VitAL Magazine January-February 2013 by 31 Media

vital Inspiration for the modern business volume 6 : Issue 3 : January / February 2013

getting your house in order Better it estate management

Unlearning itil how jargon-busting could be your secret weapon with non-it staff

embracing the mobisocial world how it service organisations are getting mobile and social featUre focUs: cloUd or on PreMise? getting the best of both Worlds: 28-31

LEADER

: -) nu yr Leader

here seems to be a degree of optimism amid the gloom as we enter 2013. For a start it seems like the Mayans were wrong (actually as I write

this at the end of 2012, the jury is still out on that one!) and we have survived. News reaches me – via Jonathan Westlake’s column on page 60 – that December 3rd 2012 marked the twentieth anniversary of the sending of the first SMS text message. Mobile phones certainly weren’t as ubiquitous then as they have become and although by the early ’90s they weren’t the ‘house bricks’ familiar to anyone who grew up in the 1980s, they were still somewhat chunkier than we are used to now. Having worked in marketing for a major Swedish telephone infrastructure supplier and mobile phone manufacturer at the time I can vividly remember the ad campaigns for the then popular Baby Ericsson mobile phone which I can only assume was so called because it was the size of a healthy newborn baby. The texting functions on these mobiles seemed like a superfluous extra at the time, even so I remember being baffled by the popularity of paging in the United States which, with the advent of SMS texting seemed like even more of a redundant technology. By the end early ’00s texting was so widespread that an elderly relative of mine had given me as a novelty Christmas present a book on how to ‘Txt Spk’. What all this rambling goes to show is that you only ever really get a good idea of what technology is going to deliver once that technology has had a chance to bed in and find its ideal user base. Texting like the social media that would follow was something that was picked up and taken to by the young predominantly because it offered them a cheaper alternative to the ‘voice’ capabilities of their phones. And now social media offers a virtually free alternative to texting. The figures bear this transition out with a massive drop in the usage of SMS texting in the last few years. Even so the figures for the amount of texts sent are still pretty mind boggling even taking this reduction into account. So time marches on and we await the arrival of the next quiet revolution... Until next time have a very prosperous New Year.

Matt Bailey, Editor

If you have any thoughts, feedback, or suggestions on how we can improve VitAL Magazine, please feel free to email me matthew.bailey@31media.co.uk

www.vital-mag.net

January / February 2013 : VitAL 1

vital Inspiration for the modern business

VitAL : Inspiration for the modern business

vital Inspiration for the modern business Volume 6 : Issue 3 : January / February 2013

CONTENTS

Contents 6 News THE VitAL COVER STORY

10 Embracing the mobisocial world SENTHIL NARAYANAN AND BALAJI TS What is holding companies back from fully embracing social media? Senthil Narayanan and Balaji TS from Hyderabad, India-based IT services giant Mahindra Satyam give their perspective on this issue.

Getting your house in order Better IT estate management

Unlearning ITIL How jargon-busting could be your secret weapon with non-IT staff

Volume 6 : Issue 3 : January/February 2013

Embracing the mobisocial world How IT service organisations are getting mobile and social FEATURE FOCUS: CLOUD OR ON PREMISE? GETTING THE BEST OF BOTH WORLDS: 28-31

Editor Matthew Bailey matthew.bailey@31media.co.uk Tel: +44 (0)203 056 4599 To advertise contact: Grant Farrell grant.farrell@31media.co.uk Tel: +44 (0)203 056 4598 Production & Design Toni Barrington toni.barrington@31media.co.uk Dean Cook dean.cook@31media.co.uk Editorial & Advertising Enquiries Tel: Fax: Email: Web:

+44 (0) 870 863 6930 +44 (0) 870 085 8837 info@31media.co.uk www.vital-mag.net

Printed by Pensord, Tram Road, Pontllanfraith, Blackwood. NP12 2YA

VitAL SIGNS – LIFE IN A WORLD WITH IT

13 PM = less IM STEVE WHITE Armed with empirical evidence, this issue Steve White can demonstrate exactly how his speciality – Problem Management – delivers a very clear return on investment.

VitAL MANAGEMENT

14 Getting your house in order RAY BLACKMAN If you really want service excellence, one prerequisite is to have your ‘house’ in order. Ray Blackman discusses why, and how, organisations need to better understand and manage their IT estate (assets) as a basis for improving service, reducing costs and mitigating risks.

16 The Cloud and data protection – a legal perspective KIM WALKER Whenever a new IT project is being planned more and more businesses view this as an opportunity to use a Cloud solution, but Kim Walker says be careful where you put your data.

© 2013 31 Media Limited. All rights reserved. VitAL Magazine is edited, designed, and published by 31 Media Limited. No part of VitAL Magazine may be reproduced, transmitted, stored electronically, distributed, or copied, in whole or part without the prior written consent of the publisher. A reprint service is available. Opinions expressed in this journal do not necessarily reflect those of the editor or VitAL Magazine or its publisher, 31 Media Limited. ISSN 1755-6465 Published by:

20 Balancing the benefits of BYOD JASPREET SINGH Corporate IT is caught between a rock and a hard place when it comes to BYOD. It can either ban it and stifle productivity or allow freedom and potentially expose corporate data to breaches. Jaspreet Singh helps you strike a balance.

VitAL Magazine, Proud to be the UKCMG’s Official Publication ITIL is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is Registered in the U.S. Patent and Trademark Office. ®

24 Reading the runes for 2013 VitAL asks a select group of IT industry executives to suggest what they think is in store for the IT world during 2013.

PRINCE2® is the Registered Trade Mark of the Office of Government Commerce MSP® is the Registered Trade Mark of the Office of Government Commerce

SUBSCRIBING TO VitAL MAGAZINE

VitAL Magazine is published six times per year for directors, department heads, and managers who are looking to improve the impact that IT implementation has on their customers and business. For a FREE annual subscription to VitAL Magazine please visit: www.vital-mag.net/subscribe January / February 2013 : VitAL

Subscribe FREE to the most VitAL source of information vital vital VitAL : Inspiration for the modern business

VitAL : Inspiration for the modern business

for the modern business VitAL : Inspiration

vital

Sponsoring VitAL’s 30 Leading IT Service Management Providers.

Editor’s Focus page 43-61. Inspiration for the modern business

mod ern busi ness Insp iratio n for the / August 2012 Volume 5 : Issue 6 : July

Volume 6 : Issue 1 : September / October 2012

page 43-60

Inspira tion for the moder n busine ss Volume 6 : Issue 2 : November / December 2012

Project management Don’t sacrifice the fundamentals for speed!

The future of service automation

Wanted: IT innovation s Don’t put your busines dip at risk during a double

Making the case for automation from the cloud

Software licensing

The Big Data transformation

The benefits of best practise

How it’s changing business in the

Risk management

The changing world of IT outsourcing Volume 6 : Issue 2 : November/Decem ber 2012

Volume 6 : Issue 1 : September/October 2012

6 : July/August 2012 Volume 5 : Issue

lueFirst among equals Instant IT addingRexvJohanso n IT making a difference in the charities sector Confused.com’s enomenon on the price engine ph

value!

VitAL canvasses the industry abo ut what’s hot and what’s not for 201 3

FEATURE FOCUS: LIFECYCLING YOUR WAY THROUGH THE EVOLUTION OF IT SERVICE AND SUPPORT: 34-37

MOVE INTO WOULD A SERVICE DESK FEATURE FOCUS: WHY

THE CLOUD?: 20-23

VISIT VITAL ONLINE AT: WWW.V ITAL-MAG.NET

News, Views, Strategy, Management, Case Studies and Opinion Pieces

vital Inspiration for the modern business

www.vital-mag.net/subscribe 31 Media will keep you up to date with our own products and offers including VitAL Magazine. If you do not wish to receive this information please write to the Circulation Manager at the address given.

CONTENTS

Contents 28 The best of both worlds KEVIN SMITH If fully embracing the Cloud is a step too far for your Service Management operation, perhaps a hybrid approach is what’s required. VitAL speaks to the vice president and general manager of FrontRange’s Cloud Business Unit, Kevin Smith about why, for many, a hybrid approach is preferable.

VitAL COMPANY PROFILE

44 Remote support revolution JOEL BOMGAR On a mission to change the way IT support is done, when Joel Bomgar founded his company in 2002, there was already a growing business case for remote IT support, and the latest developments in Cloud and BYOD are only adding to that demand.

32 The importance of malleability House-on-the-Hill Software takes a look at the importance of malleability when selecting a software tool, and considers the role that Continual Service Improvement plays in the evolution and pro-active management of a business’s software, in order to extract ultimate value now and in the future.

VitAL PROCESSES

34 Five steps to outsourcing your business IT functions to the cloud MICHEL ROBERT What practical steps should you take if you are considering outsourcing parts of your IT infrastructure from in-house physical servers to a remote, cloud environment? There are five key steps that a business should consider according to Michel Robert.

38 Is virtualisation the answer to the BYOD conundrum?

48 The dummies’ answer to authentication ANDY KEMSHALL Which is more secure, hardware or software authentication and which should you choose to prevent becoming the next victim of a breach? With hacking back in the news Andy Kemshall discusses which is the best way to authenticate your users.

52 Big data: driving changes in supply chain management KARSTEN HORN How is ‘Big Data’ being used in the real world? Karsten Horn explains how it is driving change in supply chain management.

56 What can organisations do to combat the insider threats? AMICHAI SHULMAN

ALASTAIR BROOM

How can you be sure that you haven’t got an enemy within and your organisation isn’t facing an insider threat? Amichai Shulman has a few tips on tackling this tricky problem.

BYOD is creating a number of challenges for IT departments that can see the benefits but are concerned about security, compliance and the administration of this mobile environment. Alastair Broom says virtualisation provides a solution.

42 Unlearning ITIL or changing taxonomy? ROS SATAR ITSM/ITIL practitioner Ros Satar describes how many in the IT service management business are having to leverage IT capabilities into a non-IT space – that is, they need a centralised and consistent Service Desk without using any ITIL terminology. But what does this what this mean for ITIL?

VitAL EYES ON

43 SMS HB 2U! JONATHAN WE4STLAKE Jonathan Westlake is celebrating the 20th anniversary of the first SMS text message.

www.vital-mag.net

VitAL EVENTS

58 The definitive Cloud event Cloud Expo Europe, the leading seminar-led exhibition and conference for the Cloud computing and virtualisation sector, opens its doors at Olympia to IT decision makers and technology leaders at the end of January.

60 Show time! The leading names in IT Service Management will be represented at SITS13 – The Service Desk & IT Support Show on 23-24 April 2013 to London’s Earls Court.

64 Secret of my success Rik Prins, managing director, TOPDesk UK.

January / February 2013 : VitAL

NEWS

BYOD TREND FUELLING CONSUMER APP ADOPTION IN THE WORKPLACE

HILE THE BYOD trend is most commonly associated with employeeowned smartphones and tablets entering the workplace, new research from LogMeIn and Edge Strategies reveals another growing aspect of employee-driven tech adoption: the rise and impact of bring-your-own-apps or BYOA. The research found that nearly 70 percent of small and medium businesses report active use of employee-introduced applications, including the likes of cloud sync and storage apps (eg

Cubby, Dropbox, SkyDrive), collaboration apps (join.me, Skype, GoToMeeting), productivity apps (Google Docs, Evernote), and social apps (Yammer, LinkedIn). More than a third of SMBs surveyed feel this trend will increase significantly over the next five years. And in spite of security and management concerns only 22 percent of IT pros indicate they are fully prepared to handle BYOA and 43 percent are concerned with lack of control over these apps, while most SMB IT pros expect their policies to increasingly embrace

and encourage the use of such apps over the next couple years. The survey included findings from roughly 1,200 US, Canadian, UK, Australian and New Zealand-based SMBs, and covered how applications were first introduced to the workplace (employee-introduced vs. company introduced), current and expected IT policies around BYOA, various approaches to managing and securing such apps, as well as the expected impact such a change will have on skill sets required of tomorrow’s SMB IT Pros.

Firms wasting Treating SLAs as an afterthought is placing money on mismanaged businesses at risk O

RGANISATIONS THAT take a careless approach to meeting SLAs are placing themselves at great risk according to a study from Centrex Services. The study reveals that just 42 percent of service organisations have consistent SLA processes in place and barely a third standardise their return commitments. The research also shows the importance organisations place on returns, refurbishment and repair has leapt 55 percent in a year, with 90 percent stating that the efficient management of this operation is critical to the long-term financial performance of the business. Mike Heslop, owner of Centrex Services, says, “For too long businesses have been content with their failing SLAs, but the results from this study should prove be a wake up call. Organisations have to act now to change the perception of their SLAs, or risk commercial underperformance and the real threat of losing customers. To improve SLA perception, organisations must strive to create a consistent link throughout the entire service supply chain; from logistics, field service and field repair to all other service operations. By introducing a level of predictability and stability, companies can manage the volatile nature of demand. It can also enhance service efficiency and provide a differentiated experience, which is crucial to meeting increasing customer expectations from SLAs. “By harmonising the service operation businesses can change the perception of their SLAs and reap the financial and reputational benefits that an enhanced customer experience can bring. The joke will then be on those organisations that continue to place less value on SLA fulfilment, as the industry begins to pass them by.”

6 VitAL : January / February 2013

storage

IRMS MUST learn to manage their storage space effectively or risk haemorrhaging cash on unde r- u tilise d and expensive solutions that fail to meet their business needs according to a panel of storage experts from industry giants including Dell and IBM. Neil Lathwood, technical director at hosting and cloud specialist UKFast said: “With buzzwords like big data and thin-provisioning circulating the business IT world, storage is finally becoming a ‘trendy’ topic but little is actually being done by businesses themselves to combat the ever-growing needs and the costs associated with these needs.” Andy Hardy, head of storage sales at Dell UK, added: “The cost of storage is an escalating problem because the amount of storage that we need to deal with, our business data, grows very rapidly – doubling capacity around every two years – but our budgets don’t grow alongside this.” As businesses come to rely on more digital data than ever, the solution to accommodate the operational costs of managing huge data sets is to ensure that the storage space businesses have is managed as efficiently as possible, advised Lee McEvoy of ISI UK. “Organisations need to find a storage solution that will help them improve their storage efficiencies. It’s the dirty secret of storage that there are huge utilisation inefficiencies. For every 100TB of disk you buy, you may only be storing 30TB of data on there. Through storage virtualisation, compression or auto-tiering, firms will have flexible, cost-effective storage solutions that can dynamically grow with business needs.” Barry Whyte, virtual storage performance architect at IBM warned: “Businesses must address how they can get their operational costs down as soon as possible by investing in technologies that will help them get more out of what they have already got.”

www.vital-mag.net

NEWS

Top five security threats for 2013 T HE INFORMATION Security Forum (ISF) has announced their forecast of the top five security threats businesses will face in 2013. Key threats include cyber security, supply chain security, big data, data security in the cloud and mobile devices in the workplace. “Organisations must prepare for the unpredictable so they have the resilience to withstand unforeseen, high impact events,” said Steve Durbin, global vice president of the ISF. “We recommend thinking about threats in the context of the most valuable resources in your organisation, consider which threats are most likely to create significant risk and which could have considerable impact. Finally, share these threats and resilience-based approaches to mitigating risk with senior management and other functions such as risk management, risk committees and business continuity planning teams.” The top five threats identified by the ISF are not mutually exclusive. They can combine to create even greater threat profiles and they are most certainly not the only threats that will emerge over the course of the next twelve months. The ISF has determined the five most prevalent threats to be: Cyber (in)Security: Increased government presence in cyberspace will have a profound impact on the future of information security. Targets for espionage will include anyone whose intellectual property can turn a profit or confer an advantage. An extremely important aspect of cyber security will continue to be the protection of critical national infrastructure. A real cyber security concern however, could be a full internet or telecommunications blackout in the eventuality of a sophisticated cyber-attack aimed at the internet infrastructure and whilst unlikely, it remains a possibility. Supply chain security: More organisations will fall victim to information security incidents at their suppliers. From bank account details held by payroll providers, to product plans being shared with creative agencies, today’s organisation’s data is increasingly spread across many parties. While the IT function can provide an inventory of all data they hold, it is difficult to do that throughout the supply chain. Big data: As big data continues to become a game-changer for businesses, the security risks have become even greater. From structured and unstructured data within the network of enterprise

PCs and servers to consumer-friendly smartphones, laptops and storage devices that introduce new data management challenges, businesses can be easily overwhelmed by the risks posed by big data. Securing both the data inputs and big data outputs present a key challenge that can impact not just potential business campaigns and opportunities, but also have far reaching legal implications. Data security in the cloud: The rising costs that are associated with proving cloud computing compliance and external attacks on the cloud will increase in 2013. While a number of organisations are now implementing strategies for cloud computing security and compliance, businesses still have a way to go in certain areas, mainly because a lot of organisations still do not know where they have cloud implemented across their business. Consumerisation: If implemented poorly, a personal device strategy in the workplace could face accidental disclosures due to loss of boundary between work and personal data and more business information being held in unprotected manner on consumer devices. An additional security concern is related to location information which could be used for criminal purposes. The popularity of sharing or disclosing location online and the proliferation of GPS enabled devices will increase all types of crime exploiting location information.

MET OFFICE GETS CLOUD AWARD

A CONSULTING Group and the Met Office, have scooped both UK IT Industry Awards they were shortlisted for. The project for the Met Office’s Weather Observation Website (WOW) was awarded ‘Best use of cloud services’ and ‘IT project demonstrating most effective use of collaborative technology’. The winning project, developed by a team of user experience and software developers at PA alongside technical resources from the Met Office and Google, used Google App Engine to build and host web applications on Google’s infrastructure. The Met Office was able to meet its objectives and launch the WOW service with zero up front infrastructure costs, scaling

www.vital-mag.net

automatically to meet the variable demand from the UK and further afield. WOW has enabled the Met Office to engage with weather enthusiasts, school students studying weather and climate and other organisations to create an active global online weather community sharing weather data and photos. This has had over 60 million weather readings from over 150 countries worldwide uploaded to the site in its first year. Dan Rossner, IT innovation expert at PA Consulting Group, who led the delivery of the project, said: “Winning both of these awards shows that there are tangible, compelling and really innovative success stories out there using the cloud today. This has been a hugely exciting

project to be involved in and now more people can see what is possible and have new ideas for the future. The joint team recognises that PA and Google as consulting and technology partners were able to take the Met Office’s vision for a social weather platform and work together with the Met Office to turn it into a success, which now, with the backing of an award, can grow in even more exciting ways in the future. It is inconceivable that this project would have started without the use of Cloud technology – using traditional technology, scaling cost risks and integration costs with personal weather station data would have been unacceptable. Cloud technology gave us a cost effective low risk solution.” January / February 2013 : VitAL 7

NEWS

Social networking is number one risk T

HE CONSUMERISATION of IT has made security far more difficult to manage according to new research from McAfee. This is exemplified by the introduction of personal devices, the growth of social networking and the explosion of employee-created and managed data. Nearly 62 percent of respondents cited social networking as a significant threat to information security in their organisation, while the growth of emails and other unstructured data came a close second with 59 percent acknowledging it as a serious risk. When it came to mobile security, the single biggest problem remains not the technology but the practices and behaviours of users, with employees’ failure to follow data-retention policies and lost or stolen devices topping.

IT professionals harbour deep concerns about the impact of BYOD on security and threat management. Fewer than one in five respondents said their organisations had a comprehensive BYOD policy for users’ personal mobile devices, and more than half of those whose organisations had such a policy felt it increased security complexity significantly or moderately. “It’s clear that security professionals are dealing with an increasingly complex threat landscape,” commented Raj Samani, EMEA CTO at McAfee. “With employees wanting the same experience in the office as they have at home, it’s no surprise that social networking emerges as a serious concern for the IT department. As the consumerisation of IT continues to extend its reach into the workplace, it’s crucial for IT to take control and set manageable policies for employees to follow.”

Rising complexity and lack of optimisation cause storage woes in 2013 O

RGANISATIONS NEED to optimise storage before they are overwhelmed with new hybrid systems, according to research from Computacenter, a leading independent provider of IT infrastructure services. According to the survey of 140 IT managers, organisations are not optimising their storage environments, with 70 percent of organisations putting data on to tier 1 storage and not touching it again for years. With 36 percent of companies having 1050TB of data on tier 1 storage it is estimated that these companies could be wasting up 21TB of data, wasting valuable resources. “The correct tiering of data is vital, however it is something which many organisations are still struggling to get right,” says Bill

McGloin, practice leader, storage and data optimisation, Computacenter. “Unfortunately too many organisations are taking the blanket approach to storage and moving everything to expensive tier 1 systems. Not only is this unnecessary but it is one of the biggest drains on a company’s finances. I can’t stress the point enough that unless it requires tier 1 storage, keep your data somewhere else.” Despite this problem, 61 percent of IT managers predict that they are planning to use hybrid storage arrays over the next three-to-five year period. With 38 percent also admitting that they know the change would make their storage environment more complex, this may cause more problems than it solves.

McGloin concludes, “It is cause for concern that so many organisations are looking to make their storage environments even more complex over the coming years, without having a handle on what they have in place at the moment. What makes the situation even worse is that 48 perecnt admit that they are worried that their data is stored on the wrong storage tiers, but are still contemplating adding further systems to their environments. Before investing in complex hybrid solutions IT managers need to address how they store their data and ensure that it isn’t occupying costly tier one space, unless it needs to be. However, once these issues are addressed, 2013 could be a very successful year for storage technologies.”

UK BUSINESSES UNABLE TO COUNT THE COST OF SECURITY BREACHES

K BUSINESSES are unable to count the cost of a security breach, according to new research commissioned by CipherCloud. According to the survey of over 300 business decision makers in UK companies across key markets including financial services, healthcare and government, nearly 70 percent of respondents were unable to estimate the cost of a security breach. This was despite admitting they had concerns about security risks when it comes to putting their information in the cloud. Despite the frequent public announcements about information being breached by cloud threats, including malicious hackers, accidental leakage, and even insiders at cloud application providers, the percentage of senior business 8 VitAL : January / February 2013

decision makers unable to estimate the cost was surprisingly high in relation to the adverse impact on their organisations. With responsibility for security now residing with the company that owns the data, not the cloud provider or services company taking care of it, according to the Information Commissioner’s Office (ICO) recent guidelines on cloud computing, businesses need to get to grips with relevant legislation and possible fines that are being levied at those found to be non-compliant. “Our research reveals some interesting insights into the minds of senior business professionals, with a lack of understanding of the true cost of the breach of their sensitive information,” said Richard Olver, regional

director of EMEA at CipherCloud. “On the other hand, it’s clear that organisations are very concerned about the risk of their information being breached.” www.vital-mag.net

COVER STORY

Embracing the mobisocial world What is holding companies back from fully embracing social media? Senthil Narayanan, AVP Solutions Group, Mahindra Satyam Europe and Balaji TS, AVP head of innovation programs, Tech Mahindra CTO Office from Hyderabad, India-based IT services giant Mahindra Satyam give their perspective on this issue.

10 VitAL : January / February 2013

www.vital-mag.net

COVER STORY

NE OF the major challenges facing IT service organisations in 2013 that comes up consistently in poll after poll is social media. Mahindra Satyam is an Indian IT services company based in Hyderabad. Company assistant vice presidents Senthil Narayan and Balaji TS explain how their large outsource service management organisation is dealing with the rise of social media. “Today the world is an ICT world,” says Balaji TS, assistant vice president head of innovation programs, Tech Mahindra CTO Office. “And this has lead to the ‘mobisocial’ world. Every enterprise is a social setting in itself and there is a lot of interaction and collaboration that goes on inside companies towards the stated purpose of business. This setting lends itself very easily to social interactivity platforms. Of course we already had the usual email systems in place, we even had other things like salesforce.com which has its own internal social medium. We feel that enterprises today are moving away from email-based activity. There will always be the telephone and other direct forms of activity, but as companies grow and get more people on board, the number of emails can get to the stage where it is really maddening. I actually end up handling more than 300 mails a day, many of which aren’t relevant to my day-today job. And it’s not just the spam, it’s the well intended CC copies that are sent around that can also be annoying. “The focus of email today is on the individual to whom you want to write the mail rather than on the topic,” explained Balaji TS. “There is something fundamentally wrong with the way email systems have been designed. There is a need for a collaboration platform that brings people together around topics and this is the way we see social media today, this is how we have found it to be effective. We have had a few experiments within our organisation where we have set up a Facebook-like platform based on open-source tools and we have had communities interact on that. We found this quasi-social grouping to be a far

www.vital-mag.net

more effective mechanism for collaboration. We found this made a lot of sense for our organisation which is spread across the world from Australia to California.” According to Balaji TS, existing collaborative systems are not completely effective. “They put the people in the centre rather than the topic,” he argues.

The mobility angle One of the major developments in IT over recent months and years has been mobility and this has to play its part in the mobisocial world too. “It is a well known fact that the reach of wireless and broadband – mobility – has been growing,” says Balaji TS. “There are more people accessing office applications from their mobile devices – if the security permissions have been granted – than on the trusted office networks these days. Obviously the enterprise cannot allow security to be lax in terms of how people get in to company systems. “There are two angles to the whole thing,” he continues. “Once you have encouraged a mobile device to be brought in, you need to strengthen the connectivity between the device and the enterprise – that’s one part – but the mobile device is also connected to the rest of the world, so you need to have policies that enable the device to be used safely. For example, in my office I can connect to the office network from my iPad or any other mobile device over wifi. I could take data off the company network and put it into something like Dropbox. This could be a real issue because the mobile devise might not be supplied by the enterprise. Interactivity becomes two dimensional: within the organisation and outside too. These are the two dominant features: the mobile and the social.”

There is a need for a collaboration platform that brings people together around topics and this is the way we see social media today, this is how we have found it to be effective.

Convergence “In most of the customer groups that we work with one thing that is becoming very clear is the convergence of the traditional IT with the social media, as well as mobility,” says January / February 2013 : VitAL 11

COVER STORY

“You need the network; you need mobility; you need big data; you need the cloud and security; you need the social media; all of these are coming together and most of the solutions going forward have to be addressing these issues and translating into a very tangible, value-driven business approach.”

12 VitAL : January / February 2013

Senthil Narayanan, assistant vice president Solutions Group, Mahindra Satyam Europe. “We are seeing this across organisations. Where we see an issue is where organisations want to go ahead with Bring Your Own Device (BYOD) consumerisation, they can see the value of it but they are not sure how to move ahead with it. How do they handle security? How are they going to deploy it and how will it affect the company’s policies. Some customers are even wondering if there is any value at all in BYOD for them. What we have done as a service organisation is combine the multiple aspects of mobisocial, even on integrated applications. “But the convergence is going to bring in other elements as well,” argues Narayanan. “You need the network; you need mobility; you need big data; you need the cloud and security; you need the social media; all of these are coming together and most of the solutions going forward have to be addressing these issues and translating into a very tangible, value-driven business approach. All this may not happen in the next few months or even the next two years, but you need to start laying the foundations for it.”

Into the fourth dimension The fourth dimension to all this is analytics. “It’s not sufficient to have all of the social media interactions going on,” adds Balaji TS, “Social media analytics are key. The parameterisation of the business – in terms of gathering data from various parts of it and analysing that data –leads to greater automation and a much more effective mobilsocial organisation. “All of this of course needs connectivity to work,” says Balaji TS, “and hence what we call NMACSS, with the network, mobility, analytics, cloud, security and social aspects all brought together. This all needs to be addressed in an integrated comprehensive fashion rather than looked at piecemeal. This is probably one of the reasons why the early adopters of social media in enterprises have not succeeded as well as they could have. They have not been able to get an integrated technology strategy. The enterprise’s own collaboration environment which is going mobile has got to play along with whatever they put in as an analytics back engine and with the social media platform, they all have to be interconnected. Looking at them one at a time will give you a very lop-sided view. We need to have the NMACSS coming in together as an integrated technology strategy

– this will make the mobilsocial world more effective and successful.”

Bring your own The way in which the mobisocial world interacts with an ever-growing assortment of mobile devices is crucial. “The device image can be downloaded on demand – like the cloud would with a desktop environment,” says Balaji TS. “This means my device, once I’m in a particular environment, has the policies built-in and this happens over the network in real time and all the things that can happen thereafter in terms of collaboration – all the data from business operations that need to understood by the user – all of this can be brought on to the device through the interface that has been downloaded.” The problem with most organisations is that they tend to approach BYOD as a security problem. “This is a very one-dimensional view,” according to Balaji TS. “It ought to go across the mobility angle and across the analytics and the cloud angle as well as the security angle. They need to be brought together and delivered over an effective network. Most of the doubts that are there in the minds of the decision makers seem to come out of this one-dimensional view.”

Mobilisation & security Tackling the important question of what to actually mobilise, Balaji TS says “There are certain dashboards that can be mobilised which is probably the easiest example. But mobility also has cost associated. You need to have enough skills available to actually create an app that can go on to a device. If you don’t have the skills, it’s probably better to create a web page and if your mobile device has a browser that’s capable of opening it, that’s good enough. “There are important considerations as to what you use the device for. Does it make sense to mobilise and how many transactions actually happen on the go?” says Balaji TS. “You have to decide what would actually succeed and this has to be thought through on an end-to-end basis.” Senthil Narayanan points out that there are many aspects to security in the mobisocial world. “Is it just a matter of compliance with company security policies, or is there a genuine threat that the devices you are going to deploy will not be secure? Is it to do with network access or is it about data protection? www.vital-mag.net

VitAL SIGNS: LIFE IN THE WORLD WITH IT

There are multiple angles around security and they need to be addressed. But if businesses are struggling to make a decision or are concerned about device management and what the business benefits are how long ROI will take or whether there are licensing issues, all these questions need to be addressed before a decision is made.”

PM = less IM Armed with empirical evidence, this issue Steve White can demonstrate exactly how his speciality – Problem Management – delivers a very clear return on investment.

The advantages of a mobisocial world “I work for the CTO office in Tech Mahindra,” says Balaji TS. “Quite often we have a situation where there is something new and promising that one of our teams has come across that could benefit the business. Previously there were long cycles where we had conference calls with teams in other parts of the world. For the last two years we have conducted internal webinars with a limited scope for interactivity, but the latest interactions I’ve been having with our sales force has actually been on Chatter in salesforce.com where we have a closed group that we have created. I can put out a topic on that forum and within three weeks most of our sales people who are members of that group will have argued the pros and cons and come up with innovative ideas. The medium is richer and it is free flowing. And it’s in English, a language we all speak.” Perhaps surprisingly one of the downsides of the mobisocial world is also that it is all in written English. “It is not easy for us to parameterise it,” says Balaji TS. “If I want to mine the information or create a data warehouse, I need to have certain sophisticated tools. But there are good open source tools that can do a certain amount of natural language processing as well as some analytics.” Another downside of social media is that it can be a lot harder to convey emotions. “I can, with my voice intonation, communicate an emotion into a conversation. This is very difficult with the plain black and white of text,” says Balaji TS. “Some of the meaning can be lost or not picked up on. Sometimes all the smilies in the world can’t bring out what is actually being communicated. “The future workforce which is likely to be my son’s generation has grown up with social media. He is in college and we chat more often on Facebook than on the telephone. It is something that comes naturally to this generation, it certainly the way things are moving,” concludes Balaji TS. VitAL

am passionate about Problem Management – it delivers a clear ROI when deployed with

passion and clarity, but what is that value?

The graph below shows the deployment of the fixes identified by the Problem Management team reduced the incoming volume of incidents. Grateful thanks to Michael Hall, CITP, for this graph and explanation.

The black line is the volume of new problems being raised; The blue line is the volume of old problems being closed (fixes applied to the infrastructure); The red line is the total backlog of unclosed problems (business risk); The grey bars are the number of new incidents raised per month (major or highest priority/ severity ones only). Although through anecdotes it is understood that the fixing of problems leads to a reduction in incidents, this graph is actual, highly correlated proof. This support organisation kicked off a drive to clear their backlog of open problems. These,

almost exclusively, are problems that have been investigated and the cause has been found, however the teams tasked with applying the fixes, be they application groups or infrastructure, had not done so. It wasn’t just an administrative clean-up exercise to tidy up the record keeping, it required the fixes to be applied to the IT estate.

What the graph shows clearly is that, as the backlog starts to go down (in other words, fixes are making it into the production environment), the numbers of new incidents starts to go down as well, and the risk to the business dramatically decreases. The correlation is striking and clearly demonstrates the close relationship between effective problem management and reduction in the number of incidents, which, is one of the commonest KPIs proposed for problem management. VitAL Contact Steve White at: stevescolumn@vital-mag.net

January / February 2013 : VitAL 13

VitAL MANAGEMENT

Getting your house in order If you really want service excellence, one prerequisite is to have your â&#x20AC;&#x2DC;houseâ&#x20AC;&#x2122; in order. Ray Blackman, director of consulting and professional services at Attenda, discusses why, and how, organisations need to better understand and manage their IT estate (assets) as a basis for improving service, reducing costs and mitigating risks.

14 VitAL : January / February 2013

www.vital-mag.net

VitAL MANAGEMENT

ACK OF insight and control of their IT estate is the common cause of inadequate service, excessive costs and unnecessary risks, in as many as 75 percent of mid to large enterprises. In practice, it has been estimated that service levels can be as much as 50 percent lower than expectation, costs can be 30 percent higher than they should be, and risks, in terms of both security and regulatory compliance, can be three or four times greater than necessary, without a ‘holistic’ view of the IT estate. Here we will discuss why, and how, organisations need to better understand and manage their IT estate (assets) as a basis for improving service, reducing costs and mitigating risks.

Pressure on IT departments The pressure on IT departments to deliver excellent service to the organisation is www.vital-mag.net

immense. IT decision makers are expected to constantly drive down costs, by offering more for less, whilst also mitigating risks, by ensuring efficient IT security systems and processes are in place, as well as managing regulatory compliance and business continuity. Further, if we also factor in the vast array of new technology choices available, as well as the idea of driving continuous improvement in service, efficiency and risk; ‘service excellence’ becomes a very big ask. For a CIO to set out to achieve any of these goals, IT must first ‘have its own house in order’, to fully understand its IT estate, including all of the associated assets, before attempting any sort of business or service improvement project. In practice, this is easier said than done, and we are finding many organisations simply don’t have the insight and control necessary to execute successful change – let alone achieve continuous improvement. Attempting to make IT estate changes without the right preparation means that there is an increased likelihood of things going wrong for an organisation. There is much anecdotal as well as published evidence to show that you are more likely to make mistakes and get it wrong, without having ‘all of the pieces of the jigsaw together.’

Achieving a holistic ‘as is’ view of the IT estate Both large and small organisations lack control as well as insight when it comes to IT estates. Given the speed with which things are moving, as well as the demands placed upon organisations, companies need to do more to make sure they have control of their IT estate. The problem is exacerbated with the advent of cloud, and it is essential that companies understand the cloud ecosystem and do the right preparation before implementing cloud services.

Organisations must have a holistic and sufficiently detailed ‘as is’ view of their IT estate, as well as the ability to reuse that information to best manage and change the way they do things. Only then can they have complete control and be able to implement change successfully. For example, for Clients where we are supporting and providing their infrastructure, we are fundamentally able to provide them with that control service; which means that nothing moves on their estate unless they know about it and can control it.

How to gain control By applying a proven world class structured method, it would be possible to fast track any type of change project, including full scale business transformation and in so doing, with a detailed understanding of the ‘as-is’ IT estate before embarking on the journey to provide enhanced levels of service. An approach including seven specific design activities that are carried out to ensure adequate change preparation: Record as-is, Analyse as-is, Design solutions, Record to-be, Analyse to-be, Extract requirements and Model change, is effective. This process and set of activities allows the basis of any change project to be defined, the design of the solutions that it will deliver, and to test the viability of what is proposed. We are finding that where we are using this method to assist clients in undertaking a proper and structured review of their estate, whether that is infrastructure, servers, applications or business processes; they are in excellent shape to implement change, with the operational impacts analysed and business benefits quantified. We would strongly recommend that organisations take stock of their IT assets, sooner rather than later. VitAL www.attenda.net January / February 2013 : VitAL 15

VitAL MANAGEMENT

The Cloud and data protection â&#x20AC;&#x201C; a legal perspective Whenever a new IT project is being planned more and more businesses view this as an opportunity to use a Cloud solution, but Kim Walker, partner at leading law firm Thomas Eggar LLP says be cafeful where you put your data.

16 VitAL : January / February 2013

www.vital-mag.net

VitAL MANAGEMENT

With an increase in use of Cloud in the public sector, including HM Governmentâ&#x20AC;&#x2122;s G-Cloud project, it will soon be the case that more IT services than not are delivered in this way.

LOUD COMPUTING solutions continue to gain acceptance and as Cloud becomes more established it is rapidly being treated as a means of delivering IT as a utility. The evidence for this becomes clearer when we consider why Cloud computing is such a hot topic. As more and more IT service providers climb on board the IT Cloud, businesses are presented with choices. The great advantage Cloud presents is the ability to buy online scalable IT resources on demand. Cloud is essentially a collaborative service and so, in matters of security and privacy, responsibility for data protection in the Cloud should be shared between supplier and customer. This allows a business to assess which of its processes and what data might be suitable for a Cloud solution without having to commit everything at once.

www.vital-mag.net

IT service providers have invested in the enabling technology for Cloud from virtualisation and large server farms to high bandwidth providing low-cost connectivity. Before too long the days of having a server room on premises will be as rare to a business as having its own off grid generator. Only those businesses for which the type of data or what it does with it is so critical to every aspect of its business will have the resource to invest for every IT eventuality. Cloud computing on the other hand allows a highly flexible and very rapid outsourcing of IT. Reduced costs convert capital expenditure to operating expenditure and require less technical input by the business customer; initial fears that this would put a business at risk (if using the utility analogy) is not different from not being able to explain how the light comes on at the flick of a switch. January / February 2013 : VitAL 17

VitAL MANAGEMENT

Cloud may be safer than DIY data security for many small and medium sized enterprises when you consider that investment which large service providers make in the Tier 1 hosting centres, where data is controlled and processed, will out strip any ‘home grown’ security measures at every turn.

18 VitAL : January / February 2013

With an increase in use of Cloud in the public sector, including HM Government’s G-Cloud project, it will soon be the case that more IT services than not are delivered in this way.

Service levels This raises a number of challenges for the growing business. Contracts for Cloud services are often based on standard terms and conditions with many provisions which may be extremely limited. The relative ease with which Cloud services can be obtained may mean that a procurement process which has been refined over a number of years for the purchase of other services can be by-passed, either deliberately or inadvertently. The increasing use of employee’s own devices at work will also blur the boundaries and create opportunities for data to be pushed to the Cloud. The emergence of Service Level Agreements (SLAs), often from a starting point of a more traditional Software Licence Agreement, will not always address key security concerns about data. However, security and privacy and especially the importance to businesses in the EU of Data Protection Regulation compliance, means that there are a number of key points which should form questions to ask the supplier and where there should be scope for negotiation. The extent to which these are relevant for a business will depend on the type of IT application being outsourced and also the extent to which security can be controlled and over which the business can have some influence. Cloud architectures come in a variety of forms including private/internal Cloud structure, public/external Clouds and hybrids. Within these, Cloud services can be delivered as software (SaaS) platform (PaaS) and/or infrastructure (IaaS).

Data safeguards Key concerns on the part of the customer will include: • Who is responsible for security and to what standard? • Is there access to ‘intelligible’ unencrypted data? • What arrangements are there for audit? • How will security breaches be monitored and users informed? • Where is the data located? It is this last question which causes unnecessary worries for concerned business owners when they look at the risks on being asked to approve a Cloud service which is being provided by a company based outside the European boundaries. It can also be an issue where the supplier is UK based but its servers are overseas. These are common concerns and there is a natural reluctance to trust a supplier with control and safekeeping of a vital business data asset. But, Cloud may be safer than DIY data security for many small and medium sized enterprises when you consider that investment which large service providers make in the Tier 1 hosting centres, where data is controlled and processed, will out strip any ‘home grown’ security measures at every turn. For example, there is less of a risk that a company laptop will be left on the train if that employee is able to access company information from a device at home. A business should understand where its data will include what is known as personal data – data from which a living individual can be identified. This will, typically, include employee, customer and supplier data. The data protection law which applies to Cloud services is no different from that which applies to other areas of the business. The Data Protection Act 1998 places obligations on data controllers and processors in relation to the collection, processing and transfer of personal data.

www.vital-mag.net

VitAL MANAGEMENT

A Cloud customer has obligations as a data controller to make sure appropriate security measures are applied to the data and not to transfer data outside of the European area without having satisfied itself that those appropriate security measures will be in place. The questions to ask in any Cloud arrangement is: ‘where will my data be located?’ It is not the case that data may not be transferred outside the European area but it is the responsibility of the controller to make sure they have carried out sufficient due diligence and asked appropriate questions where this is going to happen. In the commodity/utility approach to Cloud computing, these questions will not always be asked. The European Union recognises a number of countries where it considers security arrangements are adequate. With regard to the US, this includes providers which are part of the Safe Harbor. It is still important to find out whether there will be any onward transfers and in particular, who controls the critical infrastructure of data centres and from where. The key ingredient is a Processing Agreement to deal with data transfer. The EU has provided model clauses which can form the basis of such an agreement. The issues raised by data are undergoing scrutiny at European Union level with the Article 29 Working Party and in the UK at the Information Commissioner’s Office. The European Commission has listened to the commercial reasons for some standardisation and wants to see model SLAs introduced for ‘professional Cloud users’ by the end of 2013 and model contracts for consumers. This will certainly help to provide some benchmarks which are lacking in Cloud at the present time.

Law enforcement The new risks which Cloud introduces are around access by law enforcement in other countries and the law which might apply if a dispute arises. In any Cloud service provision

www.vital-mag.net

a number of geo location factors might apply to the data. This will include the location of the Cloud customer and Cloud provider but also where the data centre(s) are located so there may be a number of regulatory regimes to consider. As well as the data protection concerns of privacy and security, this should also cover the practicalities such as: • What happens if the Cloud provider goes bust? • How easily could a customer move data to another Cloud service or back to its own system and how long would this take? • How conﬁdent can a customer be that it could regain control of its own data without leaving behind copies at the Cloud provider? This last point is important to ensure that data is not being kept for longer than is necessary to deal with the purpose for which it was obtained.

Industry standards It is probably about time for the introduction of some industry standards around service levels and data transfer. In the meantime, in the spirit of sharing responsibility for data protection in the Cloud, it is worth noting that whilst Cloud suppliers will typically express disclaim and exclude all responsibility and liability for loss, corruption or security of data, even the biggest of suppliers will negotiate (a little). So knowing the questions to ask can put the customer in the driving seat of negotiations and enable them to take a critical look at their own business processes and data when next buying a new or upgraded IT solution. Once the answers from suppliers address these points in a consistent way we will really begin to see the benefits of Cloud providing something for everyone, but not necessarily for everything. VitAL

Knowing the questions to ask can put the customer in the driving seat of negotiations and enable them to take a critical look at their own business processes and data when next buying a new or upgraded IT solution.

Kim Walker is a partner at leading law firm Thomas Eggar LLP.

January / February 2013 : VitAL 19

VitAL MANAGEMENT

20 VitAL : January / February 2013

www.vital-mag.net

VitAL MANAGEMENT

Balancing the benefits of BYOD Corporate IT is caught between a rock and a hard place when it comes to BYO. It can either ban it and stifle productivity or allow freedom and potentially expose corporate data to breaches. Jaspreet Singh, Founder and CEO at Druva helps you strike a balance.

TARTING WITH the introduction of the iPad, there has been a deluge of tablets (mostly Android-based) that allow users far more functionality than simply email. At the same time IT culture has shifted dramatically in recent years; historically IT departments drove technology changes in their organisations whereas now workers are increasingly taking the lead as the technology they are using in their personal life is more cutting edge than their business tools. Today, Bring Your Own Device (BYOD) policies allowing users to access corporate data from personal devices, and cloud-based applications make employees more efficient and productive at work. Recognising this enormous productivity increase, corporate IT is caught between a rock and a hard place with two options: 1) Disallowing BYOD only to be perceived as stifling employee productivity; or 2) Allowing freedom in terms of user choice of devices and applications but exposing corporate data to potential breaches.

Happiness = Productivity As tablets, and smartphones become more powerful, and newer platforms come to market corporate data is increasingly present on more and more devices. The recent double launch of Windows 8 and the Surface tablet highlighted an increased focus of technology providers on optimisation for tablet users. From a business perspective enabling employees to work from home if they wish, check their emails on their commute or use their iPad in a presentation, is a real www.vital-mag.net

positive. Employees that are able to use their own devices are more likely to use them outside office hours, making employees more productive both in and out of work, while boosting morale and encouraging a positive work-life balance.

Collaboration = Innovation A key outcome of the adoption of BYOD is an increased focus on innovation in organisations, the need for this focus was highlighted by the use of free file sharing platforms by workers keen to store and share documents, and collaborate with colleagues, outside of corporate IT systems. There is an 81 percent correlation between innovation and collaboration according to a report by the Future Foundation, and employees who are given the opportunity to collaborate within increasingly mobile workforces are more than twice as likely to contribute new ideas to their company. By developing an IT strategy to incorporate mobile devices, with enterprise-grade file sharing or secure file sharing tools that instantly sync files across devices and users, businesses are able to support a collaborative environment that incorporates employees and partners that are not always in the same office. Incorporating BYOD has the potential to transform the use of corporate information for the better.

Security issues

Today, Bring Your Own Device (BYOD) policies allowing users to access corporate data from personal devices, and cloudbased applications make employees more efficient and productive at work.

The past 12 months have seen the highest level of data breaches that the UK has ever seen. Last August the Information Commissioners Office (ISO) revealed that January / February 2013 : VitAL 21

VitAL MANAGEMENT

Gartner predicts that in less than three years a third of IT expenditure will occur outside of the corporate budget; businesses need to look at the simplest ways to enable their employees to do their jobs.

data breaches had jumped by 1,014 percent over the last five years and look set to continue to rise. Much of this increase has been attributed to the growing use of consumer-grade collaboration tools by employees wishing to share corporate data both with peers and, perhaps more commonly, with their own personal devices to enable them to work remotely, or on a preferred device. But, as staff champion the use of personal devices at work and technology providers are increasing the web, mobile and tablet offerings of enterprise tools, are businesses themselves taking the right steps to mitigate the risk of violating compliance or corporate governance regulations? Without the right kind of software that works on multiple platforms and devices, IT has no visibility into this vast expanse of data. Individual liable devices must be protected from data loss and data breach. The loss or theft of a BYOD device can lead to productivity losses if useful corporate data on the device is not backed up. In addition, data on the device is liable to potentially expensive breach if it falls in the wrong hands. A recent incident that highlights the importance of protecting important information on mobile devices is the theft of an unencrypted NASA laptop with information on 10,000 employees. A solution providing backup capabilities for selected information along with data encryption and the ability to remotely wipe corporate data from a lost device would be ideal in this situation. If an employee leaves a company or is let go, segregating and retrieving sensitive company data could also be an issue. The ability to selectively delete information on user-owned devices is particularly useful when employees quit their companies, preventing employees taking corporate information with them.

Delaying the inevitable? In addition to challenges from BYOD, the use of consumer-grade applications lacking adequate security is a major concern for IT. Recent research suggests one out of five business users admitted to using consumer file-sync-and-share systems with work 22 VitAL : January / February 2013

documents to assist remote working and peer to peer collaboration. Dropbox alone’s various security breaches – last August the company came into the firing line, not for the first time, after it was revealed that a file containing private customer details was stolen from an employee’s account – strongly illustrate the need for enterprise-grade applications that ensure data security while providing ease-of-use similar to consumergrade solutions. Regardless of the risks, more and more employees are expected to use services out of the control of the IT department. Gartner predicts that in less than three years a third of IT expenditure will occur outside of the corporate budget; businesses need to look at the simplest ways to enable their employees to do their jobs. The consumerisation of IT trend is here to stay. Corporate IT must appreciate data protection and security challenges in order to implement appropriate policies in coordination with the right tools to achieve a win-win situation.

Two concerns, one solution Backup and file-sharing are two different and unique enterprise IT concerns. Backup is a broad case driven by IT, whereas file sharing is more user-driven, with users sharing a small proportion of their data with peers for collaboration but both are issues being exacerbated by the consumerisation of IT. BYOD has led to growing calls for an integrated solution which solves both use cases without having to deploy multiple products. Put simply, users want IT to let them do their job on the devices that make it easiest for them. Corporate IT can ideally balance the productivity gains resulting from the consumerisation of IT while eliminating the possibility of data loss or breach by using a software solution that both protects data on BYOD devices and allows secure file sharing with enterprise-grade capabilities. In doing so, IT can realise the dual victory of satisfying users’ demand of instant data access while keeping sensitive data safe. VitAL www.druva.com www.vital-mag.net

VitAL MANAGEMENT

Reading the runes for 2013 VitAL asked a select group of IT industry executives to suggest what they think is in store during 2013...

RADING CONDITIONS continue to be tough with the US facing the fiscal cliff and uncertainty in the Euro-zone, but many parts of the IT industry seem to be bucking the trend, perhaps because they are having to step up to the plate and provide the added value that is saving companies money and resources. VitAL asked a number of IT industry VIPs to put their heads above the parapet and speculate on what the headline IT trends will be in 2013.

The mobisocial world As this issue’s cover story suggests, we seem to be heading into the ‘mobisocial’ world. “2012 saw us becoming increasingly social,” says Andrea Kis, service delivery manager 24 VitAL : January / February 2013

at cancer charity Macmillan. “Businesses are starting to utilise social media outlets including Twitter, LinkedIn and Facebook. These platforms have become a firm staple in the communication strategies of many businesses and this raises concerns around support and security. Another key trend in IT is the move towards improving processes, and this has led to IT service management playing an increasingly pivotal role. IT departments are considering how to do things better, and become more process driven. But as customer expectations of technology increase, the IT department must raise its game according to Kis. “I believe this will require an increased agility throughout the organisation to meet customers’ needs, which I firmly believe IT service management www.vital-mag.net

VitAL MANAGEMENT

can provide. It is also crucial to use a great service management solution, the right tool can make a real difference,” she says. “While many businesses embraced the concept of social media and the cloud and have begun to implement strategies, most are at an early adoption stage. 2013 will see a significant increase in the adoption of social media, bring your own device and bring your own apps initiatives which will drive SaaS and cloud services, and this will be key developments for IT. As a result, IT departments must understand how these technologies can support the wider organisation and have plans in place to manage the transition effectively.” “In 2013, we’ll see younger staff – who typically prefer to use social computing tools in their personal lives – drive wider adoption of social computing within the enterprise by making these tools their first choice for collaboration with colleagues,” argues David McLeman, managing director at Ancoris. “Many businesses introduced a range of communication and presence tools – such as browser-based chat and video-conferencing or enterprise social networking in the form of solutions like Google+ – as by-product of moving to cloud computing for email and document collaboration.” Ramyani Basu, senior manager, at global strategy consultancy, A.T. Kearney also thinks social media will play a major role in 2013. “We expect to see a growth in traffic for social media channels and internet sales,” he says. “Organisations will focus on how to monetise social media as a channel to market and hence drive revenue generation. Mega players in the social media space will require further innovation to use the platform to do so.”

Movements in the Cloud The Cloud seems to have been top of the agenda for some years now with some in the industry suggesting that cloud adoption is beginning to plateau. “Regardless of sector, cloud is the trend that has defined IT development in 2012,” says Andrea Kis. “This is a really positive development, especially www.vital-mag.net

within the third sector, as it can enable us to store more critical data in a safer environment. Big data and the protection and storage of this will also be high on the agenda for 2013. With employees able to connect anywhere and anytime with the business, IT will need to consider how it can encourage flexibility, how can it offer storage and data taxonomy while safeguarding the security of the organisation.” “The launch of the Government’s first G-Cloud catalogue in early 2012 might have helped the public sector become more comfortable with the idea of cloud services,” says David McLeman, “but procurement and budgeting processes meant few were able to take immediate advantage of the cloud. With the advent of the new financial year in April 2013, the launch of a third version of the G-Cloud catalogue, and the increased buzz around cloud generated by high-profile projects such as NHSmail 2, we expect to see far greater numbers of public sector organisations rolling out cloud-based IT in 2013.” Ramyani Basu expects Cloud as a commercial and technology delivery model to flourish in 2013. “In 2012, organisations explored packaged private cloud and custom packaged cloud for hardware, software and datacentres,” he says. “Going forward, we expect businesses to demand more of managed service models from the cloud providers. We believe that Cloud will become a more acceptable mode with a true commercial model for Big Data. Cloud brokerage role, which is about aggregation, governance and provisioning between cloud providers and consumers, will act as the key role to get the maximum benefit from the cloud ecosystem.”

“In 2013, we’ll see younger staff – who typically prefer to use social computing tools in their personal lives – drive wider adoption of social computing within the enterprise by making these tools their first choice for collaboration with colleagues.”

Through with Windows? The growth of bring your own device (BYOD) is causing tectonic shifts in the once Windows-dominated OS landscape of business computing. “During 2012, increasing numbers of organisations adopted bring your own device strategies or provided staff with January / February 2013 : VitAL 25

VitAL MANAGEMENT

“The key question facing businesses over the coming year is how to benefit from IT innovations while maintaining secure, compliant and costeffective processes. Businesses that achieve this balancing act are most likely to benefit from their IT in 2013.”

26 VitAL : January / February 2013

company-owned iPads, Android tablets and Chromebooks as they moved applications into the cloud,” argues David McLeman. “In 2013, as the move to cloud computing continues, corporate IT departments will no longer automatically refresh ageing user technology with the latest generation of Windows-based systems, but instead evaluate numerous platforms to see which best fits their needs. “With a significant number of companies being forced off Exchange 2003 implementations as Microsoft ends support, we expect to see a third of them migrate to Google Apps rather than stay with Microsoft,” adds McLeman. “Gartner’s confirmation that Google Apps is a viable alternative to Microsoft Office for most users will make businesses question the value of renewing Microsoft Enterprise Agreements that lock them into paying for licenses and software they may not use.”

ITSM and service culture “2013 will see businesses becoming increasingly customer service centric,” predicts Andrea Kis. “I see IT Service Management moving to an even more critical position to support this development. IT will need to re-evaluate its processes to better support employees and meet the needs of its customers. I fear IT is still not truly valued as it should be in the third sector. IT requirements are always driven by the needs of the customer, and as they become increasingly tech savvy, the demands on IT will increase. Those in the third sector that don’t respond, or fail to appreciate how IT can help develop the organisation, may well be left behind.” Dealing with the pace of change has thrown up challenges. “The pace of technological change over the past year has meant that businesses must invest in their IT service management to keep pace with the changes, not least to enable them to support initiatives such as BYOD, social media and cloud,” says James Gay, CEO at ICCM Solutions. “I’ve witnessed many forward thinking companies react to these pressures over the past year in a positive manner, for example by making more of their IT service management investment.

This year there has been a shift to implement formalised change management processes, which has enabled many organisations to invest in IT efficiently and effectively, while ensuring that risks are reduced. Businesses have woken up to the fact that the adoption of new IT services and policies must be actively managed. The continuation of a strained economic climate will mean that businesses will continue to face cost pressures, but customer experience will be even more important in 2013. I believe that improvement initiatives will also see an upsurge, and organisations will expect their service management platforms to be able to support these.” Ramyani Basu also sees service as a key differentiator in 2013. “We believe that the success of 2013 will depend on how corporates, businesses and service providers develop a true consumer-centric strategy and meld different technology trends to maximise the impact in the market; hence convergence of existing technologies with mobility solutions will become a necessity to meet consumer centricity.”

Cost cutting With continued economic woe, companies will be exerting strict cost control. “Businesses are beginning to place IT cost cutting at the top of the organisational agenda,” says Thomas Coles, managing director, MSM Software. “This strategy, while sensible, must be managed carefully. If we are not vigilant this development could see businesses which drastically cut their IT resources placing themselves at long-term risk, with IT systems that are simply not fit for purpose. However, according to a recent study by Gartner-Forbes, 64 percent of organisations said IT spending would rise during this financial year, demonstrating that the strategic contribution IT has on company operations is set to increase rapidly in 2013. “The key question facing businesses over the coming year is how to benefit from IT innovations while maintaining secure, compliant and cost-effective processes. Businesses that achieve this balancing act are most likely to benefit from their IT in 2013. VitAL www.vital-mag.net

VitAL MANAGEMENT

Feature sponsored by

The best of both worlds If fully embracing the Cloud is a step too far for your Service Management operation, perhaps a hybrid approach is what’s required. VitAL speaks to the vice president and general manager of FrontRange’s Cloud Business Unit, Kevin Smith about why, for many, a hybrid approach is preferable.

OR MANY Service Management organisations the idea of placing its software and data entirely in the Cloud is a step too far as of 2013, and yet they may wish to exploit some of the many benefits of a cloud-based operation. FrontRange believes it holds the answer in its HEAT hybrid ITSM solution. Founded in 1989, FrontRange is one of the biggest names in IT Service Management (ITSM). The company is the only ITSM provider in the world that delivers Service Management software with fully integrated Voice Automation and Client Management capabilities on-premise and in the cloud. Its HEAT solution manages millions of 28 VitAL : January / February 2013

service interactions every day for more than 15,000 leading organisations around the world, enabling customers to deliver worldclass service while maximising operational efficiencies with reduced cost and complexity according to the company. Vice president and general manager of FrontRange’s Cloud Business Unit, Kevin Smith is responsible for the growing portfolio of FrontRange Cloud applications. Previously responsible for product management, product marketing and corporate marketing for all FrontRange product lines, Smith has over 25 years of experience in the technology and software businesses. Prior to joining FrontRange, Smith held a number www.vital-mag.net

VitAL MANAGEMENT

Feature sponsored by

of senior positions in technology companies before which he was flight design manager with NASA at the Johnson Space Center in Houston, Texas. VitAL: Please explain the concept of hybrid IT Service Management and how it fits in to the full ITSM picture. Kevis Smith: Customers love having choices and choices protect customers’ futures, so the concept of hybrid is about offering the customer more choice and more flexibility so no matter what road they choose or what happens in the market, they can tailor the deployment of their applications to what is needed in the business. But to define the terms a little better: OnPremise is located within the company firewall, HEAT perpetually licensed solutions are installed locally at a customer site where company resources typically help implement, maintain and manage business solutions. Cloud is Located outside the company infrastructure and accessible via the Internet, HEAT subscription-based, multi-tenant solutions are provided to customers via a secure environment supported and maintained by FrontRange. The Hybrid approach Incorporates both HEAT On-Premise and Cloud applications for a complete Service Management solution. Customers have the choice of utilising either the cloud or on-premise deployment options, including a combination of the two models to support their business needs. By offering a Hybrid ITSM model that features a common code base – whether deployed on-premise or in the cloud – FrontRange is giving its customers the best of both worlds. For example, organisations with remote/branch offices with limited IT resources might opt for cloud-based ITSM while corporate HQ and main campus sites with significant IT staffs are more likely to adopt on-premise solutions that they can more easily manage and customise. With this suite of cloud, on-premise and hybrid HEAT applications, we can offer a solution that is the most: Flexible: Standardise on a single service management solution with ‘fit-for-purpose’ www.vital-mag.net

deployment models that allows for the use of both operating and capital expense budgets (including a hybrid option that leverages both); Advanced: The most advanced service automation solution in the world with fully integrated voice-enabled capabilities that enhances efficiency and reduces service resolution costs by up to 70 percent. Complete: With end-to-end, integrated client management capabilities that enables the standardisation of business processes across the enterprise and improves the mean time to repair (MTTR) by up to 75 percent. VitAL: What specific circumstances lead to the development of the hybrid approach; was it developed from existing products or is it a completely new concept? KS: It hit us over the head one day that we’d been in the business for over 20 years delivering on-premise applications and we had built this new Cloud application and a number of our customers we were talking to had a hard time choosing between the two, and then it occurred to us that we can do both. We offer both, all we have to do is make them available together. Our product line gives our prospects the option of the delivery model that works best for them. With a new executive team on board, beginning January 2012, we put that vision into practice with the existing product lines to reflect the hybrid model giving our customers the option to choose the deployment option that works best for them. Additionally, from a cost perspective, this enables the customer to take advantage of both operating and capital budgets. Our world keeps on changing and I talk to CIOs every day that say “This is futureproofing me. I don’t have to put all my eggs in one basket. I can go with a hybrid model and wherever the market goes, wherever technology goes, I have flexibility.” VitAL: How does the hybrid approach differ from existing on premise and cloudbased solutions? KS: Customers don’t want – nor must they – be forced into an either/or model. They want the flexibility to deploy ITSM solutions via

Customers love having choices and choices protect customers’ futures, so the concept of hybrid is about offering the customer more choice and more flexibility so no matter what road they choose or what happens in the market, they can tailor the deployment of their applications to what is needed in the business.

January / February 2013 : VitAL 29

VitAL MANAGEMENT

Feature sponsored by

“SaaS-based ITSM tools appear to provide cost savings. However, failure to account for the resources to implement, integrate, operate and maintain the tools will result in the inability to extract value and achieve the expected ROI,” Gartner says.

30 VitAL : January / February 2013

cloud or on-premise as needs dictate and when and where it makes the most sense for the ever changing organisation. The cloud is here to stay, but full-scale transitions to the cloud to support an organisation’s entire ITSM functions is not only unlikely, there are clear instances in which on-premise solutions make more sense for the reasons I’ve cited. The same holds true for cloud-based ITSM offerings; there is no ‘one size fits all’ cloud strategy that obviates the need for a hybrid solution for cost, resource allocation, infrastructure integration and customization reasons. VitAL: What are the benefits of a hybrid solution? KS: Number one is flexibility. It’s hard to quantify this, but its value is huge because technologies evolve, with virtualisation, mobile device management, a proliferation of smart phones and we don’t know what’s next. With a hybrid solution, whatever happens they have the flexibility to deliver. We have taken most of the risk out of it. Also, for companies that use some cloudbased applications, or need to cover branch offices and other sites that have few or no IT resources, a cloud-based ITSM offering may well make sense. B ut for enterprises that run the vast majority of their applications in-house, or that have lots of custom requirements, an in-house ITSM offering is likely the better choice. To cover both, then, enterprises need an ITSM solution that can deal with both worlds; in other words, a hybrid ITSM strategy. VitAL: What sort of user would benefit from using a hybrid solution? KS: Every user will benefit because they get exactly what they need. We can tailor the application to the user. Each organisation is unique in how it handles incidents, configuration management, change management and release management. Not to mention, problem management and the business rules that drive the performance of their service desks. Shared applications in the cloud that are largely standardised make configuration changes more complex. And this introduces an element of risk since, to cite the cliché, change is the only constant.

What companies really need is flexibility, meaning the ability to use a cloud-based ITSM tool where it makes sense and a premise-based one where the cloud model doesn’t work well. Too often, though, it’s an either/or proposition – companies are forced to choose a cloud tool that doesn’t really do everything they need it to, or a premise-based solution that may not be able to cover their entire organisation. What they need is a single solution that works in either a cloud-based or premise model, but sharing a common centralised console that gives them the same look and feel. Such a model protects the company against unforeseen changes in their business. If the organisation acquires another company, maybe one with lots of far-flung branch offices, it can quickly bring them on board using the cloud model. But over time if the company opts to consolidate offices, perhaps it would be better served with a premise-based ITSM solution. A hybrid model gives the company the flexibility it needs to meet its short-term needs after the initial acquisition as well as its longterm requirements. VitAL: How does a hybrid approach help the user to address specific service management challenges? KS: Hybrid is a much better model for getting key capabilities like mobility, self service, voice and service catalogue into the business. Based on our research with the industry analysts and feedback from our customers, companies are looking for the flexibility a hybrid deployment model (split between Cloud and on-premise) provides. Companies are looking to standardize on a single ITSM platform that gives them to flexibility to move, without having to do a rip and replace, between a cloud solution and onpremise solution. The reality is that there are situations where the Cloud may not be fit for purpose: where there are challenges getting a reasonable internet connection; where security concerns prevent it; where high levels of customisation and data/business process integration are required; and where the operating expense (opex) economic model is not appropriate. www.vital-mag.net

VitAL MANAGEMENT

Feature sponsored by

VitAL: How does a hybrid approach help the user to cope with the latest challenges to the IT estate – BYOD, virtualisation, democratising, social media etc? KS: In our December 2012 upgrade we delivered what we call Social Service Management which is a collaboration platform for leveraging social to deliver managed services to the organisation – and that’s a natural for the hybrid model. Making service management available for mobile devices so I can access my service management app on my phone or pad really changes the model of how I can work. It’s a quality of life thing. Coincident with service management maturation, virtualization and Cloud computing have been on a separate, but connected path of progress. Drivers for these technologies are quite similar to ITSM and include reduction of IT capital and operational costs, improved service quality, and increased flexibility and agility for the business. Both virtualization and Cloud computing involve the abstracted application of technology infrastructure. Virtualization is used to apply IT resources when and where they are needed. Cloud computing works with virtualization systems to create an internal or external on-demand structure for accessing IT resources through private or public networks, often through selfservice and automated means. Virtualization, Cloud computing and ITSM all represent a rich set of options that can create competitive advantage for the enterprise. VitAL: What bottom-line benefits does a hybrid approach offer the user; is it the most cost effective service management route in the current economic climate? KS: It does offer economic benefits because you can optimise the deployment of applications in the business. It also makes your people more productive because they always have access to their applications in the best possible way. One reason companies are unlikely to stick with a cloud-only solution though is it gets expensive as the years go by. Cloud does reduce your upfront capital investment because there’s no hardware or software to buy or install. But if you run a good TCO model, you’ll quickly see the benefit is short-lived. www.vital-mag.net

It’s the same as leasing vs. buying a car. If you’re going to own the car for ten years, it’s a far better deal to buy it than lease. Say you have 100 users and you’re going to spend $250,000 on a perpetual license for your ITSM solution. You will have an initial expense but you’ll own that license forever. Now consider covering those users with a cloud-based ITSM solution instead. Maybe that costs you $100,000 in year one, which of course looks like a lot less than $250,000. But then you pay another $100,000 in year 2 and again in year three and so on. Depending on the TCO model you use, you’ll likely find somewhere in year three, around 30-32 months, the lines cross and the premise-based option becomes less expensive. And that’s not even taking into account others costs, as the Gartner report points out. “SaaS-based ITSM tools appear to provide cost savings. However, failure to account for the resources to implement, integrate, operate and maintain the tools will result in the inability to extract value and achieve the expected ROI,” Gartner says. VitAL: How do you see the approach developing in future? Will there be a drift into fully cloud-based solutions or will there always be a market for on-premise and hybrid options? KS: I don’t think the market will ever go fully for Cloud; I believe it will settle in a balance. Because of security, total cost of ownership and customisation considerations I think there will always be organisations that opt for onpremise and that’s why I think we are moving in to the post-Cloud era, where Cloud is not the answer for everybody. In the next couple of years Cloud will level off in the 30-50 percent range and there will always be a place for hybrid solutions. IT executives don’t have to buy the notion that an ITSM solution has to be one or the other – cloud- or premise-based. The fact is, we’re going to be living in a hybrid IT world for the foreseeable future. It makes sense to have an ITSM solution that is flexible enough to give you the best of both worlds.

IT executives don’t have to buy the notion that an ITSM solution has to be one or the other – cloudor premise-based. The fact is, we’re going to be living in a hybrid IT world for the foreseeable future. It makes sense to have an ITSM solution that is flexible enough to give you the best of both worlds.

VitAL: Kevin Smith, thank you very much. VitAL

www.frontrange.com January / February 2013 : VitAL 31

VitAL MANAGEMENT

The importance of malleability House-on-the-Hill Software takes a look at the importance of malleability when selecting a software tool, and considers the role that Continual Service Improvement plays in the evolution and pro-active management of a business’s software, in order to extract ultimate value now and in the future.

HE NECESSITY for malleability within a business’s Information Technology is a broad and increasingly core issue within modern working environments. What can immediately spring to mind is the need for adaptability in terms of Disaster Recovery: the creation of contingency routines that enable operations to continue despite floods, power cuts or other emergency situations that render normal working conditions un-tenable. Likewise, flexibility coupled with IT is the staple of Bring Your Own Device: enabling staff to carry out their work using the machine of their choice from locations other than the office. Both of these familiar aspects of any IT manager’s workload have at their core the concept of maintaining up-time and a consistent level of service via the ductility of IT in regards to location, equipment, and working environment, with the ultimate goal being to quell any loss to the business whilst simultaneously continuing to add value. And it is the well-acquainted need for increased value which is at the root of a business’s IT, and indeed at the root of malleable IT, with this ever-growing desire

32 VitAL : January / February 2013

for heightened flexibility throwing up a new set of avenues (and of course challenges) to consider in terms of injecting value into the business. So, if we focus on one vertebra in the backbone of what supports the smooth running of day-to-day business operations and a fool-proof IT infrastructure, we can ask: what needs to be considered in terms of malleability when initially considering the introduction of software tools to a business?

Expect the unexpected Implemented and used on a daily basis to enable employees do their jobs efficiently, it is true that an organisation’s software needs to be robust, fast, user-friendly, but is a software tool’s malleability near the top of the checklist, or even on the checklist, during the initial selection process? One major challenge that confronts IT managers is the need to plan for change. There is no such thing as standing still within the modern business world, as to ‘stand still’ is to fall behind, and ITIL’s Continual Service Improvement model underpins the pressure experienced within dynamic business environments to consistently improve

performance while managing demand from various angles. IT therefore needs to progress and change with the needs of a business, so, spending time and resources, not to mention budget, on implementing a system that performs exactly how you need it to with all of the functionality required at one time is of course crucial, but, how valuable is this tool if it is ultimately rigid in terms of what it can do in the long-run? In addition to service strategy and design, the CSI Plan-Do-Check-Act (PDCA) model needs to be taken into account right from the start of the lifecycle, when first introducing a software tool to a business. Consider: will the tool support current business processes, but also provide a platform from which to enhance the quality and scope of services offered to customers?

Does it bend? Of course, the very name ‘software’ denotes something pliable, customisable, malleable, and when considering a software tool, the question needs to be asked, just how pliable is it? How simple and cost-effective will it be to ‘scale-up’ the product, to make alterations, www.vital-mag.net

VitAL MANAGEMENT

or even to scale down if there is unused functionality? Can the tool evolve with the ever-changing needs of the organisation? Can we bend and shape the tool to look and behave exactly how we want, whenever we want, in order to squeeze as much value from it as possible? These are challenging considerations for any organisation, and a crystal ball would be useful to see exactly how the business will evolve and what different requirements there will be further down the line. So, to initially introduce a software tool that has the scope to be altered without excessive hidden cost or difficulty is therefore reassuring: it allows you to plan for change, whether this change is expected or unexpected.

Finding what fits Creating business models around the limitations of a software tool is, of course, completely the wrong way around: the tool needs to have the flexibility to be moulded around business structures. From this, there are different paths to take with regard to Continual Service Improvement. Two ends of the spectrum are thus: starting big and (if necessary) scaling down, or, picking components of a tool which support current business needs, then scaling up in the future if required. There are pros and cons to each scenario, and budget, time, staff and resources all play a large role in choosing which road to take. Other aspects to consider are deployment methods. Is the tool malleable in terms of installing it on-site or on-demand? And, if there was the need to migrate the system into the Cloud at a later date due to changing business needs, would this be an option? Or, vice versa, would your SaaS supplier proffer the ability to move your software tool from the Cloud to an on-site system if changing business infrastructures demanded?

Check for success So, once the tool is chosen, checking performance in both the test and live environments must be on-going processes. Running performance checks, listening to feedback of customers, staff, vendors, third party suppliers, are all essential aspects of discovering how software is performing and how it has been received. Crucially too, if the software provides a portal between customer and business, such as the IT or Customer Support Service Desk, it is imperative that the system is performing exactly as it needs to be in order to provide end-users with the best service possible. www.vital-mag.net

Take action So, it is when inevitable changing business requirements arise that a software tool’s malleability truly comes into play, and an ITIL Change Management model facilitates the comprehensive logging and progression of any Requests for Change. Too often do businesses presume that any changes to their software tools will be too big an expense or too time and resource consuming, so end up settling with a system that once did what they wanted it to do, but cannot evolve to support fresh needs. This however, should not be the case, and adopting an “if it ain’t broke don’t fix it” attitude could mean that crucial opportunities for significantly increasing value are missed. Self-made configuration changes or updates to software tools should be an option via user-friendly administration or configuration management systems, with plans for alterations drawn up in detail in response to logged RFC’s, customer feedback and KPI statistics. Software tools should also offer cost-effective maintenance contracts propounding straight-forward and concise support and giving opportunity for configuration guidance and help when looking in to cultivating systems.

Future proof In a world where 100 percent IT up-time is becoming an increasing necessity, if not the norm, the pressure for IT to deliver the highest amount of value at the lowest possible cost is an ever-present condition, and pressures continue to grow. This means that getting the most out of every aspect of a business’s software is essential, and extending a tool which staff and customers are familiar with and that performs well into additional business areas is an increasingly popular practice. To cover additional business areas with a flexible software tool that is already operational within the business means that little training will be required, and that you are using a supplier you can trust. Indeed, the ultimate message of ITIL is to implement the best practice workflows and service delivery models, but to continually review and evolve these to match the changing working environment. Therefore, true value is to be gained from software that grows with the business and is malleable enough to perform exactly how you need it to, now and in the future. VitAL www.houseonthehill.com

Implemented and used on a daily basis to enable employees do their jobs efficiently, it is true that an organisation’s software needs to be robust, fast, user-friendly, but is a software tool’s malleability near the top of the checklist, or even on the checklist, during the initial selection process?

January / February 2013 : VitAL 33

VitAL PROCESSES

34 VitAL : January / February 2013

www.vital-mag.net

VitAL PROCESSES

Five steps to outsourcing your business IT functions to the cloud What practical steps should you take if you are considering outsourcing parts of your IT infrastructure from in-house physical servers to a remote, cloud environment? There are five key steps that a business should consider according to Michel Robert, managing director of Claranet.

UTSOURCING BUSINESS IT operations to the cloud is a hot topic for companies at present. Many voices are extolling its virtues, with key benefits from cost reduction and increased business flexibility highlighted alongside the improved technological reliability associated with virtualised environments. There is also, however, a current of concern coursing through IT departments, as questions are raised about the service levels, security and increased reliance on networks that an outsourced IT infrastructure will necessitate. So what practical steps should you take if you are considering outsourcing parts of your IT infrastructure from in-house physical servers to a remote, cloud environment? There are “five key steps that a business should consider when putting together a business plan for moving to an outsourced cloud.

Step 1: Discover what your IT infrastructure consists of, and what it’s doing The first step in determining if outsourcing your IT infrastructure is right for your business is to conduct a thorough assessment of your existing infrastructure and applications. As with all stages of this five-step process, this procedure is most effective when conducted with the help of a qualified service provider. It is crucial that they have proven expertise in identifying what IT components and functions are suited to cloud provision and which are not, and that they can execute a successful migration strategy. The fact is that some applications – such as network file sharing and phone switches – are not always ideally suited to a cloud www.vital-mag.net

or virtualised environment because they require either very high bandwidth or very low latency, or both. Compliance issues can also complicate, or negate the possibility, of moving some parts of a business’s IT infrastructure to an outsourced cloud environment. For example, the customer database of a financial institution, or an online retailer’s credit card transaction processing, are subject to regulations from the FSA and the credit card industry’s PCI-DSS rules, and as such the method of outsourcing these types of applications or functions needs careful consideration.

Step 2: Weigh up current costs vs. future benefits The next step is to compare the current state of your IT resources with what you would need to support the business’s plans, reduce maintenance costs, improve business process efficiency, and so on. We’ve found that, in almost all cases of outsourcing to the cloud, businesses that reduce their IT estate and centralise servers in a third-party data centre still have ample processing power and storage to realise these kinds of ambitions. You then need to determine what your current spend on IT is. This is essential to building a business case for outsourcing your migration to the cloud. Unfortunately this is not always a straightforward process; it requires a comprehensive picture of your IT infrastructure, which takes into account costs for managing the entire IT estate. This should include costs for power consumption by servers, time spent on maintenance, hardware upkeep and refreshes, hardware disposal in accordance with WEEE and multiple data

It often takes people by surprise when they learn that the total power cost for fifteen servers, for example, can be around £6,000-£7,000 per year – largely because this spend is usually hidden in the facilities budget.

January / February 2013 : VitAL 35

VitAL PROCESSES

It goes without saying that without a network there is no cloud service, and yet the network is often an afterthought in outsourcing projects. If the network isn’t optimised for cloud services, then application performance will be marred and in some cases organisations may have to contend with disruptive downtime.

36 VitAL : January / February 2013

protection regulations, plus the additional expenditure of licensing operating systems. It often takes people by surprise when they learn that the total power cost for fifteen servers, for example, can be around £6,000£7,000 per year – largely because this spend is usually hidden in the facilities budget. This means that your project team will need to work closely with finance and facilities, as well as other areas of the business, to get an accurate picture of current costs.

Step 3: Look beyond the numbers It’s important to note here that the benefits of cloud are not limited to cost reduction alone. There may also be an opportunity to improve your business’s continuity strategy and disaster recovery plan. For instance, an added benefit of a managed cloud environment is that it can also make your IT services remotely accessible. Additionally, internal servers may not be housed in areas with appropriate cooling and power redundancy. Such qualitative benefits should also be considered in the project’s business case for migration.

Step 4: Optimise your network for cloud It goes without saying that without a network there is no cloud service, and yet the network is often an afterthought in outsourcing projects. If the network isn’t optimised for cloud services, then application performance will be marred and in some cases organisations may have to contend with disruptive downtime. In general, network optimisation and moving to the cloud will almost always involve increasing bandwidth and introducing Quality of Service, which will necessitate an increase in a business’s spend on connectivity. This usually isn’t a deal-breaker thanks to huge reductions in the price of connectivity and improvement to service quality. Overall, the importance of the network to the outsourced cloud means that a cloud service provider with equal expertise in networking can help keep costs down and can offer added value to a project.

Step 5: Know your provider If after consideration of the above steps you are committed to outsourcing to a cloud service, you must choose your provider carefully. There are several methods of identifying the right partner. Firstly, check out their references: what calibre of clients do they service, and have these cloud deployments proved successful? Speak to their references and find out first-hand if the vendor is living up to its promises. Secondly, check the certifications: Microsoft Partner – Gold Hosting and a VM Enterprise or Premier Status are key; these are the highest industry accolades and are indicative of the knowledge, skills and commitment levels a vendor offers to help you implement technology solutions. It is also advisable to go in and see the vendor’s data centre in action. Not only will this enable you to assess the professionalism and security of the environment, but crucially it gives you a chance to talk to the engineers who would be running your platform, and establish whether you can foster a trusting relationship with the vendor who can, if suitable, assist your business’s move to the cloud. Lastly, pay special attention to the provider’s service level agreement(s) (SLA). It should guarantee things that are meaningful to overall business objectives, not just technical requirements. The cloud has huge potential, but there are varying levels of service. Outsourcing to a managed cloud isn’t a panacea for all IT ills; it is simply a means to help businesses get more of what they need from their IT function. Ultimately, by selecting an experienced vendor able to manage your IT infrastructure effectively, you will be able to focus clearly on your business while the service provider manages, supports and monitors your virtualised infrastructure to ensure system availability and efficiency. And, as stated, a cloud provider that has networking expertise as well, will help to ensure the network element of the cloud service is optimised. VitAL www.claranet.co.uk www.vital-mag.net

VitAL PROCESSES

Is virtualisation the answer to the BYOD conundrum? BYOD is creating a number of challenges for IT departments that can see the benefits but are concerned about security, compliance and the administration of this mobile environment. Alastair Broom, director of global product management at Integralis says virtualisation provides a solution.

38 VitAL : January / February 2013

www.vital-mag.net

VitAL PROCESSES

RING YOUR own device or BYOD is no longer a fad, it is a fact of our working life. But while developing as a fast growing global trend, the ability to take your job, and what amounts to your company’s confidential data and information, on the road, poses inherent risks for organisations supporting a BYOD strategy. BYOD emerged as smartphone and tablet computing technology evolved from single-function accessories to multi-function, core computing and communications platforms. Coupled with the explosion in social media applications, mobile computing and communications have transformed the way we manage our personal time, and employees now want the freedom to enjoy the same functionality and flexibility in the workplace. This is creating a number of challenges for corporate IT departments that can see the benefits of BYOD but are concerned about security, compliance and the administration of this mobile environment. Organisations are becoming more attractive to employees if they support a BYOD policy. While it seems that both senior executives, and new Gen Y starters – those born from 1980 onwards who are technically savvy, and have grown up with mobile communications and social media – are helping to drive BYOD, it is the IT department that is surprisingly pushing the development and use of mobile business applications, according to our research. Previously, the drive for BYOD came from company senior executives that could afford the first generation devices, such as the iPad and had the power to demand support from IT. Now that price points have fallen significantly, a wider demographic is starting to use a range of tablet and smartphone technology. Generation Y are our organisations’ future talent and those companies that can attract this talent will gain competitive advantage over those that cannot. If companies want that emerging talent, they have to let this generation bring its ‘toys’ to work. www.vital-mag.net

Pressure on IT departments IT departments face two major challenges when it comes to employee-owned devices, and the more they solve one of them, the greater the other becomes. The first challenge is controlling the underlying security on an employee’s device to protect its infrastructure and data. The other is that the more it locks down the personal device, the less a corporation can use it for innovative mobile applications and all the potential benefits of greater productivity and increased flexibility are lost. Results from a recent survey conducted by Integralis and Opinion Matters found that over three-quarters of enterprise IT decision makers in the UK intend to adopt mobile business apps in the next 12 months, despite concerns over security, data loss and compliance, corroborating the fact that this is a growing trend in the corporate environment. Another recent Integralis survey of 112 IT managers found that over half (57 percent) were dealing with policy enforcement issues for mobile devices in the organisation, while half of them were grappling with security issues including remote wiping of lost devices. While BYOD promises many benefits, such as greater innovation, better work-life balance and improved productivity, IT managers are burdened with the challenge of managing these devices and securing them against the threat they pose to confidential company data.

Mitigating the risks There are a number of ways in which IT managers can help mitigate the risk of corporate exposure and avoid potential legal and compliance issues. One of them is ‘sandboxing’, where a separate, encrypted and protected space is created on the device specifically for holding corporate applications and data. This ‘containerised’ approach keeps company and personal information completely separate and corporate policy can be applied to the sandbox, allowing the employee unrestricted

Generation Y are our organisations’ future talent and those companies that can attract this talent will gain competitive advantage over those that cannot. If companies want that emerging talent, they have to let this generation bring its ‘toys’ to work.

January / February 2013 : VitAL 39

VitAL PROCESSES

Virtualisation could be the thing that saves BYOD from long-term obscurity, as corporate use of mobile computing quickly evolves â&#x20AC;&#x201C; and we are sure that both the IT department and employees will be very happy to hear that.

40 VitAL : January / February 2013

use outside of it. The IT department can remotely wipe corporate data from the device, when lost or stolen, while keeping any personal data or apps intact, thus keeping both employee and employer happy. However sandboxing has limitations. Applications running inside the sandbox typically must be written by the sandbox provider and this limits flexibility, adds complexity and creates vendor lock-in. Access to features such as location services, camera etc, may be restricted using a sandbox solution, and functionality is typically limited to basic features such as email, calendar, contacts and web browsing. This limitation may be an advantage on employee-owned units, as an employee will not want an employer accessing location services which could be used to track device location, or having its bespoke app able to access the camera remotely, as this would be a significant privacy concern. Where the device is owned by the company, it is easier to justify full policy control over it and potential legal issues are minimised. The true power of mobile computing lies in the ability to run bespoke corporate applications that make use of the advanced features of the mobile platform. If BYOD places limitations on this, there is a danger that this new opportunity will not be fully exploited.

Evolving security for a BYOD environment So, the corporate approach to BYOD must evolve beyond mere sandboxing. What route will it take? Mobile device management (MDM) is an alternative solution for controlling mobile devices. This approach is ideally suited to corporate owned devices, but it can provide a level of demarcation between personal and corporate environments by, for example, selectively encrypting data and only wiping corporate data from lost or stolen devices. However, MDM as its name suggests is primarily concerned with managing the device

and the security features of any MDM solution must be carefully evaluated. MDM can be combined with sandboxing providing a secure corporate environment, while also allowing the employee the freedom to use his or her device as they choose. So is virtualisation the answer? Virtualisation of the mobile device could deliver the high levels of security required by the IT department, combined with the flexibility demanded by the employee. Virtual machines (VM) could be configured for corporate or personal use and either environment would have access to the underlying operating system (OS) and therefore have access to any application written for that platform. Separate security policies could be configured for each environment and all features and functionality of the device would be available independently to each virtual machine. The employee would be free to use the device as they chose within the personal VM and, with the corporate VM removed, all evidence of corporate use would disappear with it. This approach would also create additional opportunities for flexible working with the potential for VMs and workloads to migrate between desktop and mobile devices. Application usage in the corporate environment can be controlled using a corporate app store containing only those apps sanctioned by IT. Integralis research suggests that companies will be looking increasingly at the use of mobile business apps, using third parties to develop the next generation of off-the-shelf (40 percent) and bespoke (37 percent) applications, while nearly a third of firms will develop them internally. Virtualisation could be the thing that saves BYOD from long-term obscurity, as corporate use of mobile computing quickly evolves â&#x20AC;&#x201C; and we are sure that both the IT department and employees will be very happy to hear that. VitAL www.integralis.com www.vital-mag.net

VitAL PROCESSES

Unlearning ITIL or changing taxonomy?

Ros Sattar, ITIL ITSM practitioner

Stuart Tarrant director of 4SL Consulting Group

There is a lot to be said for taking the time to learn your customer’s business talk, and maybe not unlearning technology-speak, but maybe leaving it to one side.

42 VitAL : January / February 2013

ITSM/ITIL practitioner Ros Satar describes how many in the IT service management business are having to leverage IT capabilities into a non-IT space – that is, they need a centralised and consistent Service Desk without using any ITIL terminology. But what does this what this mean for ITIL?

HE MORNING after this year’s itSMF UK Awards Dinner was possibly not the best time to schedule the session that was most likely to pique attendees’ interest. But Aale Roos’ presentation on Unlearning ITIL was one that many wanted to hear, even if the initial slides were more about the well-known inaccuracies between ITIL v3 and the 2011 editions. At the heart of his presentation was a realisation that between a new demand from a customer and its fulfilment, there may be as many as nine processes to progress through. And it is a safe bet that people who effectively ‘order’ IT services will not be spending any of their time analysing those underlying processes. This resonated with Stuart Tarrant, director of 4SL Consulting Group. He said: “We recognised that some of the work we were doing was leveraging IT capability into the non-IT space.” 4SL had their light-bulb moment, working with a global company specialising in health and wellbeing, with many household brands to their name. The customer wanted a centralised and consistent Service Desk but did not want to use any ITIL terminology. So the solution would have to be a Service Management architecture that would appeal to non-IT business units, and for it not to seem as though the IT department was not seen to be driving it all. The basis of this idea led to 4SL’s concept of a Service Store – Taking common requirements but presenting and handling them in a non-IT manner.

Unlearning ITIL? Companies who are working with clients to implement ITSM are never going to say that it is time to unlearn ITIL. Deciding on an ITSM solution, whether in-house or part of a managed service, represents a significant investment. “There may be mature ITIL processes, but we were very conscious of disenfranchising other business units,” says Tarrant. He reasoned that although there may still be a lot of complexity within some of the IT systems we find ourselves working with, the interaction with/to the teams themselves need not be as complex. So why not make that interaction the ‘shop window’ that shields you from the back room activity. But can it really work like that? 4SL believe it can, by focussing on the business reasons for the process workflow, and by that you have to really understand why things are done, and for what benefit. “We do a business impact assessment with customers, where we would go out and start to classify a range of business processes and relate them to the underlying systems and applications,” explains Tarrant. “We then start to group them into services, and consider how critical they are.” This can work as a generic approach across all business units, and surely the value-add is the ability of the consultants to adapt that to the different client-bases, rather than being blindly formulaic. There is a lot to be said for taking the time to learn your customer’s business talk, and maybe not unlearning technologyspeak, but maybe leaving it to one side. At www.vital-mag.net

VitAL EYES ON

SMS HB 2U!

Jonathan Westlake is celebrating the 20th anniversary of the first text message.

the heart of this approach is using BusinessBased Taxonomy – talking in the language that the end user base will understand.

Jargon-busting End users are not necessarily wowed by the number of ITIL processes verified by the OGC or Pink Elephant. They may even be totally oblivious at the ability of some tools to amend the actual type of record until the first save action. All too often, from an IT consultancy point of view, we see jargon thrown into presentations to prove our ITIL credentials, and that continues throughout an engagement. That is not to say it is not important to maintain a level of technological kudos. Understand the requirements and listen to what the customer/end users want and need. Translate that into a business logic that is played out in whatever the underpinning tool is. A concept of shop-front can sit on any number of Service Management platforms, and the increasing ability to customise that shop-front lends itself to this kind of approach. Above all, reiteratively take everything back to business outcomes – what is going down this path going to give the business. Does that mean we are unlearning ITIL? I believe not. Does it mean, though, that we are engaging clients in terms that are meaningful for them, with the flexibility to move our terminology from business to technical as the need arises? Absolutely. VitAL

012 had some notable communication anniversaries, 50 years since the first satellite broadcast from Telstar and 20 years (Dec 3rd, 2012) since the first text. The SMS (short message service) has been a surprising success and like it or not texting has created a whole new language (text speak) which has cascaded into other more recent social media technologies. The debate about the effect of text speak on the standard of English continues to rage but what about the impact of SMS on business and service to customers? In an age of self service and the UK high street acting as web hubs does SMS have the potential for a new lease of life and prosperous future? The ubiquity of mobile phones, ease of use and low cost suggests the continuance of SMS. It has proved a great bulk and individual way of contacting customers especially in the web age for example for one of my Christmas purchases I was able to reserve an item at a local store and received a reservation number to my mobile phone. Simple and effective pick up from the web hub local store using the reservation number the next day. With a recent broadband upgrade I was kept informed of progress via text. SMS is also useful for on the move enquiries, for example, the excellent Traintrackertext from National Rail. On the flip side text spam has been a turn off with the recent PPI furore an example of unsolicited text messages being sent out. However, the march of social media could signal the gradual decline of SMS. A recent Ofcom report reveals a decline of approx

one billion texts from last year in the volume of traditional texts sent in Britain to now only 38.5 billion! The fall has been attributed to new forms of web-based communication which have rivalled the SMS system, namely Twitter, Skype and of course Facebook. These avenues could be argued as culturally providing the same role as texting but without the cost and it is reported that these forms of communication have become more popular than the traditional phone call. The proliferation of other ‘texting’ mobile platforms is one other reason for the SMS decline namely Blackberry messenger, instant messenger (for iPhone/iPad/iPod) and WhatsApp. It is hard to think about a world without this form of communication. Whether it is SMS or other platforms there can be no denying the impact of the text message. Cost may be a differential now for SMS to survive but its simplicity and reach to any phone running any software still adds value as it did two decades ago. So here’s to another 20 more years of texting. HAP NY 2U! vitAL

Useful reference/resource: Ofcom July 2012 report http://stakeholders. ofcom.org.uk/market-data-research/ market-data/communications-marketreports/cmr12/ Whatsapp http://www.whatsapp.com/

Ros Satar can be contacted on LinkedIn: uk.linkedin.com/pub/ros-satar/0/b00/185 www.4slgroup.com/contact-us/ January / February 2013 : VitAL 43

VitAL PROFILE

44 VitAL : January / February 2013

www.vital-mag.net

VitAL PROFILE

Remote support revolution On a mission to change the way IT support is done, when Joel Bomgar founded his company in 2002, there was already a growing business case for remote IT support, and the latest developments in Cloud and BYOD are only adding to that demand. VitAL speaks to Joel Bomgar...

OMGAR IS a company with strong values that places its work ethic front and centre. Company founder Joel Bomgar created the company’s original remote support solution in response to the IT challenges he faced as a student working as a field network engineer to help pay his college tuition ten years ago. When not in class, Bomgar could be found driving around in his 1979 Buick LeSabre providing IT support to local businesses. Often, the non-billable drive time took longer than the actual service calls. Before long he started to think that there had to be a way to spend less time driving and more time solving his clients’ problems. Unable to find an existing solution that would allow him to access and manage his customers’ computers over the internet, he decided to take matters into his own hands and develop his own technology. Although still working his way through college, Bomgar spent many late nights coding and eating pizza to develop a functional remote support solution. Leveraging the solution, he quickly doubled the number of customers he could support and cut his rather uncomfortable drive time in half. This success led him to believe there might be a market for his creation, so he made up a product brochure, launched a static web site and waited. Much to his surprise, his wait was short as he quickly began receiving calls and orders for

www.vital-mag.net

the product. After making $24,000 in less than two months, Bomgar was convinced he had uncovered a significant market opportunity, but knew he could not capitalise on the opportunity alone. He enlisted the assistance of two friends from school, Nathan McNeill and Patrick Norman. The trio knew little about starting a business but decided that they could make it work. Bomgar continued writing code and handling customer calls, McNeill focused on sales and support, leaving Norman to concentrate on marketing. In the first six months after they graduated in 2003 they used 90 lines of code, a one page web site and a simple keyword campaign to grow revenue from $0 to $100,000. The founding trio has since successfully led the company from a dorm room project to an industry leader. They credit the success to a discipline of focus and a set of strong shared core values. Today, Bomgar’s products are used by more than 6,500 leading companies from diverse industries around the world. It is recognised by industry analysts, professional associations and industry publications for its award-winning Remote Support Solution – a solution which has fundamentally changed how companies around the world deliver remote technology support. Its customers have been able to dramatically reduce costs and improve support efficiency while driving customer satisfaction to new levels.

I figured there may be others looking for a similar solution, so I made up a product brochure, launched a static web site and almost immediately started getting calls for orders. And the rest is history!

January / February 2013 : VitAL 45

VitAL PROFILE

As practices such as telecommuting and BYOD become more commonplace, the need to support remote workers and multiplatform environments is skyrocketing.

“Bomgar’s mission is to change the way work is done,” says Joel Bomgar. “We work to free the tech support community from the restraints of access barriers and geography, and from the inefficiency of traditional phonebased and on-site support. “Bomgar makes support more responsive, efficient and secure by removing the geographical and technological barriers between customers and those supporting them. Providing support with Bomgar helps you respond faster, distribute specialists more evenly, increase the productivity of current staff, and resolve incidents more cost-effectively.” VitAL magazine spoke to company founder Joel Bomgar: VitAL: How did your company it start and develop; how has it grown and how is it structured? Joel Bomgar: Ten years ago, while I was in college, I worked as a field network engineer for a local systems integrator. I had to drive from client to client to provide IT support, and found that the non-billable drive time was often longer than the service calls themselves. I started researching some of the remote access solutions that were on the market at that time, but couldn’t find anything that fitted my needs. So I created my own remote support solution that allowed me to securely connect to my customers’ computers over the internet so I could fix their systems without leaving my chair. I figured there may be others looking for a similar solution, so I made up a product brochure, launched a static web site and almost immediately started getting calls for orders. And the rest is history! Bomgar now has more than 200 employees around the world and 6,500 customers in more than 65 countries. VitAL: What is the company’s specialist area or product group, if any? JB: At Bomgar, we are completely focused on developing remote support solutions for technology support professionals. Our customers include IT departments

46 VitAL : January / February 2013

supporting employees, technology services companies providing third-party IT support, and support centres providing tech support to their external customers. Our products allow them to access and fix nearly any device located anywhere in the world, from desktops and servers to smartphones and tablets. What differentiates us from the rest of the market is that our software is delivered in a secure appliance (called the Bomgar Box) that sits within our customers’ own network. This unique delivery model makes our solution much more secure and allows us to offer features our competitors can’t. VitAL: Is that specialisation to make the best use of skills in the company or because it fits the company’s world view or has it simply evolved? JB: All of the above, really. When it comes to building new features for and evolving remote support technology, our development team is unmatched. But we also still see a rapidly growing demand for our products. As practices such as telecommuting and BYOD become more commonplace, the need to support remote workers and multiplatform environments is skyrocketing. So we see a lot of opportunity in our market. VitAL: How has any specialisation influenced the company’s general stance? JB: By focusing on tech support professionals, versus consumers, we’re able to dig deep into the challenges and needs of people working on help desks and customer support centres. We spend a ton of time listening to our customers and evolving our product to exceed their requirements. Because our resources aren’t spread across an array of markets or product lines, we’re able to stay ahead of the competition and produce solutions our customers absolutely love. VitAL: Who are the company’s main customers today and in the future? JB: Our customers range from one-man IT shops to huge enterprise support centres www.vital-mag.net

VitAL PROFILE

with hundreds of technicians and locations around the world. But they all have something in common. They all need to provide efficient, reliable, secure support to remote systems. And that need isn’t going away anytime soon. As the line between our work and personal life blurs, and we rely more and more on technology devices, the need for anywhere, anytime support is just going to increase. VitAL: What is the company’s business model, ie, does it select a market and then design solutions to meet the needs of that market or does it specialise in particular solutions and seek markets where those solutions are needed? JB: I started the company by recognising a problem and building a solution, and that’s the way we still develop products today. When we see a need in the remote support market, we determine the best way to fulfil that need and deliver a solution to our customers. VitAL: What is the company’s commitment to corporate social responsibility, ie, ‘green’ issues? JB: Because our solution allows support technicians to access systems remotely, it nearly eliminates the need for them to drive or fly to different locations to fix something. Obviously, the main benefit is the time and cost savings, but the reduction in travel also contributes to the environment. From a corporate perspective we are very involved in various charities, and also donate our technology to nearly 100 different mission organisations and nonprofits around the world. VitAL: How does the company communicate with vendors and customers? JB: We communicate with our partners and customers through many different channels, from regular conversations with our account teams, to customer and partner newsletters, to our Bomgar Community, and social media sites like Facebook and Twitter. We are so lucky to have such loyal, engaged customers and www.vital-mag.net

partners that are true champions for our brand and our products. VitAL: What is your view of the current state of IT Service Management and IT in business and the economy in general, the challenges and the opportunities? JB: The IT department’s role is definitely shifting. Cloud computing has made it easier for business units to go out and purchase their own applications and devices, lessening IT’s control over their technology environment. So IT departments are having to shift from a command and control position to setting guidelines and developing processes for technology adoption and use. From an IT support perspective the incoming onslaught of new apps and mobile devices means they need to be prepared to support nearly any system or platform, from both a skills and tools perspective.

From an IT support perspective the incoming onslaught of new apps and mobile devices means they need to be prepared

VitAL: Has the company grown organically or by acquisition and how much is growth expected in the future? JB: All growth to date has been organic. 2012 was a record-breaking year for us in regards to revenue and we foresee that the pace of growth will continue.

to support nearly any

VitAL: What are the future plans for the business? JB: Nobody can predict the future, but right now we’re continuing to focus on developing market-leading remote support solutions based on the needs we hear from the technology support community. In 2012, we relocated Bomgar’s EMEA headquarters to Marlow, England to support our rapidly growing international customer base. In the first three quarters of 2012 alone, we added nearly 200 enterprise and midtier accounts in EMEA, and increased total revenue by 57 percent over the same period the year prior.

from both a skills and

system or platform,

tools perspective.

VitAL: Joel Bomgar, thank you very much. VitAL

www.bomgar.com January / February 2013 : VitAL 47

VitAL PROCESSES

The dummies’ answer to authentication Which is more secure – hardware or software authentication and which should you choose to prevent becoming the next victim of a breach? With hacking back in the news Andy Kemshall, SecurEnvoy’s co-founder discusses which is the best way to authenticate your users.

HE RECENT events involving the mobile phone hacking actions of News of the World journalists – and quite possibly many others – have highlighted the fact that there are insecurities in the world of mobile telephony. And with approaching five billion mobiles in circulation – almost at the level of one handset for every person over the age of 10, it is perhaps inevitable that some elements of the services available may be found wanting when it comes to certain aspects of security. Against this backdrop, much has been made of the fact that cellular phones operate across open radio channels that – with the right equipment in place – can be subverted. But this isn’t actually true. Most of the hacks of mobiles in recent years have involved the subversion of the cellular base station, rather than the handset. 48 VitAL : January / February 2013

As Karsten Nohl and his colleagues demonstrated at the December 2010 Chaos Computer Club meeting in Germany (http:// bit.ly/f4TNVH), it is now perfectly possible to subvert the 2G GSM cellular network – using a massive hash of the A5/1 crytpo tables – to eavesdrop on calls. But it is also important to note that the A5/1 encryption system dates back to the 1980s when GSM was being developed. Since then the GSM standard has been developed extensively and, over the last eight years, we have seen the rise of the smartphone and the 3G standard.

Spread spectrum 3G, as any radiocommunications engineer will attest, does not use discrete radio channels with packet-driven data, but uses a radio scattering system known as spread spectrum. Spread spectrum involves the use of radio www.vital-mag.net

VitAL PROCESSES

signals spread across multiple frequencies which utilise almost all of the available bandwidth in a given waveband. It’s also interesting to note that the technology was originally developed to prevent eavesdropping. As a result, 3G voice and data calls (it’s actually all data) are almost impossible to monitor using today’s computing architecture. On top of this, 3G data streams are encrypted using the A5/3 encryption system, which is several steps ahead of the A5/1 system that Nohl and his research team have cracked. As an encryption system, A5/3 is based on a stronger algorithm with larger keys that to date have never been hacked. It’s also worth noting that as soon as the A5/1 flaw was discovered, a security patch fix came out almost immediately. So where does this leave the security of text messaging?

Secure texting At the RSA Europe conference in October last year, a US researcher called Zane Lackey – showed how, by subverting the data headers of SMS and MMS transmissions on cellular networks, all manner of social engineeringdriven hacks are possible. According to Lackey, because an MMS is actually a mobile Internet `call’ routine built into an SMS data string, it is possible to fool a user’s phone into polling a third-party (hacker’s) server for the MMS payload content, rather than the mobile phone company’s systems. What Lackey’s demonstration at RSA Europe 2010 – later repeated at the Black Hat Abu Dhabi event in November (http://bit.ly/bvekPW) - showed was how it is possible to generate a WBXMA-based message that appears on a user’s mobile and persuades them to access a rogue mobile Internet web site. It did not, however, demonstrate how fake text messages could be inserted into a live GSM control channel, nor how it an SMS data stream could be eavesdropped upon as, whilst this would be technically feasible, it would involve the use of complex electronics and – given the nature of cellular networks – would only operate across a short range. www.vital-mag.net

SMS tokens versus hardware tokens This leads us neatly to the topic of whether an SMS-based token – often described as a tokenless two-factor-authentication (2FA) system – is as ‘strong’ as a hardware-based token such as the RSA SecurID system. Before we examine this issue, let’s look at the security of a 2FA hardware token. Whilst the hardware itself is tamperproof, given the fact that RSA’s servers were publicly hacked earlier this year (http://bit.ly/ i3NEKa) the integrity of the system is far from being unhackable. Furthermore, if the token is `borrowed’ by a third party, and the electronics dissected – a process which has been carried out by countless researchers since the arrival of the 2FA hardware token (aka one-time password tokens) in the late 1980s – then it is possible to create a duplicate hardware token using the same algorithm. Of course, this incredibly complex subversion process – which requires the physical possession of the hardware token for a lengthy period of time and the use of highly complex electronics and counterfeiting technology – can be neatly side-stepped if you simply hack the servers of the company owning the keys. When this happened with the widelypublicised RSA systems hack last year, the hackers effectively gained access to the seed record database that forms the foundation of the RSA 2FA system. And it’s against this background that the integrity of all 2FA tokens - whether hardware or software – needs to be viewed. All 2FA systems can be subverted, given enough time and resources, but a hardwarebased system, just like a software-based system such as that seen using cellular text messages, takes a lot of time and effort that few people outside of US and other major government law enforcement staff have access to. A text message might even be eavesdropped upon with malicious software on the phone, but the chances of this happening in the real

Most of the hacks of mobiles in recent years have involved the subversion of the cellular base station, rather than the handset.

January / February 2013 : VitAL 49

VitAL PROCESSES

Many users leave their tokens in their laptop bags which is very much like gluing your car keys to your car, as opposed to a mobile phone which is almost certainly kept close to the user and separate to their laptop.

50 VitAL : January / February 2013

world – outside the pages of a James Bond movie script – are minimal, just as they would be where the subversion of a hardwarebased token is involved. In addition, given the wide diversity of phone models and operating systems, any text message subversion technique would have to be adapted many dozens of times over to cover all eventualities. And if the smartphone vendor issues a firmware update – or Google’s Android software development team updates the smartphone operating system (as frequently happens) – the cybercriminal would be back to square one.

Tried & trusted Phones such as iPhone and Blackberry rely on the App Store that only publishes trusted software that has been checked to be virus free and ensures that the originators identity must be confirmed making it impossible for a hacker to install malicious software anonymously. It should also be noted that those that have tried to hack personal phone data have ended up in prison, caused the down fall of the News of the World and lost billions (Rupert Murdoch). The great bonus about putting authentication onto a mobile phone is users realise very quickly when they have lost their mobile phone and therefore report it far quicker than they would with a token. If for any reason someone does manage to retrieve a passcode from a user’s phone they will still need to know the User ID and PIN or Windows

Password to log on. The hacker will only get one attempt at getting this correct at which point even if they are denied the system will generate a new passcode that is sent to the user’s phone alerting the real user to an illegal log on attempt. A hardware token user would never know if someone had tried to hack them. Many users leave their tokens in their laptop bags which is very much like gluing your car keys to your car, as opposed to a mobile phone which is almost certainly kept close to the user and separate to their laptop.” If you still don’t trust SMS please bear in mind you can still opt to use alternatives on iPhone, Blackberry, Android and soon laptops which have no reliance on SMS as they are isolated software versions of time sync tokens with the added security benefit that seed records are created at enrolment within your own server and can automatically resynchronise to any time zone in the world.

The software option By now it should be clear to the reader that there is no such animal as a 100 percent secure authentication token system. There are, however, highly secure systems that centre on hardware tokens, as well as less expensive and infinitely more flexible systems based on cellular handsets and 2G/3G text messages. Which authentication system you select will depend on your budget and a return-on-investment plan. But given the immense flexibility – and rapid deployment – that software-based authentication systems offer, we think the software option wins handsdown on several fronts. VitAL www.vital-mag.net

VitAL PROCESSES

Big data: driving changes in supply chain management How is â&#x20AC;&#x2DC;Big Dataâ&#x20AC;&#x2122; being used in the real world? Karsten Horn, director of international sales for the materials management division at supply chain optimisation specialist INFORM explains how it is driving change in supply chain management.

52 VitAL : January / February 2013

www.vital-mag.net

VitAL PROCESSES

While the issue of big data may cause businesses great headaches, I believe there is also a potential positive – big data has the ability to drive real changes in supply

ITH THE success of the recent Olympic Games captivating millions across the world, UK firms were faced with a mix of new challenges. Given that the UK had not held an event of similar proportion in recent years, many companies struggled to make accurate predictions on stock demand and in turn could not manage their supply chains effectively. For any business to have a tight hold on their supply chain, the key ingredient is flexibility. Being able to adapt quickly to changing circumstances means the company must have accurate forecasts and a clear understanding of supply chain – resulting in greater precision in the prediction of demand. However, developing a clear overview is not easy and requires masses of data from a vast array of sources. As a result, concerns are increasingly being raised over the issue of big data and the effect it can have on business, not least in the agility of the supply chain. Considering the impact big data can have on already inflexible supply chains, these concerns seem justified. A pile up of massive amounts of data can create great difficulties in achieving a single view of data. This in turn means that businesses can find it near impossible to www.vital-mag.net

focus on the most important task of the day or make quick decisions. This is especially difficult considering most businesses have supply chains which stretch across the globe and encompass numerous suppliers, distribution channels and environments. It is therefore vital that businesses keep pace with the change that big data is creating and shift their supply chain management accordingly.

chain management.

Breaking down big data While the issue of big data may cause businesses great headaches, I believe there is also a potential positive – big data has the ability to drive real changes in supply chain management. Many businesses continue to rely on legacy systems or ‘gut feeling’ to identify trends and make supply decisions. However, the build up of big data means that businesses are being forced to focus on their supply chain management and in turn are realising the immediate benefits that technology can bring. Technology can capture data effectively and efficiently, even in vast quantities. Meaning that it can then be used to plan collectively January / February 2013 : VitAL 53

VitAL PROCESSES

For those working in the technology arena, a reluctance for businesses to realise the benefits of the cloud can at times be frustrating, but I believe that big data could be the driving force for many businesses to harness the potential that the cloud offers.

54 VitAL : January / February 2013

to provide precise forecasting that assures informed decisions can be made quickly. For example, areas across the business have their own plans that need to be taken into consideration when planning and forecasting demand; not least the plans of the management board, purchasing management, production management but also those of marketing and sales. Synchronising all plans across the company to create one valid plan provides a solid basis for all subsequent processes and planning activities, such as production planning and procurement. When dealing with masses of data, it can be difficult to determine what information can be deemed unusable in the given context and equally pinpoint the most relevant data. Effective planning technology will identify what data is business critical so that it can be prioritised and acted upon accordingly. For instance, if a shift in demand was forecasted, an alert will ensure that remedial action is immediately taken to ensure optimal stock levels are available. Managing by exception in this way can provide business with a clear competitive advantage. Utilising the benefits of technology for demand planning and flexible forecasting becomes even more imperative when working within environments that can change at speed or are completely unprecedented. For example, in recent years, the eruption of an Icelandic volcano and the subsequent ash cloud which left businesses struggling to ensure their supply chain remained uninterrupted. Many businesses have since put in place contingency plans in preparation in case similar events occur in the future.

Reaping the rewards of the cloud Before successfully adopting big data, businesses must have suitable means of managing the information. Given the potentially vast quantities, maintaining the data effectively is vital in harvesting the full potential big data

offers. While conventional data storage would struggle to cope with the additional data, the cloud could be just the solution. Research shows that UK businesses are slower to adopt the cloud than their European counterparts; UK adoption is at just 48 percent, compared to 60 percent in Europe. However, I firmly believe that the cloud can be an enabler for business growth by supporting companies in making fast and confident decisions, even in volatile markets. For those working in the technology arena, a reluctance for businesses to realise the benefits of the cloud can at times be frustrating, but I believe that big data could be the driving force for many businesses to harness the potential that the cloud offers. By means of a web-based cloud application, businesses can carry out accurate demand forecasts and planning in a fast, secure and easy manner via the internet â&#x20AC;&#x201C; anytime, anywhere. By operating independently from a platform and with the ability to be used on mobile devices, cloud-based demand planning software enables company departments and management teams to view key figures regardless of the time and place. This becomes even more important when businesses are dealing with a plethora of data, meaning that information can change rapidly. Instant access to up-to-date information can therefore be business critical.

The driving force of change Efficient and flexible demand planning and forecasting is the lifeblood to supply chains and subsequent business success. Organisations must take advantage of the challenge that big data brings and use it as an opportunity to instigate changes in supply chain management, by ensuring processes are adapted and updated in-line with the changing environment that big data creates. I firmly believe that those businesses which incorporate effective methods to manage big data will be the ones to reap the most reward in the long term. VitAL www.vital-mag.net

IncidentMonitor™ Understanding Your Service Desk Needs Over 13 years of customer experience bundled in one solution to help centralise information, prioritise issues aimed to increase control, productivity and improve communication and service excellence. IT Managers are struggling with the flood of information and questions, making it difficult to prioritise and organise, impacting customer satisfaction and service levels. 81% of IT Managers that excel in customer satisfaction and service level attainment are outperforming their counterparts. IncidentMonitor™ allows you to maximise your capabilities and competencies in customer service, whilst maintaining your profitability. What our customers say: “The Service desk team keeps our system up to date as IncidentMonitor™ helps minimise admin. An easy overview in combination with automated actions like on screen tips of KB articles, matching tickets and auto categorisation makes working with it fun.” “The personalised dashboard visualises my workload, while my manager has a high level view and so does not need to ask me for statistics every morning!” “Monitor 24-7’s service is great. Their approach of developers participating in customer support helps to quickly answer questions and shows a real customer focused approach in new releases.”

Key Features ITIL PinkVerify for 10 processes included Windows, browser, mobile, chat interface included New ticket wizard with onscreen KB tips and matching requests Auto categorising while logging Quick links SLA filters Personalised dashboards and interactive reporting Unlimited process design Easy configuration and administration of back end Happy and loyal customer base and service team Direct access to Monitor 24-7 development team for advanced service

Engage. Manage. Improve.

www.monitor24-7.com

Monitor 24-7 Inc. PO Box 4530 Maidenhead SL60 1GG +44 (0)20 8123.3126

VitAL PROCESSES

What can organisations do to combat the insider threats? How can you be sure that you havenâ&#x20AC;&#x2122;t got an enemy within and your organisation isnâ&#x20AC;&#x2122;t facing an insider threat? Amichai Shulman, CTO and co-founder of Imperva has a few tips on tackling this tricky problem.

56 VitAL : January / February 2013

www.vital-mag.net

VitAL PROCESSES

According to a Unisys survey- referring to 2010 data – 95 percent of workers use self-purchased technology for work. More so, employers don’t even seem to be aware of how their employees are integrating their own devices into their jobs.

AILPOINT HAS recently released its survey results regarding employee behaviour with respect to corporate data. An interesting figure indicates that 24 percent of the surveyed Brits mentioned they would copy electronic data and files to take with them when they leave a company. This figure should certainly raise concern and comes as no surprise. In fact, a similar survey conducted by Imperva covering 1,000 individuals in London, demonstrated how severe this problem really is. That survey showed that 79 percent of the respondents mentioned that either their organisation does not have data removal policies (upon employee departure), or they were unaware of such policy. Furthermore, the vast majority (85 percent) store corporate data in home computers or personal mobile devices.

Consumerisation of IT This is an immediate consequence of the trend called Consumerisation of IT. What we www.vital-mag.net

are witnessing is a phenomenon where the employees themselves are the ones who are introducing their preferred technologies to the enterprise. Today’s employees are tech-savvy and they want their employers to accommodate all these new technologies and devices. Workers are using social networks as an online collaboration tool. Others are using their personal devices to access the company’s web mail. In fact, according to a Unisys survey – referring to 2010 data – 95 percent of workers use self-purchased technology for work. More so, employers don’t even seem to be aware of how their employees are integrating their own devices into their jobs: in that same Unisys survey, workers reported using consumer devices at twice the rate that their employers had reported. The proliferation of mobile devices has further lent itself towards the consumerisation of IT. The SailPoint’s survey indicates that 29 percent of British employees use mobile devices to access the company’s private Intranet or portals. The Unisys consumerisation of IT survey from 2010 shows even higher adoption rates among US employees.

The mobile gateway In recent years we have seen a growing variety of mobile applications that are a gateway to enterprise systems, including CRM, ERP, and document management. On top of this, the devices are consistently growing in terms of storage capacity and web technology adoption. Apple’s iPhone comes with up to 32GB of internal storage, while its bigger sibling, the iPad, can accommodate up to 64GB of memory. (For context, one million records holding names, addresses, and social security numbers will occupy approximately 0.5GB.).

The consumerisation of IT has left the door open to insider threats. While the common belief is that the insider threat is usually a corporate spy or a revenge-seeking employee, the reality is more mundane. As it turns out, it is the average Joe that represents the most probable threat. Employees enjoy legitimate access to sensitive corporate data while on the job. They use their access privileges to rightfully create copies of the information as they process it for their daily tasks. Upon leaving the organisation, many individuals do not care to remove copies of sensitive information, and in some cases even develop a sense of personal ownership towards it.

Stopping data getting out of control As we can see, the consumerisation of IT has left businesses with diminished control over access to internal perimeter and user behaviour at the end point (eg, password policy, storage encryption, use of AV software cannot be enforced employee owned devices). As a consequence, the organisation must put more focus on protecting data sources against abusive activity by authorised users and devices. What should organisations do to prevent this data getting out of control? Firstly, they should enforce strict access controls over critical data. This access control should be based on a business need-to-know level. This cannot be achieved by a singular project but rather imposes a process of constantly evaluating user access privileges Secondly they should monitor access to sensitive corporate data and maintain a detailed audit trail. And finally they should make it their business to detect abusive access patterns to sensitive corporate data. VitAL January / February 2013 : VitAL 57

VitAL EVENTS

The definitive Cloud event Cloud Expo Europe, the leading seminar-led exhibition and conference for the Cloud computing and virtualisation sector, opens its doors at Olympia to IT decision makers and technology leaders at the end of January.

AKING PLACE at the National Hall, Olympia, London, from 29th to the 30th January 2013, Cloud Expo Eiurope, now into its fourth year, aims to provide visitors with more than just abstract theorising surrounding Cloud. According to the organiser, it provides visitors with practical ‘how to’ advice from over 150 leading international suppliers, many appearing for the first time in Europe, as well as proven expertise from 130 freshthinking organisations from across the globe speaking in the conference. The wide range of topics, cover an array of technology and business issues, from security and governance, big-data to virtualisation, as well as a dedicated Cloud service provider & ecosystem stream. The programme is packed with case studies, user-experiences and honest appraisals, all offered free of charge.

58 VitAL : January / February 2013

Building on the success of Cloud Expo 2012 “The 2012 show successfully cut through the hype and presented the real benefits of Cloud computing to an audience of enterprise and SME buyers, as well as the industry itself,” commented the organiser. “At the time, a lot of uncertainty still existed around Cloud adoption. The general consensus being that for those firms not operating with IT, Cloud was something to be approached with caution.” Ensuring that it was in tune with its key audience, Cloud Expo Europe sought to address these issues and positioned itself as the ‘how to’ event where attendees could revolutionise their IT systems securely, save money and improve efficiency. The result was an unprecedented increase in total attendance, with over 4,750 visitors, over the two-days, meeting over 100 leading Cloud computing vendors and service provides. www.vital-mag.net

VitAL EVENTS

The wide range of topics, cover an array of technology and business issues, from security and governance, big-data to virtualisation, as well as a dedicated Cloud service provider & ecosystem stream. The show included six of the world’s top ten leaders in Cloud computing, and was billed as “the largest and most authoritative gathering of Cloud computing expertise ever assembled in the UK.” The six were Dr. Werner Vogels from Amazon.com, Mark O’Neill from Government Digital Service, Marten Mickos from Eucalyptus, Joe Weinman from HP, Sam Johnston from Equinix and Andy Burton, from the Cloud Industry Forum (CIF). Other new top-flight speakers included experts from blue chips such as HSBC, Honda, Microsoft, Google and the BBC who joined a line-up of over 130 speakers across six seminar theatres. The success of the show was there for all to see with attendees highlighting the fantastic networking opportunities, strength of international suppliers and quality of speakers as hugely appealing. So much was the success that later in the year, Cloud Expo Europe was recognised by the Association of Exhibition Organisations (AEO) at their annual excellence awards event where it was named Best Business Exhibition. The award recognised the extremely relevant and strong seminar content, the targeting and reach of the promotional campaign and the breadth and relevance of the exhibitors involved, providing the ultimate springboard for future events. The judges highlighted “an incredibly successful rebrand with a wide range of new initiatives and improvements. An excellent marketing campaign and visitor experience was delivered.” Cloud Expo Europe 2013 is on course to build on the success and surpass previous years. Over 6,000 attendees are expected to visit the show, with nine dedicated streams and eight theatres available to showcase the latest developments and findings in IT’s Clouded universe.

Conference programme The 2013 show is hosting a world-class conference programme with representatives from a wide spectrum including, Cancer Research UK, HSBC, Morgan Stanley, Terremark, Financial Times, Nebula, Liverpool Football Club, Unilever, The MET Office and www.vital-mag.net

eBay, where Jean-Christophe Martin, Cloud architect for eBay, will be discussing their experiences of deploying an internal Cloud. There are over 50 real-life case studies to choose from featuring organisations who have faced – and overcome – similar challenges, and who are already deriving measurable benefits from Cloud implementations.

Exhibitors Exhibitors at Cloud Expo 2013 include: • SunGard Availability Services demonstrating its resilient IT infrastructure and organisational availability services through a combination of scalable, managed IT production environments and Workplace Recovery centres; • Flexiant whose software gives Cloud service providers business agility, freedom and flexibility to scale, deploy and configure Cloud services, simply and cost-effectively, and can be found on 467; • Global data centre provider Telehouse, who will be on hand to showcase Telecloud, its infrastructure-as-aservice platform; • Phoenix, a leading provider of end-to-end infrastructure services and IT solutions that drive more flexible and cost-efficient Cloud services sector; • Leading managed service provider Claranet will be showcasing its new IAAS offering – the Virtual Data Centre; • Brocade will be available to demonstrate how it is able to facilitate virtualisation and Cloud computing; • Rise will be able to meet with visitors and outline how they can migrate their existing infrastructure into the Cloud. Whether you are developing a Cloud strategy or running an advanced private Cloud, you can expect to find credible, authoritative content. For businesses and public sector organisations, big or small, wanting to unlock the potential of Cloud computing, Cloud Expo Europe is simply one of the most powerful gatherings of international Cloud industry expertise ever assembled. VitAL Register for tickets free of charge at: www.cloudexpoeurope.com/reg-cci January / February 2013 : VitAL 59

VitAL EVENTS

Show time! The leading names in IT Service Management will be represented at SITS13 – The Service Desk & IT Support Show on 23-24 April 2013 to London’s Earls Court.

ITS13 – The Service Desk & IT Support Show returns on 23-24 April 2013 to London’s Earls Court. Just four months away, the 19th annual event will feature some of the ITSM industry’s leading specialist vendors, integrators, consultancies and service providers, demonstrating the latest products and services. Confirmed exhibitors for 2013 include Examination and Accreditation Institute APMG-International, IT support solutions provider BMC Software, training and consultancy specialists FGI, online helpdesk system provider Freshdesk, IT recruitment company Global Technology Solutions, remote support solution providers LogMeIn, IT infrastructure monitoring company Nexthink and industry professional body SDI. The full exhibitor list can be found online now at www.servicedeskshow.com. SITS13, the leading ITSM and support event, will be focusing not only on the business benefits, but also the personal gains that will 60 VitAL : January / February 2013

be made by visiting. Key industry issues set to be discussed and debated in the event’s comprehensive education programme include how to get started with Service Catalogue management, the importance of Business Relationship Management, how to calculate return on your Service Improvement Programme and how to create a supportable BYOD strategy and much more. The 2013 show will boast eight Keynotes, 40 seminars, in-depth roundtable discussions and essential breakfast briefings.

Breakfast at SITS Accompanied by complimentary refreshments, the Breakfast Briefings provide a motivating start to each show day, and are designed to leave attendees with plenty of food for thought. The first of this year’s briefings, on Tuesday 23 April at 8.30am, reveals the findings of an exclusive, new industry white paper – ‘Demonstrating service desk value

through more meaningful metrics’. Hosted by an expert panel, including representatives from The Service Desk Institute (SDI) and Cherwell Software, the session will look at the metrics that the IT support industry is currently measuring and will offer practical advice on implementing business value metrics to truly drive the business forward. Complimentary copies of this year’s white paper will also be available from the Cherwell Software and the SDI stands during the event. VitAL For more information please visit www. servicedeskshow.com. Free visitor registration is now open at www. servicedeskshow.com (please quote priority code SITS152) and SITS13 – The Service Desk & IT Support Show attendees will also benefit from free access to Infosecurity Europe 2013, Europe’s number one information security event, co-located at Earls Court. www.vital-mag.net