And that makes these devices vulnerable to various risks. Thus, by integrating Artificial Intelligence (AI) into any IoT hardware and platform, it can create wonders. These objects when connect to the WISe’s Vertical Platform can mange their own cybersecurity behavior thus making smarter and safer decision capabilities. This, in fact, creates so many proactive and smart capabilties in a device. Any object having this IIoT Chip can produce a huge amount of Big Data. Te analysis of this data with AI can help industrial applications to alert in advance about the failure of their equipment before it actually happens.
IIoT Chip Promises to Do Wonders
In fact, the WISeKey platform is built in such a way that it allows the IoT devices having these chips to communicate authenticated data to the cloud using a dual factor authentication at the device level. For instance, think about a smartcard that sends authenticated data of each component of the car predicting when these parts will go bad or require maintenance. Not only this, it digitaly signs all the logs required to prove that service was provided. This platform is free from any restrictions and thus various industry segments and industrial applications can use it. It optimizes productivity across industris through predictive maintenace of machine or equipments therein thus creating truly smart environment with connected applicanes. As a result it provides critical communication between devices including self-driving cars and smart homes.
What a significant evolution it is? In fact, it brings a huge amount of possibilities to the table. A small IIoT Chip and do so many wonders. In fact, WISeKey creates a technology that ensures connected devices to become intelligent devices. These devices, thus, can learn from attacks, defend themselves, and transfer this intelligence to other devices in the network.
Carlos Moreira, Founder and Chief Executive of WISeKey, says: “This new platform opens up many possibilities for improving the overall security functionalities and creating new business processes by taking advantage of the world of digital identification at the object level, which once combined with Big Data allows us to gather and process all available information and generate actionable insights.”
IIoT Chip is Actually ToC
Moreira adds, “We call this new technology Trust of a Chip (ToC), which offers a full integration of several key security elements on the chip instead of installing and testing these security elements separately on the device. This integration reduces the size of the chip, lowers the cost and increases the level of security as no one can externally access and manipulate the integrity of these chips. The ability to authenticate and remotely manage millions of networked, automated devices and equipment is becoming pervasive − from factory floors, to hospital operating rooms, to residential homes – including billions of objects and devices from refrigerators, watches, wearables to wine bottles – everything that can connect and communicate via the Internet.” Let’s see how many more wonders are the in store for IIoT chip. In fact, there is no end to imagination and giving it a color of reality.
Full-time CIOs will not be a requirement in organizations except those that are very large in size or have a consistently healthy financial status. The way technology is emerging, disrupting heavily the existing legacy IT model of an organization, it will demand a huge change in IT Organization. As a matter of fact, IT footprints are decreasing to a large scale in an organization in terms of manpower. Outsourcing, Cloud, Automation, BYOD, and many such disruptions are responsible for this. As a matter of fact, CIO on demand is a new factor coming into picture in many organizations. Especially small and medium organizations. A drawback in this regard is organizations leaving the orthodox process of hiring a full-time CIO but not availing services of an expert CIO working on a freelance basis.
In that case, a manager of the lower level person in IT, having the senior most position in the hierarchy in IT department starts feeling as CIO and thus creating a confusion in the organization. This guy is not an expert CIO but when an organization starts making him responsible for key IT decisions can create havoc. The whole technology model of an organization depends on right decisions. A wrong decision can take an organization many steps back. At times it becomes a big risk. In fact, it takes a lot of energies and money to mitigate it. Rather, it might lead to a reputation risk too in some cases. Organizations, thus, need to be wise at this juncture of transition in the IT Organization model.
CIO On Demand Is a Reality Now
But one thing is sure that CIO is not a full-time requirement in many organization. To stay in the fray, many CIOs adopt a strategy to keep creating issues and then drawing management’s attention to it in order to stay important in their eyes. In fact, such strategies will not work for long anymore. As a matter of fact, CIO on demand is already a reality. Many CIOs are leaving their full-time job to adopt this role for more challenges.
CISOs or CIOs roles are changing very dynamically. In fact, sometimes organizations have unreasonable expectations from these roles. Especially when you are working with global clients, the perspective change happens altogether. An organization must be very clear in defining JD of all key IT roles so as to differentiate and substantiate in a very objective manner. It is a persistent problem in MNCs in India. Elsewhere, like in Europe, Australia, New Zealand, and Canada don’t face such issues. JDs of key IT roles are quite clear there. In fact, they are bang on target. Changing Roles and Clarity of roles is a big concern in IT.
ISO/IEC 33000 now replaces ISO/IEC 15504. As a matter of fact, no changes have been made to reflect the updated standard. And the design of all processes is on Risk-Based Approach. Capability level of your Change Management process can be handled easily through a COBIT 5 Assessor. ISO 15004-2:2007 specifies fundamental requirements for optical radiation safety for ophthalmic instruments and is applicable to all ophthalmic instruments that direct optical radiation into or at the eye and for which there is a specific light hazards requirement section within their respective international standards. That way 15004 provides you the ability to assess and arrive the process capability. All this needs to be managed along with the changing roles in IT framework.
Changing Roles is creating big gaps
Development experience helps understanding application security well. For instance, if an organization uses SAP, the scope is mostly limited to Access Control and provisioning. If you notice, the European Infosec framework is well defined and robust. While the USA has too many loopholes. This is a true fact regarding changing roles. Coming back to JD’s, this problem is more persistent with US and Saudi Arabia companies. They even ask for CISO or CIO with a SAP, Hadoop, and .Net expertise even when inviting applications for Environment Security experts. Another ambiguous requirement that an organization had was for an Infosec Manager with ISO14001, ISO5001, CCNP, and an expertise in VLSI and Data Analytics. You would be wondering how original it could be.
In India for every cyber attack, you need to report it to CERT-IN. An interesting point to understand is how many companies follow Cobit 5? Quite a few are having their own processes and frameworks. In fact, how many organizations crave for process maturity? How do they manage their processes in terms of performance, management, and definition in a quantitative manner? Rather how many of those keep optimizing their processes on a regular basis? What is the optimization process? In the current scenario of increasing global cyber threats, it is very important to introspect these critical points to ensure that your organization is moving in right direction. Awareness about cyber attacks, threats, and vulnerabilities is quite important. Persons responsible for the cyber security of any organization can’t stay away from these burning issues anymore. In fact, ownership is quite important in these matters.
When we talk about 33XXX series of certifications, its aim is to facilitate process assessment. It has nothing to do with Risk or Cyber attacks. Since it derives from SPICE, that was used for software processes, management of process concept is derived from CMMI. In this regard, it is important to align the roles to processes. Though it is not straightforward and simple as it may appear. Because some processes cut across and overlap between multiple roles. For instance person responsible for managing suppliers has to manage multiple roles. Like procurement, contracts, invoicing, and governance. Largely, organizations believe in ‘build and run’ model. ISACA has yet not published the enabler Guide for Organization Structure. That is one of the reasons most of the organizations have their own approach on how to build their IT Organization. Still, the biggest challenge remains the mapping of key processes to respective owners.
Cyber Attacks are increasing worldwide
Logically, ownership must happen in a way that there remains no ambiguity. ISACA seems to be a very practical approach because it helps you to implement all in one go. And managing Cyber attacks in today’s scenario is very critical. Because it impacts on financials, reputation, and operations in a big way. In fact, if production head is answerable for the low product, so is the security expert for security leaks.
Digital India drive has different meanings for different companies. There are companies that are present on most of the key digital platforms actively. These kinds of companies actually live with reality and care for their customers. When I say they are present actively, that means they are prompt in replying to any query from their different stakeholders. I think social media platforms are the best to reach to anyone in today’s world. In fact, it removes the hindrance of geographic barriers. You post a tweet and within minutes you get a reply. And, in fact, the reply will be relevant. Not just for the sake of reply. And then you will get a call from their social media team to understand the problem and discuss the solution. Not only this, they will ensure that the job is done and that too within stipulated timeframe. That is the beauty.
One such live example of such kind of companies is Airtel. Such kind of actively connecting companies are not there in high volume. In fact, these companies are the bright example of turning mission of Digital India to reality. And then there are other kinds of companies that are a shame in the name of Digital drives. One such company that comes to my mind is Mother Dairy. Such company serving to masses must have ample and easiest possible means of accessibility which lacks in this case. In fact, there is no willingness that you see in their initiatives. Otherwise, is it difficult for them to create a strong social media team that builds a strong engagement with their huge customer base? Why can’t they publish their daily rates of vegetables and fruits on their portal or mobile app?
Digital India – Different Perspectives
As a matter of fact, how much time does it really take to build such small interesting but very useful features? It all depends on your mindset to understand the real meaning of Digital India. Mother Dairy is more than a four-decade-old organization in India.
Archive360 launches another world class product. It is Commvault Simpana Email and Data Migration Solution that enables fast and accurate migration into Microsoft Cloud. FastCollect is a perfect solution for Archives Commvault Edition. In addition, there is a freedom to choose. It extracts email, attachments, and all other data from Commvault Archive in order to complete compliance to It, Regulatory, and Business requirements. Rather, it preserves full data fidelity and audit trails. This helps you to ensure legal eDiscovery readiness and any other regulatory compliance. Archive360™ is a pioneer in data migration and data management solutions for the Microsoft Cloud. It announces the general availability launch of its FastCollect™ for Archives Commvault Edition. In fact, this is the first and only Commvault Simpana Email and Data Migration Solution.
Speed and accuracy are the key ingredients of Commvault Simpana Email and Data Migration Solution. The salient features and benefits of FastCollect for Archives Commvault Edition are as below:
- It is a multi-threaded, multi-server platform. Therefore, it provides the best performance and accuracy of all migration solutions.
- The native Commvault APIs enable search and filtering of emails by various parameters. Like date range, custodian, or any other useful criteria.
- Zero reliance on Commvault API ensures fast and accurate data extractions.
- It takes care of message level chain of custody reporting. Thus legally defensible reporting controls eDiscovery risk thereby ensuring strict SEC regulatory compliance.
- The best part is that it does not require indexing or data gathering before extraction. Therefore, it begins message extraction within no time of installation. Whereas you talk of any other extraction solution and that will take days or weeks to index before start. That is the real beauty of this product.
- Another best thing is its intuitive and powerful graphical user interface. This virtually eliminates any need for training. And in turn, it ensures faster time to migration.
Michael Osterman, Principal Analyst, Osterman Research says, “Commvault Simpana has been a popular enterprise backup software platform that was intended to streamline backup, archiving and reporting. However, it can be more complicated and expensive to manage than many enterprise customers anticipated. Moreover, once the enterprise data was captured in the Commvault Simpana archive, there was not an adequate solution for extraction and migration to an alternate platform. IT professionals that have experienced limitations in their Commvault archive, and have wanted to move or at least explore other possibilities now have a solid option to do so with Archive360’s new FastCollect for Archives Commvault Edition.”
Commvault Simpana Email and Data Migration Solution
Bill Tolson, Vice President of Marketing, Archive360 adds, “For countless organizations around the world, to better meet IT, business, legal and compliance requirements, as well as the desire to simplify management and lower costs, organizations are moving their on premise email and data archives into the cloud,However, for those that are sitting on terabytes of data locked-into a Commvault archive, this goal has been out of reach… until now. Archive360’s new FastCollect for Archives Commvault Edition enables Simpana users to quickly, easily and accurately extract everything from raw messages to attachments to metadata, while maintaining an item-level audit trail and full data fidelity, for compliance and legal requirements – and then migrate it into the Microsoft cloud, or other solution of their choosing.”
Archive360’s new FastCollect for Archives Commvault Edition is available now. And probably that is the best of class Commvault Simpana Email and Data Migration Solution.
Now, data from all these sources can be tapped and integrated into a single display—effectively a management HUD — that can create a single source of truth. Trending information is offered in the form of histograms; then using Pareto charts, the next level of analysis reveals the most prevalent causes of KPI anomalies, along with the factors most likely to positively impact and resolve those outliers. The dashboards also identify “improvement levers” that will accelerate deployment of solutions.
The ability to see multi-disciplinary performance data, in one place and in real-time, allows managers to respond immediately to unfolding situations. Countermeasures and preventive actions are more likely to be deployed. Because unfolding situations are more quickly addressed, larger strategic objectives are also more likely to be achieved.
In implementing such a system, it helps to have outside assistance. Deploying a cross-discipline, integrated management solution requires three essentials:
- First, a process and structure that helps the company determine its goals and requirements for the solution, along with the help chains that are available.
- Second, a complete inventory of metrics, in a hierarchical format, that will define desired behaviors and performance. Bad metrics drive bad behaviors—and good metrics drive correct results. The right metrics will foster a culture of improvement.
- Third, a regimen of coaching to help the management team use its HUD correctly. Positive results require ongoing mentoring and support; for most companies, such coaching resources are not available internally.
With the speed of business accelerating, it’s essential that managers keep pace by having actionable, current information close at hand. By integrating real-time data in one place, in a form that provides insight and suggests solutions, it’s possible to match the rate of change in business—and effectively navigate the path ahead.
Most of the organization’s environment is multifaceted and complex. And hence it needs a cross-discipline, integrated management solution. In fact, even if any organization starts simple, growth is something that automatically creates complexity. Because, as an organization grows, the number of people, processes, and functions also grow. This growth brings different paradigms, benchmarks, and people with different ideas on board. Below part is in continuation to David Pate’s ideas from previous post on managerial skills in today’s enviroment:
Without a heads-up display to provide more complete understanding, what people see is often only part of the picture. A disconnect occurs between perception and true situational awareness. HUDs, for example, have given aviators a new way to instantly assimilate all the data pertinent to their task, then immediately influence the outcome of that task.
Obviously, business is a similarly challenging, data-driven pursuit. Until now there hasn’t been a way to gain a single, clear view of the factors driving the most complex processes in business—one that integrates data from many disparate sources into a single dashboard. But that situation is changing.
In particular, small-to-medium sized companies have not had the ability to integrate data from multiple disciplines—finance, sales, manufacturing, human resources, R&D, and so on—to gain a holistic view of affairs. Until recently, the only option was expensive and slow manual collection. As a practical matter, this made it impossible to use integrated data for anything more than retrospective analysis.
A new breed of solutions, however, can pull data out of their siloed repositories, in real time, combining for instant comprehension. The range of acceptable sources is remarkable: SQL Server Reporting Services, flat files, sensors both in the field and in company facilities, and enterprise systems spanning Enterprise Resource Planning, Supply Chain Management, Customer Relationship Management, and Manufacturing Execution Systems, to name only a few.
The concluding part of this article is in the next post.
David Pate is Managing Director of TBM Consulting Group. The company is into operations and supply chain consulting.The scope of work includes helping clients leverage operational excellence using lean and other technological advancements. In the later half of March this year, TBM Consulting Group launches Dploy Daily Management. This is a powerful tool residing on the cloud that tracks execution and performance metrics. Not only that, it also performs root cause analysis suggesting countermeasures mitigate a potential risk. It integrates well with key business applications like ERP, MES, CMMS etc. The ultimate goal of the suite is to enhance and improvise effectiveness of daily management activities with the help of a close tracking mechanism of individual metrics.
David Pate writes an exclusive byline for my blog readers to equip them with the essential knowledge that managers should have. Here we go:
Wouldn’t it be great to have a heads-up display for business? A way to gain a holistic view, correctly and in real time, of what is happening so you could react effectively—and still keep your eyes on the horizon ahead?
Heads-Up Displays (HUDs) have been available for fighter pilots since the late 1950s. Thanks to technology advances, however, HUDs are today a deployed in more situations and applications than ever before. Common in commercial aviation, HUDs have found their way into automobiles, game consoles, race cars, and military vehicles; currently under development for soldiers and surgeons, the displays are being considered for everyone from skiers and scuba divers to runners and even tourists.
HUD technology is in strong demand for one critical reason: it brings together performance-related data quickly, without diverting attention and while there is time to act. Invaluable for complex and fast-evolving environments that are impacted by many variables, the appeal of HUDs is to be found in their ability to put many forms of data in a single place.
This article continues in next two posts.