WHERE TECHNOLOGY MEANS BUSINESS issue 272 | september 2014 WWW.CNMEONLINE.COM
Double play Majid Al Futtaim CIO Kashif Rana’s corporate finance and IT journey
holding the fort
Dubai Holding’s Oracle ERP venture
Flying high
Juniper CEO talks new networks
fifth domain Cyber warfare
threatens Middle East
Malware Maladies
McAfee techie discusses cyber threats
PLUS: cloud Unified communications | tailored erp | IoT Security distruption | managed services
Turn your fleet into a hotspot on the move Business MiFi now exclusive from Etisalat Keep your customers connected on the move with Business Mifi. It’s like having your own Wi-Fi hotspot on the go. Simply set up the device in your vehicle and let your customers enjoy unlimited connectivity during their journey.
800 5800
etisalat.ae/businessmifi
I
EDITORIAL
Planet of the apps
Jeevan Thankappan Group Editor Talk to us: E-mail: jeevan.thankappan@ cpimediagroup.com
GROUP Chairman and founder Dominic De Sousa GROUP CEO Nadeem Hood
It is not an exaggeration to say that we live in the age of mobile apps. Flurry, an app analytics firm that tracks more than one billion devices around the world, says mobile apps are disrupting industries at a pace not seen since the industrial revolution. The stats are staggering. According to Gartner, mobile app store downloads reached 102 billion last year, which is estimated to exceed 138 billion in 2014. Out of which, messaging apps alone are expected to surpass 1.5 billion users by next year. The debate between mobile Web versus apps is also more or less settled now, with numbers suggesting users spend 87 percent of their time on apps rather than mobile Web. Despite the consumer flavors of many apps today, their increasing popularity and usage is pushing many CIOs to incorporate mobile apps into the enterprise. Do these apps really benefit the business? The surging BYOD trend has forced many CIOs to explore the option of creating private enterprise app stores, some of them homemade, but user adoption can be quite tricky. In fact, SAP says 76 percent of these apps are abandoned after first use. This is attributed to the way mobile enterprise apps are marketed to the user base, which often happens without help desk support, clearly defined BYOD policies, among other factors that can help to whip up user enthusiasm. Mobile apps might be cool and fun, but there is a flip side to the coin. A big chunk of the popular apps today, be it is iOS or Android, collect personal data of users including location, address book contacts and calendar information. According a recently released survey by Appthority, a company that helps enterprises identify the risks hidden in mobile apps, 82 percent of top Android free apps and 50 percent of top iOS free apps track user location. The good news is that companies like Apple are pushing towards app-centric security by providing MDM APIs that allow IT organisations more control over apps running on the device. However, this may not be enough. Security researchers warn that HTML5-based apps, which are expected to become more popular over the next several years, can add to the security risk for enterprises. Many enterprises, including the big ones, are guilty of putting out apps without paying attention to security. Whether your business is ready or not for the app explosion, treading with caution is the only way to keep some of those intrusive apps at bay.
GROUP COO Georgina O’Hara
Publishing Director Rajashree Rammohan raj.ram@cpimediagroup.com +971 4 440 9131 Editorial Group Editor Jeevan Thankappan jeevan.thankappan@cpimediagroup.com +971 4 440 9133 Editor Annie Bricker annie.bricker@cpimediagroup.com +971 4 440 9116 Online Editor James Dartnell james.dartnell@cpimediagroup.com +971 4 440 9140 ADVERTISING Senior Sales Manager Michal Zylinski michal.zylinski@cpimediagroup.com +971 4 440 9119 Circulation Circulation Manager Rajeesh M rajeesh.nair@cpimediagroup.com +971 4 440 9142 Production and Design Production Manager James P Tharian james.tharian@cpimediagroup.com +971 4 440 9136 Designer Analou Balbero analou.balbero@cpimediagroup.com +971 4 440 9132 DIGITAL SERVICES Digital Services Manager Tristan Troy P Maagma Web Developer Jefferson de Joya Photographer and Social Media Co-ordinator Jay Colina webmaster@cpimediagroup.com +971 4 440 9100
Published by
WHERE TECHNOLOGY MEANS BUSINESS issue 272 | september 2014 WWW.CNmeONLiNe.COm
Registered at IMPZ PO Box 13700 Dubai, UAE Tel: +971 4 440 9100 Fax: +971 4 447 2409
If you’d like to receive your own copy of CNME every month, log on and request a subscription: www.cnmeonline.com
Double play Majid Al Futtaim CIO Kashif Rana’s corporate finance and IT journey
holding the fort Dubai Holding’s Oracle ERP venture
Printed by Al Ghurair Printing & Publishing
flying high
Juniper CEO talks new networks
fifth domain
Regional partner of
Cyber warfare threatens Middle East
Malware Maladies McAfee techie discusses cyber threats
PLUS: cLoUd Unified commUnicationS | taiLored erP | iot SecUrity diStrUPtion | managed ServiceS
© Copyright 2014 CPI All rights reserved While the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.
Welcome to the future of tv The year is 2020. There are 9 billion people in the world and 1.5 billion homes with a digital television. Over 50 billion connected devices are plugged into a global network dominated by video. The new era of entertainment and connectivity has arrived. The game has changed. Are you still winning?
ra覺se the bar
EDITORIAL Our events
Fully booked
Annie Bricker Deputy Editor Talk to us: E-mail: annie.bricker@ cpimediagroup.com
As the long, languishing summer comes to its end, we at CNME are gearing up for what promises to be a season chock full of events. Undoubtedly, many of us went on vacation, and offices were a bit quieter during the holiday season. However, I would argue that these moments of work relief are actually quite important in this industry. With a moment to look up from our monitors, casual events allowed the technology community to come together as peers. Human connections and networking over cups of chai at the nightly Iftar surmounted servers and security as priority for a moment, and I for one was delighted to get to know many of you outside of the office setting. Now that we are all refreshed and back in action, it is time to dive into a brilliant line-up of events. To kick off September, CNME is proud to host the 2014 Enterprise Security Road Show. This event will reach the UAE, Qatar and KSA and features speakers from forward-thinking organisations that will address the challenges facing IT decision makers in the Middle East in this ever-changing threat landscape. The upcoming season also brings to us the much anticipated ICT Achievement Awards. This year sees the fifth edition of this prestigious event that will recognise outstanding and ground-breaking applications of technology by businesses in the Middle East. The nomination period has closed, as of the writing of this editorial, and our distinguished panel of judges have now taken on the difficult responsibility of determining the best of the best. Finally, the event that the entire technology community has been waiting for, GITEX, is upon us in mid-October. The Dubai World Trade Centre will play host to over 142, 000 visitors from 150 countries. Far beyond a simple trade show, GITEX serves as an incubator for innovative, cutting-edge technologies that give consumers and professionals a window into the hottest regional and global IT trends. This will be my first GITEX and I am eager to see how this year’s theme, 'Re-Imagining Our Future' will manifest. Indeed, our calendars overflow and the months ahead will be dotted with events and awards that celebrate the IT industry in the region. These events, in my opinion, are deeply important not only to individual businesses and IT leaders, but to the entire industry. It is paramount that we laud the successes of our recent past, and look forward to the innovations of the near future. Though I believe them to be key to the health of the industry, I do hope that you all had a relaxing summer, because the coming months will be busy!
Big Data
Symposium
Our online platforms
Our social media
facebook.com/computernewsme
twitter.com/computernewsme
6
Computer News Middle East
september 2014
www.cnmeonline.com
linkedin.com/in/computernewsme
if You can dream it. We can Print it.
TASKalfa 5551ci SerieS
Finally an output solution to inspire creativity
The new KYOCERA TASKalfa 5551ci series impresses with innovative toner technology. Its professional colour management function ensures that all printed documents are accurate and consistent and have stunning vibrant colours. More colour management with ICC-colour profiles and higher productivity can be achieved with an optional EFI Fiery® controller. With high-speed operation, impressive media flexibility and versatile finishing options you can create perfect documents in any format. These TASKalfa are equipped with our renowned long life technology components offering unmatched reliability to save you time, money and energy – which you can use for your creative ideas instead.
For more information please contact: KYOCERA Document Solutions Middle East | P.O. Box 500817, Dubai, U.A.E | Tel: +9714 4330 412 | Fax: +9714 4231 944 KYOCerA Document Solutions europe B.V. – www.kyoceradocumentsolutions.eu KYOCerA Document Solutions inc. – www.kyoceradocumentsolutions.com
Contents
Our Strategic Partners Strategic ICT Partner
Strategic Technology Partner
Strategic Innovation Partner
ISSUE 272 | september 2014
34
Unified front
double play
38
48 8
new faces of msp
info wars
Computer News Middle East
september 2014
20
10 Secure messages Cyber-criminals are leveraging user behaviour now more than ever. Banks and social media firms have taken steps to protect their customers from email scams.
48 Info wars Enterprise security managers need to think globally. Recent cyber-warfare attacks in the region have security experts and politicians alike sitting up and taking note.
20 Jack of all trades Kashif Rana has a mixed background. With experience in both finance in IT, the CIO of Majid Al Futtaim understand that business and technology must work together.
54 Virtually there Network functions virtualisation technology promises to help carriers reduce costs and quickly roll out new services. What does this innovation mean for the telecom world?
24 Prior planning When DHCOG began to prepare for the eGov Strategy roll-out, CIO Mohammed Sabah Al Khalaf saw in the chaos an opportunity to improve the comapny's ERP systems.
62 Until the bitter end Endpoint protection platforms need to become more proactive, says Gartner's Peter Firstbrook. How do EPPs protect end-users from increasingly sophisticated attacks?
34 Unified front Unified Communication implementation in the region have been lower than expected. Though UC has many benefits, it still faces resistance.
72 Discovering data Big Data can be useful or burdensome. With the world generating data at outstanding speeds, bsuinesses need new tools to leverage what they have.
38 New faces of MSP The move from CapEx to OpEx models is leaving MSPs to adjust their services, as well as their philosophies.
84 Changing landscape McAfee's Brian Kenyon sits down with CNME to discuss the current and future of malware.
www.cnmeonline.com
Building a Better Connected World GITEX TECHNOLOGY WEEK 2014 12-16 October 2014 ZA’ABEEL Hall, GULFCOMMS , Stand ZE20 World Trade Center, Dubai, UAE
For more information:
enterpriseME@huawei.com
in depth Email security
The problem with Email Research has highlighted the increased danger of phishing scams from travel and banking websites as well as social media. Agari reveals the banks and industries that are the prime candidates for the devious attacks.
10
Computer News Middle East
september 2014
www.cnmeonline.com
R
esearch from Agari, which provides email security and threat intelligence tools, shows which industries are constantly under attack - but manage to deflect them - and which industries still get a failing grade as they face increased hacker attention. “Email is one of the criminal’s best friends, and one of the most common channels criminals use to go after their victims,” says Patrick Peterson, Founder and CEO, Agari. Hackers impersonate brands and try to get you to give them information in return, such as a username and password. Agari’s quarterly report, which looks at 147 companies across 11 industries, evaluates
two things. There’s the TrustScore, which looks at the highest-volume email-sending domains for a company and then analyses their implementation of common email authentication standards, including DMARC, DKIM and SPF. Then there’s the ThreatScore, which calculates the volume of spam and potentially malicious email sent by hackers masking themselves as a certain company. Your bank is still a target for hackers From the first to second quarter, Agari found an eight percent improvement in trust scores across all industries. However, attacks against what Agari calls “mega banks” remained high. “Attackers are looking to monetise,” says Trey Ford, Global Security Strategist for IT security firm Rapid7. “What’s easier to monetise than cash? If I can act like a major bank and get you to sign into my fake webpage, I can log in as you and move money around.” Because of this increased attention, banks have also adapted to protect their consumers against these threats, Peterson says. CapitalOne and JP Morgan Chase even appear in the socalled Agari 100 Club, which is reserved for companies that receive a TrustScore of 100. Facebook and Twitter also fall in that group. “Social media and banks used to be some of the criminals’ favourite targets,” Peterson says. Those industries have come a long way in their efforts to protect consumers. People now know how to tell if an email from a financial institution “looks a little funny” and shouldn’t be trusted, he adds. “Criminals found out that those were much harder targets to impersonate.” That hasn’t stopped criminals, though - JP Morgan and other banks were allegedly hit by
“What’s easier to monetise than cash? If I can act like I’m some major bank and get you to sign into my fake webpage, I can log in as you and move money around.” Russian hackers last week in an attack that may have been politically motivated. Email Hackers Now Hitting Travel, Healthcare So where did criminals turn? The travel industry. It experienced an 800 percent jump in threats between the first and second quarters of the year. Agari’s report says travellers are “natural” targets for social engineering, a type of security intrusion that plays on human behaviour and emotion. “As criminals started to look for a new weak link, they found that travel was incredibly successful,” Peterson says. “They’ve been ploughing a lot of their efforts and investments into making more and more improvements spoofing an itinerary.” In a 2014 scam, hackers pretended to be Delta Airlines, emailing consumers to say, “Your credit card has been successfully processed,” and to provide flight information. Peterson also points to large-scale attacks using Expedia, Airbnb and Booking.com as fronts - all with the goal of either getting your log-in information or installing malware on your machine. Ford says he’s not surprised - not just because of the potential information that hackers can get through setting up fake travel-related sites but because of what travel does to people. Road warriors who frequently travel for work
“As criminals started to look for a new weak link, they found that travel was incredibly successful. They’ve been ploughing a lot of their efforts and investments into making more and more improvements spoofing an itinerary.” www.cnmeonline.com
have lowered their barriers, Ford says: “When you get really tired, you do stupid things.” Mobile devices and travel don’t always mix well, either. Ford says he’s “fairly aggressive” in the security set up of his laptop, but “when I read an email on my phone, I don’t have all of those controls. I’m a lot more vulnerable to phishing and [other] attacks - especially when I’m tired.” The good news is that airlines specifically had a 17-percent jump in their TrustScores. “It’s very easy when you start from zero to make 17 percent progress,” Peterson says, but he points to Delta as a “breakout star” for reacting quickly and effectively after being targeted. Healthcare also performed poorly, earning the lowest TrustScore out of all industries. Out of 14 healthcare companies analysed, 13 were classified as easy targets for cybercriminals, suggesting that healthcare security remains lax. Email security a modern game of whac-a-mole Overall, the TrustScore for the companies that Agari studied increased eight percent in the second quarter. Peterson describes it as a “sea change,” adding, “These are big companies. Making changes is hard for them.” However, as the major banks learned, that doesn’t mean these attacks will stop. “Criminals have so many tricks up their sleeve,” Peterson says, “and have a new one every day.” Progress is good, but big companies still need to be on alert for whatever’s next. “Spam is a problem and we still don’t have it solved. Phishing is a problem and we still don’t have that solved,” Ford says. “These [hackers] are businessmen and businesswomen. They’re incentivised to be successful. They’re going to keep reiterating this game of cat and mouse.”
september 2014
Computer News Middle East
11
in depth Security
Chasing dirty money When money is on the line, security is key. With cyber-criminals eyeing the Middle East, what can be done to keep our banks secure?
L
ast week reports emerged that digital currency service Liberty Reserve, based in Costa Rica, had been found guilty of laundering $6 billion. The digital currency service operated as the largest platform for all illegal e-money transactions worldwide. According to the U.S. Department of Justice (DOJ) who has now seized the website, the undercover money transmitting business was connected to credit card fraud, identity theft, investment fraud, computer hacking, child pornography and narcotics trafficking. In May 2013, the DOJ branded it as the largest money laundering prosecution in history, when it was indicted for white-washing the earnings. Incorporated in 2006, Liberty Reserve catered to one million users at the time it was indicted, 200,000 of which were based in the U.S. Interestingly enough, there was a similar crackdown by the DOJ around the same time. A network of eight men based in the U.S. were accused of infiltrating the IT domains of the Bank of Muscat, and National Bank of Ras Al Khaimah (RAKBANK) and raising the limits of prepaid debit cards of both banks. The theft was carried out in two coordinated
12
Computer News Middle East
september 2014
incidents, the first of which took place in December 2012 when $5 million was stolen from RAKBANK; authorities from India had reported a break-in of RAKBANK’s credit card processing machines. In February 2013, a similar break-in was reported from New York and Bank of Muscat was the victim. Following the report, fake prepaid debit cards with raised withdrawal limits were distributed to ‘cashers’ from around the world; few days after, 2904 withdrawals were made in New York from a single Bank of Muscat account number for $2.4 million. With other perpetrators from around the world engaged in the same activity, 36,000 withdrawals were made from ATMs in 27 countries, cashing out $40 million within a few hours. Both the events led to a combined theft of over $45 million. What is worth noting is how both of these Middle Eastern banks were specifically targeted all the way from New York City. This reflects the scale of the Liberty Reserve operation and shows that banks in the region are far from immune from international assault. The U.S. Attorney for the Eastern District of New York, Loretta Lynch, said, “Moving as swiftly as data
www.cnmeonline.com
over the Internet, the organisation worked its way from the computer systems of international corporations to the streets of New York City.” Further investigations revealed that the masterminds behind the Middle Eastern bank heist were based outside the U.S., but the platform used to transfer money was Liberty Reserve. All the criminals had to do was open an account with the digital service using an email address - which could be fake - and transfer funds to and from money exchangers for a five percent transaction charge. The undercover money exchangers involved within this fiasco were operating in Malaysia, Russia, Nigeria and Vietnam - ideal strongholds given their weak infrastructure. Interestingly, the same group of hackers who had cracked the processors of both the banks and were using Liberty Reserve for fund transfer had attempted to pull a similar stunt on the machines of Liberty Reserve itself. Had their attempt been successful, it could have led to escalating episodes of related cybercrime. Although it is difficult to guess which of the two preceded the other, the indictment of Liberty Reserve did verify which platform was being used to transfer money stolen from the two Middle East banks. Such cases of cyber-fraud expose another challenge – that of holding to account those liable in an increasingly complex international cyberspace. Any claim filed is subject to industry security standards, but is it a mere coincidence that both banks attacked were based out of the Middle East? The fact stands that the theft did take place through a global network of thieves and hackers that managed to successfully crack into the IT infrastructure of Middle Eastern banks and escape with the cash. Had it not been for a crackdown on Liberty Reserve, the culprits would still be at large. Questions remain unanswered, however the revelations of the Liberty Reserve case shed a degree of light on the inner workings of financial cyber criminals.
Does your fibre system tick all the boxes?
LANmark-OF : Competitive Fibre Optic Solutions 40G
100G
• Micro-Bundle cables save up to 50% trunk space • Slimflex cords offer 7,5mm bend radius saving 30% space in patching areas • Pre-terminated assemblies reduce installation time • MPO connectivity enables cost efficient migration to 40/100G
www.nexans.com/LANsystems
LANmark-OF brings the best fibre technologies together to ensure maximum reliability and lowest operational cost.
OF brochure
Accelerate business at the speed of light
info.ncs@nexans.com
Global expert in cables and cabling systems
short takes Month in view
Ballmer resigns from Microsoft board
Oracle denied $1.3 billion SAP appeal Oracle has failed to persuade a federal appeals court to restore a US$1.3 billion judgment in its copyright infringement lawsuit against SAP, but will have the options of taking a lesser amount of money or pursuing a new trial. The company sued SAP in 2007, alleging that a now-closed subsidiary, TomorrowNow, had made illegal downloads of Oracle’s software while providing software support services to Oracle customers. SAP ultimately accepted liability for wrongdoing on the part of TomorrowNow, resulting in a trial on damages that produced the initial $1.3 billion judgment. The jury initially awarded the $1.3 billion to Oracle in 2010, but the judgment was subsequently vacated by U.S. District Court Judge Phyllis Hamilton, who had overseen the case. Hamilton found the jury overreached and said Oracle could accept a lower award of $272 million or seek a new trial. Oracle had argued SAP should pay the fair market value of what it would have cost to license the illegally downloaded software, as well as developing it.
Ex-CEO Steve Ballmer has resigned from the Microsoft board of directors. Ballmer, 58, made the announcement in a statement issued by Microsoft that replicated a letter he sent to current CEO Satya Nadella. “Given my confidence [in the company’s direction] and the multitude of new commitments I am taking on now, I think it would be impractical for me to continue to serve on the board, and it is best for me to move on,” Ballmer wrote.
Gemalto plans $890 million SafeNet acquisition The deal will combine a vendor of portable secure elements, including payment cards, with a provider of enterprise data protection technology, and is expected to close in the fourth quarter, pending regulatory approval. Gemalto develops objects such as employee ID cards, electronic passports and Subscriber Identity Management cards and the software to manage them.
Gulf Air appointed to SITA council
WHAT’S HOT?
Gulf Air has been voted the MENA representative on the new SITA panel, with Director of Information Technology Dr. Jassim Haji occupying the seat. Air transport communications and IT solutions firm SITA has been offering services for the past 65 years to over 450 members, including airlines, airports and air freight carriers.
14
Computer News Middle East
Ballmer cited his new ownership of the Los Angeles Clippers professional basketball team as well as a teaching assignment as reasons why his time was tight. “Microsoft will need to make big bets to succeed in the new mobile-first, cloudfirst environment,” Ballmer said. “Software development is a key skill, but success requires moving to monetisation through enterprise subscriptions, hardware gross margins, and advertising revenues.”
september 2014
www.cnmeonline.com
SafeNet specialises in cryptographic data protection products including key management systems, authentication servers and authentication-as-a-service. It has about 550 cryptographic engineers in a workforce of about 1,500, according to Gemalto. Gemalto will buy SafeNet from Vector Capital, a San Francisco private equity firm that acquired SafeNet in 2007 for about $634 million.
Gartner: EMEA server sales rise again Server shipments and revenue grew for the first time since 2011 in Europe, the Middle East and Africa, a trend likely to continue in the second half of the year, according Gartner. Revenue also grew 0.8 percent in Q2 of 2014 after shrinking in the ten previous quarters, reaching US$3.2 billion, a 3.8 percent year-over-year increase.
Amazon in $970 million game streaming site acquisition Amazon will pay US$970 million to acquire Twitch, a site for live video broadcasts of people’s video gaming sessions. The acquisition is expected to close by the end of the year, and will give Amazon a large platform for streaming video. Founded in 2011, Twitch was ranked fourth in U.S. peak Internet traffic in February with a 1.8 percent share, according to data from DeepField.
Intel makes ‘world’s smallest’ IoT modem Intel says it is producing a 3G modem, an essential component for Internet of Things (IoT) devices, smaller than anything else produced in the world. The real message in delivering the penny-sized XMM 6255 is that Intel is acting aggressively to boost its ability to compete in the IoT world. Unlike the PC and server market, Intel has been running a catch-up strategy for the mobile market during the past several years. Intel is building off its 2011 acquisition of Infineon Technologies’ AG Wireless Solutions business, part of its efforts to become a bigger presence in the mobile wireless space. Infineon 3G chips and baseband processors are used in smartphones and tablets. The modem is using a module made by Swiss firm u-blox. Intel said it will be adding other module makers.
some time. But those talks cooled in recent weeks, according to earlier reports. Acquiring Twitch gives Amazon deep access to a massive base of loyal gamers and streaming-video users, who could become lucrative targets for advertising. Amazon also may be looking to integrate Twitch content into its growing lineup of hardware devices, such as its new Fire phone and Kindle tablets.
Twitch generates revenue both by placing ads within its videos and through a subscription program for watching videos. The site lets people upload their video game sessions from their PCs and from consoles such as the Xbox and PlayStation 4. The acquisition marked a surprising development for Twitch, which reportedly had been in talks with Google to be acquired for
ICANN: Iran, Syria domains belong to no one
Names and Numbers, which oversees the Internet, says they can’t do that because ccTLDs aren’t even property. Iran’s domains are managed by the Institute for Research in Fundamental Sciences, in Tehran, and hosted on two servers in Iran and one in Austria. Syria’s are managed by the National Agency for Network Services in Damascus, and hosted on four servers.
ICANN has claimed that Internet domain names do not belong to specific countries, or to any particular body. Plaintiffs who successfully sued Iran, Syria and North Korea as sponsors of terrorism want to seize the three countries’ ccTLDs (country code top-level domains) as part of financial judgments against them. The Internet Corporation for Assigned
Avaya and HP Enterprise Services sign comms deal The multi-year agreement means the pair will offer cloud-based unified communications, contact centre technology and management solutions for enterprises. They will sell a combined portfolio of unified communications-as-a-
Avaya will also apply its communication and collaboration products for HP’s use in its contact centre operations. The agreement marks a major step in Avaya’s transformation to becoming a software and services company.
service, contact centre-as-a-service, and infrastructure modernisation services. The solutions will offer mobile applications, software and networking for unified communications and customer experience management.
Microsoft ordered to surrender Dublin cloud data A US court has ordered Microsoft to comply with a government demand for emails stored on a company server in Ireland. A judge rejected the argument that a search warrant did not extend beyond the country’s borders. Microsoft refused, arguing that the government cannot force tech companies to hand over data stored exclusively in overseas data centres.
Apple loses Samsung sales ban appeal
WHAT’S NOT?
Apple’s request for a permanent sales ban on Samsung selling phones and tablets that include patented technologies has been denied. Judge Lucy Koh said Apple failed to show it suffered “irreparable harm” as a result of Samsung’s actions.
www.cnmeonline.com
september 2014
Computer News Middle East
15
Find us online
www.cnmeonline.com
Analysis: Crafting space
Read more online
Insight: 5 things you no longer need to do for mobile security
Read more online
http://bit.ly/1oWVdZ8
http://bit.ly/1wdJz1Y
Out of office
ME bank thefts linked to $6 billion cyber launderers
www.cnmeonline.com Read more online
http://bit.ly/1ApdSmN
Blogs:
Features: Confronting malware intelligently
Fresh blue Apple
Read more online
http://bit.ly/1urZ5XE
CNME Tweets:
follow us at Twitter.com/computernewsme ComputerNewsME 72% of insider threats are caused by breached privileged access, Pereira highlights @#ES360 http://bit.ly/1ApbQTR 12:27 AM - 3 Sep 2014 · Reply · Retweet · Favorite · More
Read more online
Read more online
http://bit.ly/WDu9HD
Four ways to consolidate a data centre
http://bit.ly/1udLnbC
11:38 PM - 2 Sep 2014 · Reply · Retweet · Favorite · More
Best of both worlds
ComputerNewsME http://www. cnmeonline.com/news/oracledenied-1-3-billion-sap-appealscourt-request/ … Oracle has been denied its request to reinstate its $1.3 billion case against SAP by a US appeals court #oracle #sap http://bit.ly/ZeaBLA
Bharani Kumar Kulasekaran, Product Marketing Manager, ManageEngine
Read more online
16
Computer News Middle East
11:00 PM - 30 Aug 2014 · Reply · Retweet · Favorite · More
Read more online
http://bit.ly/1rT1EEt
http://bit.ly/1w6wTg6
august 2014
ComputerNewsME Shenoy Sandeep, AVP, Spire Solutions opens the floor to a discussion on Effective Vulnerability Management @#ES360 http://bit.ly/WDuxWJ
www.cnmeonline.com
ComputerNewsME http://www. cnmeonline.com/news/amazonin-970-million-game-streamingsite-acquisition/ … Amazon in $970 million game streaming site acquisition #amazon #twitch #gaming http://bit.ly/1rsrx7Z 4:29 AM - 26 Aug 2014 · Reply · Retweet · Favorite · More
Our business is to connect your business Connect all your international offices seamlessly with GlobalConnect
T&C apply
Partnering with leading reputable global network service providers and backed by our ‘owned’ nodes across different continents, Etisalat offers the ideal connectivity solution for businesses with worldwide branches. No matter where your offices are, they can all come together as one and communicate seamlessly. With Value-added Service, Managed services for International links and CPE’s, and our own infrastructure, we ensure global reach for your business.
Cloud's Silver Lining Fore
Governments, companies, and enterprising individuals in the Middle East are rapidly identifying innovative ways to leverage
The Regulators More than 40 percent of Middle East CIOs see data security as an issue. One in three are concerned by managing compliance issues like data location. Hybrid clouds are fully compliant with national regulations, controlled by the enterprise, and bridge existing IT and new platforms like Big Data and mobile.
The Developers Thousands of Middle Eastern innovators are looking for nimble and affordable spaces to collaborate on new solutions. Open-source, open-standards clouds ensure that infrastructure is no longer a barrier to growth for start-ups.
37 percent of CIOs in the Middle East region believe that driving innovative use of technology is an issue. Cloud platforms allow developers to test and trial new ideas without big cost to the organisation.
The Head Honcho CIOs in the Middle East believe that measuring return on investment is an issue for cloud adoption. Moving from fixed-location infrastructure to the cloud enables more cost-effective and innovative business transformations.
Legend: Problem
Solution
cast for the Middle East the technology - leapfrogging regional challenges and eyeing new solutions to export to developed markets.
The Field Team Unreliable or non-existent infrastructure hampers communication between field teams. Cloud-based innovations like the Portable Modular Data Centre connect employees over vast distances.
10101010101010101010101010101010
10101010101010101010101010101010
101010101010101010101010101010101010101010101010101010101010101010101010101010
The Data Scientists Governments are keen to solve national issues using technology, but lack funding for individual data centres. Cloud services can reach twice the population as traditional servers.
The End-Users Customers expect 24-hour, 100 percent uptime service, particularly via mobile devices. Cloud architecture provides the processing power for all mobile apps.
Source: Source: IBM
CIO Spotlight Kashif Rana
20
Computer News Middle East
september 2014
www.cnmeonline.com
Double play Kashif Rana has led a colourful career driving finance and IT technology transformation at IT giant Oracle and the headquarters of corporate behemoths General Electric and Coca-Cola. Now Chief Information Officer of Majid Al Futtaim Group, he is relishing the opportunity to work in the budding market that is the Middle East.
B
orn in Asia, raised in Africa and having worked in the US and UK, variety is nothing new to Rana. He achieved his Bachelor’s degree in 1992, and began his career as an auditor with a twoyear stint at professional services giant PWC. He then began training to become a Fellow Chartered Management Accountant in 1994, at the Chartered Institute of Management Accountants (CIMA), and his prestigious grounding would provide the sturdy foundations needed to hold down a range of top IT and finance jobs around the globe. While studying for the FCMA qualifications, he worked for Chevron, and gained his CIMA qualification in 1998. In 1999 he moved to the United States and worked for Oracle until 2003. Rana says he stumbled upon an IT career “by accident,” following a series of finance-based roles. “I saw the power that IT had in impacting business,” he says. “I had always considered myself as a CFO, or at least someone whose work focused on finance. But IT was interesting. I realised how business was driven by IT, and it had the power to enable different processes. It could reduce costs, encourage innovation and improve productivity. Just look at the role ERP plays nowadays. If certain organisations did not have ERP, they would not be able to scale to their current size.” His fondness for ERP is borne out of experience; throughout his career he has completed 13 successful rollouts spanning 27 countries. In March 2003 Rana caught the attention of General Electric, whom he joined in a senior finance capacity. He describes his time at the corporate behemoth as his favourite spell in his career, attributing the enjoyment to the intense execution focus at the
“I saw the power that IT had in impacting business. I had always considered myself as a CFO, but IT was interesting. I realised how business was driven by IT, and it had the power to enable different processes.”
company, which also brought fresh obstacles. “I undertook a series of business transformation challenges at GE,” he says. “It was important for me to have a holistic view of the organisation and its IT, which was not easy for a company of that size.” Rana was largely tasked with overseeing digitisation, customer delivery, supply chain and finance aspects of the business. “I was moved from a role blending finance and CIO duties to look at every process across the organisation” he says. At GE Rana achieved the impressive feat of holding CIO, CFO and Business Transformation roles at different stages in his tenure. Rana recounts how he drove leaner methodology for a $5 billion portfolio at GE through the use of Lean Six Sigma. “I was brought in to grow the business by a factor of five,” he says. “I managed to reduce waste in the transformation process by 37 percent. We implemented the tools, technology and processes to enable growth.” He also says the key aspects that defined his work at GE were ITO – Inquiry To Order, and OTR– Order To Receipt. “The processes encompassed everything,” he says. In 2007 he found time to complete an MBA at New York Institute of Technology, a feat he “discounts” as his professional experience had facilitated his studies. By July 2011, Rana had been identified by Coca-Cola as a figure who could provide key business and IT insight at its Atlanta HQ, and took on the role of Group Director of IT Transformation and Finance. Rana says one of the most engaging projects he has overseen in his career was Coke’s Big Data initiative. Named the world’s most powerful brand in 2012, the company relied on gaining valuable insight from social and third party data to remain ahead of its competitors. “We wanted to gain an advantage by analysing unstructured data – information from the likes of Facebook, Google and Twitter,” he says. “We drove an initiative to listen to media channels, and derive what value feeds could lend to our organisation. We mainly looked at sentiments and complaints to see what people had to say about Coke, and used that information to consider how we could improve our brand image and produce.” Nonetheless, he was ambivalent towards the corporate culture at the beverage company, “Even after spending three years at Coke you still felt like a bit of an outsider,” he says. “There are guys who have been there for a decade, are big players and are very exclusive, so it was challenging to enter that kind of culture.” Rana feels that although his colleagues were receptive to his ideas, they were not always put into practice, “The reality is that even if you have bright suggestions, they are a hugely successful organisation, and who has its way of doing things that is a proven recipe for success,” he says. “You have to respect that, but it was still a great experience to work in such a culture.”
www.cnmeonline.com
september 2014
Computer News Middle East
21
CIO Spotlight Kashif Rana
TIMELINE
“We drove an initiative to listen to media channels to derive what sentiments and complaints people had about Coke, and we used that information to consider how we could improve our brand image and produce.” Rana acknowledges the strong position he has placed himself in, having spent a number of years working as both a CFO, CIO and operating in business transformation. “I think the main advantage of having experience in these roles is understanding the business - its needs, how IT can re-innovate it; the pain points and key drivers,” he says. “IT today is not only the backbone of the business but the driving engine for business growth and innovation.”At the start of 2014, Rana was once again headhunted, and joined UAE firm Majid Al Futtaim as CIO and Head of Finance Transformation. Rana says that he has gained huge satisfaction from entering an “open” culture at Majid Al Futtaim. “MAF have been extremely welcoming since my arrival,” he says. “Here employees have the opportunity to discuss challenges openly, and to come to the best solutions with the help of other team members. The leadership are very supportive, and, importantly, are willing to change for the better.” As with his time at Coca-Cola, social media and analytics are playing an important role in gaining a competitive market edge for his employers. He also says the transition from working at HQ level for two of the world’s biggest companies to operating at a smaller Dubai firm has been “dynamic and interesting,” and although Coca Cola plans to double its revenue in the next 10 years, there is less red tape, and more opportunity for growth in the UAE. “Decision making in certain corporations is lengthy, whereas here things move at a much faster pace,” he says. “Things are much more growth-oriented.” Furthermore, he believes the decision to move to the Middle East has been the right one. “This part of the world is buzzing with growth and challenges,” he says. “The demands here provide the ideal opportunity for me to showcase the experience I’ve amassed at Coke and GE.” Rana is also optimistic for what the future holds for the UAE, “Expo 2020 will provide a fantastic high level adaptation of technology and innovations,” he says.
22
Computer News Middle East
september 2014
www.cnmeonline.com
1998 Becomes a fully qualified Fellow Chartered Management Accountant
1999 Moved to the United States and worked for Oracle until 2003
2003 Joined General Electric in senior finance role
2011 Headhunted for Business & IT Transformation role by Coca Cola
2014 Moves to Majid Al Futtaim as Chief Information Officer
CASE STUDY DHCOG
24
Computer News Middle East
september 2014
www.cnmeonline.com
all systems go Dubai Holding Commercial Operations Group (DHCOG) has recently gone live with 18 Oracle ERP modules. Embarking on a journey to play the company's part in making Dubai a Smart City, Mohammad Sabah Al Khalaf, Chief Information Officer, DHCOG, knew that an ERP upgrade was long overdue.
T
wo years ago, the UAE Government published its eGov Strategy 2012-2014 in line with UAE Vision 2021, aimed at digitising all government services. Putting the initiative into effect, the IT team at Dubai Holding Commercial Operations Group (DHCOG) had to make sure that the technology infrastructure at their back-end could support a massive roll-out of mobile services. With fundamental changes on the horizon, Mohammed Sabah Al Khalaf, CIO, DHCOG, took the opportunity to overhaul the company's aging ERP systems. DHCOG develops and manages Dubai Holding’s businesses in hospitality, business parks, real estate and telecommunications. As the commercial operations wing of Dubai Holding Group, it manages the operations of TECOM Investments, Jumeirah International, Dubai Properties Group (DPG) and Emirates International Telecom, also known as du Telecom. DHCOG’s commercial operations wing manages assets worth AED 85.5 billion and a workforce of 20,000, which plays a key role in serving the emirate’s economy on a daily basis, through services that cater to enterprises, consumers and governments alike. The role technology plays in this process is critical in ensuring there is no service downtime. When it came to making the services digital, the IT team evaluated the existing technology infrastructure and determined if there was a need to streamline it. Having gone through an Oracle ERP implementation back in 2005 when the business of DHCOG was limited to TECOM Investments only, Al Khalaf knew the IT infrastructure wasn’t compatible with business anymore. “A major upgrade had to be introduced now as we are at the forefront of a smart Dubai,” he says. “The initial implementation wasn’t a failure; it was done 10 years ago, so in today’s terms it’s outdated when it comes to design and technology.” Currently, the IT team at the group is busy rolling out mobile applications that they hope will make Dubai a city of the future. “It is imperative for us today to upgrade the back-end to the latest in
www.cnmeonline.com
september 2014
Computer News Middle East
25
CASE STUDY DHCOG
technology in order to support the Smart City initiative,” Al Khalaf says. In this vein, the group has recently launched TECOM Direct, an online directory of TECOM, and TECOM Suggest, a suggestions portal. The IT team had to make sure the eservices rolled out were dynamic and facilitated third-party liaising over the web. Its mParking app is currently going through an upgrade that will allow it to pick up images of free parking spaces in the vicinity from cameras. The upgraded app will direct users to the nearest free parking available in an interactive manner. Another obstacle the existing infrastructure posed, explains Al Khalaf, was an inability to cope with the group’s modified business model. It inhibited a smooth spin-off of businesses from the holding company’s balance sheets. “A case in point here is Dubai Properties
“After studying the total investment on each provider and the cost of ownership, Oracle was chosen as it is the only solution provider that integrated seamlessly with the entire IT Infrastructure of the group. Moving onto a different technology provider would have exposed challenges with user training, system integration and most importantly, information security.” Group (DPG),” says Al Khalaf. “Similar to TECOM, it is an entity that reports to the holding company. It has recently gone through various structural changes that will eventually bring a form of autonomy to the business’s operations, although it will continue to report to the holding group," Al Khalaf said. Making IT more efficient, the redundancy had to be eliminated from the altered operational model of a spun-off business. With all the reasons favouring the move, Al Khalaf proposed a re-implementation of
26
Computer News Middle East
september 2014
www.cnmeonline.com
ERP within DHCOG in 2012. The problem was to gain the approval of the senior management on re-selecting Oracle. As Al Khalaf expected, the issue drew a lot of debate. “The challenge was the vast approval tier,” he says. “After studying the total investment of each provider and the cost of ownership, Oracle was chosen as it is the only solution provider that integrated seamlessly with the entire IT Infrastructure of the group. Moving onto a different technology provider would have exposed challenges with user training, system integration and most importantly, information security. We have already made a lot of investment in such systems and training our staff, which can’t be overlooked.” Once Oracle had been selected, a GAP analysis was conducted on the existing infrastructure by DHCOG’s implementation partner SatyamTech. The findings were presented to Al Khalaf 's team in a project management report, and DHCOG have since been promised three additional months of support after the launch from the firm. The implementation took two years to go live, but it finished with a revamp of the financial management system, the human capital management system, the supply chain management system and the project accounting system. Before the actual launch, a conference room pilot run of all the modules was carried out by the IT team. After the pilot run was successful, the team worked with SatyamTech to execute data migration and user acceptance training. “Two years later, 18 ERP modules have gone live,” Al Khalaf says. “Given the magnitude and footprint of the implementation, we have been requested to showcase it at the Oracle Openworld 2015. The technology infrastructure in place today is robust enough to support all developments and service roll-outs for the next five to ten years. In short, the infrastructure in place today is better in terms of security and performance.” Al Khalaf ’s team is currently in the process of monitoring the project’s KPIs. The most important of these is an accurate migration of data without any security breach. Looking ahead, Al Khalaf is keeping an eye out for any glitch in business continuity should it arise. For the time being at least, Al Khalaf is confident of the project’s durability. “Based on the current forecast, there will not be a need for another implementation within the next five to ten years as we can support telecoms, real estate, and general investment companies with the current ERP system in place,” Al Khalaf says. With a technology infrastructure in place today that is compatible with the vision of a smart Dubai, Al Khalaf feels it is time DHCOG goes to market with the eServices more aggressively. Other projects currently underway within the DHCOG include the D3 - Dubai Design District, the fashion hub of UAE, and the Mall of the World; which could become the biggest temperature-controlled mall worldwide. The paradigm of change will not be limited to real estate. It will also encompass media, event management, hospitality, energy, healthcare and manufacturing services, meaning Al Khalaf and his team will continue to play a pivotal role in the group.
FEATURE
ERP
Tailor made Deploying an enterprise resource planning (ERP) system is an expensive proposition, not just in terms of licensing dollars and maintenance, but also in terms of dedicated resources and time. Users also face the dilemma of choosing between turnkey solutions and a bespoke one. We analyse the pros and cons of tailored and Commercial Off The Shelf (COTS) ERP.
28
Computer News Middle East
september 2014
www.cnmeonline.com
solutions World
A
tailored ERP solution can give an organisation a competitive edge by meeting business process requirements with a greater level of precision than a COTS ERP, potentially across the board. This can ensure that the ERP is cheaper and easier to maintain via stronger support, whilst allowing for the best features from different products to be merged into a single application. While COTS offerings may include features that are irrelevant for certain organisations, tailored ERP can help avoid a laborious change management process. It has the potential to open doors for the era of the third platform, and can
facilitate the introduction of SMAC technologies – social, mobile, analytics and cloud. In spite of these plus points, opinion is divided as to its necessity in this day and age. Lee Miles, Regional Director, Infor Middle East, believes it is obsolete, “We do not believe customers should be tailoring and modifying their ERP software these days,” he says. “Why pay a significant amount of money to put a system in place and then either have to change your internal processes or customise the system? An ERP that is built specifically for your industry will not only save time and money at implementation but will abide to industry best practice, allow clear benchmarking to peer organisations, and provide an easier upgrade path for the future.”
www.cnmeonline.com www.cnmeonline.com september 2014
Computer News Middle East
29
FEATURE
ERP
Reggie Fernandes, Regional Director, Sage Middle East, believes there is a window of opportunity in the market driving a necessity for tailored ERP. “From a customer perspective, certain industries are not satisfied by standard COTS ERPs,” he says. “Roughly 80-90 percent of companies are covered by COTS ERP – these have good features and good technology – but for the remaining 10 percent that is not, tailored ERP meets their critical needs. The likes of the manufacturing and service industries who have specific manpower or technical issues can benefit hugely from it.” Although a tailored ERP solution may be an ideal fit for a large number of organisations, it equally has a great number of pitfalls, and there are many benefits to a COTS one. Tailored ERP has to be built from scratch, and will likely take a longer period of time to install than implementing a COTS ERP; probably a period of around six months. It will also be heavily dependent on the vendor and the development team, meaning it will probably not be as stable as a COTS offering - a consultant and programmer a prerequisite for peace of mind. An organisation on sub-optimal processes could also benefit from COTS ERP, which is also likely to be cheaper. With information requirements in business continually changing, a tailored product potentially has a short shelf life, meaning companies need to envisage whether their installation will still be up-to-
Before considering the need for a tailored ERP solution, we advise clients to evaluate the nature of processes being delivered from the proposed platform. If the processes are basic operational table-stakes in their industry - typically back-office accounting, administration, procurement and payroll - then a tailored ERP can have mostly disadvantages to offer.” Pradeep Shiligie, President, Enterprise Application Service, Cognizant
30
Computer News Middle East
september 2014
www.cnmeonline.com
We do not believe customers should be tailoring and modifying their ERP software these days. Why pay a significant amount of money to put a system in place and then either have to change your internal processes or customise the system?” Lee Miles, Regional Director, Infor Middle East
date even as far as two years down the line. The danger is that the product will become obsolete. This ‘version block’ trend could spell a decline in tailored products. In addition, one could even argue that the best COTS ERPs are so customisable that they are effectively as good as tailored ones. There are two main methods for tailoring ERP: configuration, and customisation and tailoring. Configuration uses power and tools to define the ERP, while customisation uses a software development kit to make it upgrade-compatible. A variety of factors need to be considered by the CIOs when evaluating their systems, and deciding whether tailored or COTS products would suit them best. A product roadmap is key, as this enables a mapping of key metrics on potential maintainability and scalability. Total cost of ownership, as with any decision, must be considered so that the product aligns to the business’ needs, as must the fitting of functionality and business information collection process support. “The choice in implementing COTS ERP or to tailor one is a classic make-versus-buy decision,” Pradeep Shiligie, President, Enterprise Application Service, Cognizant, says. “Before considering the need for a tailored ERP solution, we advise clients to evaluate the nature of processes being delivered from the proposed platform. If the processes are basic operational table-stakes in their industry - typically back-office accounting, administration, procurement and payroll - then a tailored ERP can have mostly
Enable the all-wireless workplace with 802.11ac LEARN MORE: www.arubanetworks.com/11ac
FEATURE
ERP
disadvantages to offer. It can impede the adoption of leading practices already incorporated into commercial off-the-shelf ERP products. However, if the process is a value multiplier or value accelerator, then it makes sense to either build a custom bolt-on – a tailored solution that will sit on top of COTS ERP - or evaluate a niche solution in the market or even develop an entirely in-house solution.” “There are a couple of important things to consider,” says Fernandes. “From a customer point of view, it is important that they maintain realistic expectations. It’s important that the customer and the vendor liaise to ensure that these expectations match the reality of what can be achieved. More often than not customers believe that a tailored ERP will solve all their problems in a very short period of time, and that is not always the case, which puts an additional burden on them as there is often a series of potential challenge in high-end ERP.” There are a range of industries whose business is ideally suited to a tailored ERP system. Utility companies may have unique ways of billing clients, or may have different payment processes. Different industry regulations also make this a different function to generalise. In the medical devices manufacturing industry, supply chain management and service execution requirements are complicated by the vast nature of the install base, where medical equipment can be deployed at hospitals, diagnostic labs, health centres and patient homes. This makes
“Operational modules catering to handling specific vertical requirements necessitate tailored ERP. Financial products sold through channels with the option of redeeming them from the channel outlet or financial/inventory management of a precious metals manufacturer is one such example.”
32
Computer News Middle East
september 2014
www.cnmeonline.com
From a customer point of view, it is important that they maintain realistic expectations. It’s important that the customer and the vendor liaise to ensure that these expectations match the reality of what can be achieved. More often than not customers believe that a tailored ERP will solve all their problems in a very short period of time, and that is not always the case.” Reggie Fernandes, Regional Director, Sage Middle East
field service execution very complex, and, coupled with the high level of regulation in the industry, COTS vendors find it harder to innovate in the field. Furthermore, sales forecasts and operations planning by casual dining and quick services restaurants have unique requirements that are not met by COTS forecasting and planning software. “Operational modules catering to handling specific vertical requirements necessitate tailored ERP,” says Ali Hyder, Group CEO, Focus Softnet. “Financial products sold through channels with the option of redeeming them from the channel outlet or financial/inventory management of a precious metals manufacturer is one such example. These requirements are not commonly found in COTS ERPs and require specific development.” Over time, it seems likely that tailored ERP will move to the cloud, but even this issue draws debate. “The move to cloud is perhaps inevitable,” Shilige says. “But this move will be gradual. In the current scenario, we see customer relationship management and human capital management as deeply entrenched with cloud solutions.” “There is not a huge demand for full ERP on the cloud,” Fernandes says. “We’ve seen a lot of customers who want to get the best of both worlds with a hybrid environment – for services such as billing, servicing technicians, sales, marketing and entering timesheets. One tool of note on the cloud is inventory optimisation analysis, which is offered as a service.”
A Division of Belkin
BuSiNESS SoLutioNS
MRE19346-LNK-ResellerMiddle_Sept_AD_MEA_3
Designed to grow right alongside you and your business. Supplying businesses with quality, reliable connectivity solutions for more than 15 years. Whether a small start-up or a thriving organization, Linksys networking products are designed to scale with your business. AcceSS POInTS
VPn ROUTeRS
SwITcheS
DISTRIBUTORS : Aptec - an Ingram Micro company: +971 4 4355400 Ext: 5339, 5334. sameers@tdme.ae, adatta@aptecme.com Logicom: +971 4 8055242 , Linksys@logicom.ae.
SURVeILLAnce
LInKSYS.cOM
FEATURE
Hosted UC
The road to cloud UC Unified Communications in the cloud is finding more takers in the region as it offers cost benefits, flexibility and agility to users
34
Computer News Middle East
september 2014
www.cnmeonline.com
Strategic Innovation Partner
network WORLD STOP DDOS ATTACKS WITH
FortiDDoS
FortiDDoS
Platforms are dedicated appliances that are designed to detect and help protect against today’s most damaging and sophisticated DDoS attacks • Shield against DDoS attacks
D
espite all its advantages, Unified Communications adoption levels in the region have been lower than what analysts and vendors have expected. Mainly because the initial investment is too high for the return, and partly due to the cost of each component. Moreover, the user often needs getaway servers and software to tie the disparate systems together. Even then there is no guarantee that the product will play nicely with one another, meaning one has to add a line item to the budget for trouble shooting. “Although UC has many benefits, it faces some challenges in deployment and management. UC touches various layers of the infrastructure such as WLAN, LAN, Applications, VoIP, Firewalls and overall Security and yet it requires low latency, delay, etc. Technologies on the firewall in the past have caused issues while penetrating from Internet to LAN and vice versa. Though it has become much more simplified now, UC is still one of the network stressing
• Overcomes firewall and IPS limitations • Full-transparent mode • Self-Learning • Scalable Protection • ’Clean pipe’ and higher network utilizations
To find out more visit Fortinet at Gitex 2014 on Stand B2 – 1A in Hall 2. To schedule a demo meeting please call us at +971 56 1740810 or email us at fortinet@secureway.ae
P O W E R E D B Y S E C U R E WAY
FEATURE
Hosted UC
applications to run on and across the network due to stringent requirements,” says Ashish Saxena, Solution Architect, Middle East, Alcatel-Lucent Enterprise. Ray McGroarty, Director, Industry Solutions and Market Development, EMEA, Polycom, says the main challenge has been educating the smaller businesses about the accessibility, ROI and TCO of implementing UC technologies versus the benefits, ease-of-use, increase in workforce collaboration and business productivity. SMBs are lagging behind the larger enterprises when it comes to adoption of UC technologies. “Our job at Polycom, in collaboration with our channel partners, is to close that gap between the early adopters and the latecomers to the market by educating businesses and providing expert consultancy and support around the benefits of utilising these solutions. The business world is more challenging than ever before and workforce collaboration is what businesses require to sustain in today’s fast-moving economies,” he adds. Enter Unified Communications as-a-service (UCaaS), a solution that is fully integrated before deployment and can be beneficial for companies of all sizes, not just massive enterprises with matching budgets. Cloud-based UC relieves this burden from IT, providing a package that works regardless of internal infrastructure or staffing. Through the cloud, a bundle of services can be purchased and, aside from activating a VoIP phone service, be up and active within an hour. Obviously the benefits of UC are numerous – the enhancements to collaboration, flexibility and efficiency have been well documented. What is not often discussed are the benefits of UC-in-the-cloud compared with an in-house operation. Cost is an area where cloud-based UC shines. It offers incredible cost savings when compared to in-house, thanks in large part to eliminating the need for hardware, software and licenses. Alongside the reduced need for hardware and software, staffing costs can be easily managed, as cloud UC doesn’t require a large team of internal experts to deal with upgrades
“Cloud-based UC relieves the burden from IT, providing a package that works regardless of internal infrastructure or staffing.”
36
Computer News Middle East
september 2014
www.cnmeonline.com
Scalability is not a concern when using UCaaS unlike the past where any user or features upgrade or change would require a change of the entire hardware.” Ashish Saxena, Solution Architect, Middle East, Alcatel-Lucent Enterprise
or maintenance, all of this is handled by the service provider and is included in the monthly cost of the UC service. “There are various factors that are driving UCaaS however, the key factor is moving from the CAPEX to OPEX. This gives feasibility to the organisation to implement a pay as you grow model and allows them to reduce on upfront investment. In addition, scalability is not a concern when using UCaaS unlike the past where any user or features upgrade or change would require a change of the entire hardware,” says Saxena. McGroarty adds that though UCaaS is lucrative to all types of businesses, SMBs in particular benefit the most as the services are offered on subscription basis. The pay-by-use model brings the overall total cost of ownership down for businesses and ultimately affects the cost of running business. “UCaaS is equally appealing to all vertical industries as well. From FMCG to education and healthcare, all businesses are embracing the availability and accessibility of as-aservice model adding to the demand and growth of the UCaaS market.” There are, however, a few things to be aware of before committing. First and foremost, cloud-based UC services are offered as “all or nothing.” It is usually difficult and expensive (if possible at all) to bring your current e-mail and/or phone service to a cloud provider and “mix and match” these technologies with new cloud services for a hybrid UC approach. Secondly, outages can still be an issue as they are for any service. Another concern around UC-in-thecloud is bandwidth. Companies need to have fat pipes so all of the services function properly at the same time. The bigger the bandwidth, the better. Bandwidth not
THE WORLD FASTEST DATACENTER FIREWALL When considering a UC solution, customers should check the service provider’s contract to see how much uptime is guaranteed and ensure this matches their own business requirements.” Ray McGroarty, Director, Industry Solutions and Market Development, EMEA, Polycom
$679.1m The estimated Middle East market for UC in 2019
only helps speed up the delivery of the UC services, but can also combat some common problems with VoIP, like “tinny” voices. Bandwidth is a serious consideration when it comes to UC in the cloud, so if an Internet provider is unreliable or struggles with high data loads, one should consider investing in a faster Internet circuit, implementing a QoS router, or other alternatives to cloud-based UC. Moving e-mail, Instant Messaging, voice, collaboration and presence awareness to the cloud and ultimately into a single “package” not only eases cost burdens, but enables UC to live up to its promise – a simple, streamlined solution for employees to effectively communicate with one another across multiple channels and devices. “When considering a UC solution, customers should check the service provider’s contract to see how much uptime is guaranteed and ensure this matches their own business requirements,” says McGroarty. “Most importantly, customers need to think clearly about the level of trust they have on their service provider as they are the ones who will be responsible for keeping their cloud-based systems secure. To mitigate perceived security issues with public cloud services, businesses can also consider implementing a private cloud solution or even a hybrid private/public cloud model.” UCaaS comes with its caveats but it allows businesses of all size to enjoy the flexibility and production improvement of UC benefits that were previously only available to enterprises that could afford integrated in-house systems and upkeep.
FortiGate 3700D High Performance, High Capacity Data Center Firewall. Provides exceptional performance of 160 Gbps and ultra-low latency, ensuring your data center security solution doesn’t become your data center bottleneck Eliminate Security Bottlenecks Flexible Deployment 4 x 40-GbE and 28 x 10-GbE port To find out more visit Fortinet at Gitex 2014 on Stand B2 – 1A in Hall 2. To schedule a demo meeting please call us at +971 56 1740810 or email us at fortinet@secureway.ae
P O W E R E D B Y S E C U R E WAY
FEATURE
Managed services
New game, new rules As enterprise IT buyers look to move from a CapEx to an OpEx model, systems integrators are adjusting their business model and value propositions to capitalise on managed services. Can SIs, who have been traditionally focused on hardware sales and professional services, win in the MSP game?
T
hough managed services in varied forms have existed for more than 25 years the world over, transforming from body shopping contracts to a process-oriented delivery model, it is still a nascent market in the Middle East. However, now many enterprises, especially SMBs, are starting to turn to managed services because of competitive pressures and operational concerns. This growing trend has been cashed in on by many system integrators who are reeling under shrinking hardware sales margins and consulting opportunities. “Managed services as an idea has been talked about for a number of years in the country but different people mean different things when they talk about managed services," says Venkat Raghavan, GM, Al Futtaim Technologies. "And also over the same period, over the last decade, the technology evolution has also lent different kinds of connotations to managed 38
Computer News Middle East
september 2014
www.cnmeonline.com
services." Muhammad Salman, Business Unit Head – Managed Services, Emitac Enterprise Solutions, says there is a need for managed services in the regional market. “Companies are starting to realise that the cost of operations and maintaining IT resources internally is huge. Managed services can help them move from a CapEx to an OpEx model with a recurring expense model.” What is driving managed services development among SIs? “The traditional systems integration business is becoming more challenging due to increasing competition in this space," says Saurabh Verma, Program Manager – IT Services, IDC Middle East. "Multinational software and hardware vendors have once adapted their existing business models to overcome this challenge and we increasingly see that traditional systems integrators (SIs) that operate at a local or regional level are investing in their managed services capabilities across Middle East and Africa
FEATURE
Managed services
managed services among SIs is the margins. “Managed services contracts can have higher margins than traditional products due to either economies of scale or bundling principles," says Glyn Sowerby, GM, Service Support, Quintica Middle East. "Economies of scale become relevant when the same resources infrastructure, software and people, among others - can be utilised by multiple customers. A service based on the bundling of infrastructure, software, processes, reporting and people, and tied to strict SLAs can carry high margins." IDC's Verma says the transformation of traditional SIs has been driven by the need to create a sustainable business model. This new model includes managed services as an add-on to the existing systems integration capabilities. “Service providers that adopt this new service delivery model aim to realise recurring revenue streams with longer term contracts. In addition, these longer term contracts provide some level of customer lock-in for a certain period of time, and the service providers use this relationship to capture cross-sell and up-sell opportunities.” The increasing customer interest in managed services is attracting not just SIs but a broader array of IT hardware and software vendors, valueadded resellers, and outsourcers as well. The first problem these managed service providers face is packaging. Many of these companies are merely
The reality is that the MSP’s business model is based on a multi-flavour and technology agnostic competency build. The SI business model on the other hand is built on static or silo based competency depending on the products that they integrate. Therefore they should focus on Managed Services within their area of competency and strive to become the first port of call for customers looking for those skills.” Raju Ramesh, Co-Founder and COO, Finesse
40
Computer News Middle East
september 2014
www.cnmeonline.com
Managed services as an idea has been talked about for a number of years in the country but different people mean different things when they talk about managed services. And also over the same period, over the last decade, the technology evolution has also lend different kind of connotations to managed services.” Venkat Raghavan, GM, Al Futtaim Technologies
renaming their maintenance or outsourcing capabilities rather than offering genuine managed services. This is probably the reason why most SIs feel they have an edge over others despite being late to get into the services game. “SIs have a unique position in providing value, so they do not directly compete with MSPs, who are providing volume," says Bhaskar. "If the service the customer is trying to offload requires a high skillset, such as disaster recovery or business continuity, SIs have a good chance of signing on the project. However, if customers are expecting managed services for lowvalue items (requiring a low skillset), such as general IT operations management, then it is better for an MSP to be assigned to the project, because they can provide low-value, high-volume services." Salman from EES says another advantage for SIs the level of resources. “The more shared resources you can provide your customer the more cost-effective you’ll become.” However, it is not possible for an SI to compete head on with an MSP, says Raju Ramesh, Co-Founder and COO, Finesse. “The reality is that the MSP’s business model is based on a multi-flavour and technology agnostic competency build," he says. "The SI business model on the other hand is built on static or silo-based competency depending on the products that they integrate. Therefore they should focus on Managed Services within their area of competency and strive to become the first port of call for customers looking for those skills.”
WIRELESS SECURITY SOLUTION FOR YOUR NETWORK
Companies are starting to realise that the cost of operations and maintaining IT resources internally is huge. Managed services can help them more from a CapEx to an OpEx model with a recurring expense model.” Muhammad Salman, Business Unit Head – Managed Services, Emitac Enterprise Solutions
Now, the challenge facing most of the SIs looking to get on the managed services bandwagon is transitioning from a primarily product-based business model to a service-based one. “The question is no longer 'why' but 'when' for most large SIs," says Ashish Saxena, Solutions Architect, AlcatelLucent. "Setting up NOC, engaging with customer, discussing security, connectivity, SLAs, change management and other information are the key enablers for the deployment of Managed Services. This is now already in discussion. In addition, vendors have started the training programmes for the Sis to assist in this migration." Verma warns that traditional SIs that step into the managed service space will face fierce competition from other traditional integrators as well as multinational service providers. “Multinational providers have a proven track record, global expertise and best practices, and wide span of solution capabilities. In order to outpace their competitors, traditional systems integrators should offer services that can fulfill customer expectations in terms of quality and should be competitively priced.” He adds that another important aspect is the service provider’s capabilities. Organisations should invest in technology and software infrastructure, processes, and personnel to deliver superior quality in their services. From a technology standpoint, local providers should invest in software platforms and hardware infrastructure, so that they can achieve economies of scale through high degree of automation.
“Fortinet’s Wireless Security Solution provides visibility and control of your wireless network traffic by enforcing the same policies as your wired network to eliminate potential blind spots.” FortiWifi Differentiators: Device & OS Visibility (Client Fingerprinting) Remote AP WiFi SSO and User extensions Wireless client load balancing for high-density deployments WiFi Guest Access management Infrastructure security with integrated wireless controller (FortiGate) No Seperate License Control BYOD Complete Reporting Wireless Instrusion Detection System WIFI-IDS
To find out more visit Fortinet at Gitex 2014 on Stand B2 – 1A in Hall 2. To schedule a demo meeting please call us at +971 56 1740810 or email us at fortinet@secureway.ae
P O W E R E D B Y S E C U R E WAY
FEATURE
42
SDS
Computer News Middle East
september 2014
www.cnmeonline.com
Strategic Technology Partner
storage advisor
The future of storage Storage is now marching down the same path as computing, approaching a future when all of the organisation’s storage systems can be mixed and managed as virtual pools, all defined by software.
A
s lifecycles for existing storage infrastructures approach the end, IT managers are forced to consider new storage platforms to simplify management, improve scalability and provisioning of resources to meet new business demands. The need to seriously review the current storage infrastructure has resulted in the emergence of software-defined storage (SDS), which is in line with the growing move to create the softwaredefined data centre. IDC refers to software-defined storage as platforms that deliver the full suite of storage services via a software stack that uses - but is not dependent on - commodity hardware built with off-the-shelf components. “IDC expects that the SDS market has become the de facto approach for designing next-generation storage platforms," says Swapna Subramani, Senior Research Analyst,
Systems and Infrastructure Solutions, IDC MEA. "Users are increasingly looking to software-defined platforms as viable alternatives to store data in a cost-effective manner especially in scenarios with large complex data sets." SDS will enable storage infrastructure to be managed and automated by intelligent software as opposed to by the storage hardware itself. In this way, the pooled storage infrastructure resources in a software-defined storage (SDS) environment can be automatically and efficiently allocated to match the application needs of an enterprise. “SDS puts the emphasis on storage services such as deduplication or replication instead of just storage hardware," says Hema Abhilash, Technology Consultant, StorIT. "A storage resource can be used more efficiently without the constraints of a physical system and its administration can be simplified through an automated policy." What are the implications of SDS on the entire
www.cnmeonline.com
september 2014
Computer News Middle East
43
FEATURE
SDS
data lifecycle in an enterprise? “One thing we already see as a generic trend is that infrastructure administrators, who manage much more beyond what is traditionally servers and applications — are getting more and more into managing networks and data storage,” says Sadi Awienat, CTO and Global Services Lead, EMC. What we see is that tools have to be developed and software-defined storage is a key technology evolution behind that. These are tools for those administrators to manage all those resources that they need to make their day-to-day jobs easy, he adds. “For organisations striving for lower total cost of ownership on their data storage—as well as greater agility - we see the SDS transformation as being increasingly important to optimising their current storage systems, enabling smarter technology refreshes, and providing a more simple yet faster pace of new technology implementation,” says Christian Assaf, Senior Sales Manager, Seagate. K S Ganesan, VP and CTO, IT Infrastructure Services, Cognizant, offers another perspective: “This is the age of data, when data is growing exponentially in petabyte and exabyte, and being created in different forms such as databases, flat files, and images," he says. "Organisations must look at solutions to manage the overall data lifecycle
SDS puts the emphasis on storage services such as deduplication or replication instead of just storage hardware. "A storage resource can be used more efficiently without the constraints of a physical system and its administration can be simplified through an automated policy.” Hema Abhilash, Technology Consultant, StorIT
44
Computer News Middle East
september 2014
www.cnmeonline.com
This is the age of data, where it is growing exponentially in petabyte and exabyte, and being created in different forms such as databases, flat files, and images.” K S Ganesan, VP and CTO, IT Infrastructure Services, Cognizant
- to create, use, maintain, transport and archive data. SDS is intelligent software that manages and automates storage infrastructure by abstracting storage hardware and pooling storage capacity on premise and in cloud environments. It allows effortless storage scalability beyond individual hardware components to meet organisations' data growth.” Another key question is whether SDS can provide all the features you typically get with traditional storage arrays. “Software-defined storage provides all the features of traditional storage arrays and more," says Subramani. "From the compute layer to disk storage mechanisms and from local open object interfaces to cloud-based interfaces, users get a wide range of options for data storage with added flexibility and manageability features." Ganesan adds that the scalability and manageability of traditional storage arrays are closely tied to the physical characteristics of the hardware components. “Currently, storage software features such as storage-tier, snapshots, provisioning and de-duplication, are tightly integrated to particular storage hardware. SDS allows these features across heterogeneous hardware platforms through policies. This software-based approach brings the power of storage virtualisation to automate and centrally manage heterogeneous storage arrays and enables self-service for storage provisioning.” It is important to note that software-defined storage is sometimes confused with storage virtualisation which relates to separating the
FEATURE
SDS
storage capacity from specific storage hardware systems which allows pooling of storage resources. But SDS involves separating the storage management capabilities and services from the storage hardware, which simplifies the management of heterogeneous storage environments and allows for much greater automation. “Software-defined storage is not storage virtualisation," says Awienat. "Storage virtualisation allows the capacity of multiple storage devices or arrays to be pooled so that it appears as if it is sitting on a single device. Software-defined storage is not about separating capacity from a storage device, but instead is about separating the storage features, or services, from the storage device." Abhilash agrees, “SDS is often propagated by some traditional storage virtualisation vendors as just a new name for storage virtualisation. In storage virtualisation, the ability to abstract physical storage from the control plane is a necessity but does not have sufficient capability for SDS. In addition to abstracting physical resources, an SDS system needs to offer extensive policy-based automation for resource provisioning and management as well as the ability to control storage through a program.” What are the deployment options available for users? Can SSD run on any commodity hardware? IDC's Subramani says SDS can run on any commodity hardware as long as it is “softwaredefined friendly,” - that is having a provision for
IDC expects that the SDS market has become the de facto approach for designing next-generation storage platforms. Users are increasingly looking to software-defined platforms as viable alternatives to store data in a cost-effective manner especially in scenarios with large complex data sets.” Swapna Subramani, Senior Research Analyst, Systems and Infrastructure Solutions, IDC MEA
46
Computer News Middle East
september 2014
www.cnmeonline.com
One thing we already see as a generic trend is that infrastructure administrators, who manage much more beyond what is traditionally servers and applications - are getting more and more into managing networks and data storage.” Sadi Awienat, CTO and Global Services Lead, EMC
virtualising and managing their platforms via a software layer. Abhilash adds the intelligence in SDS is in the software layer. SDS systems use commodity, off-theshelf hardware for both physical storage as well as the interconnecting fabric, which is the storage network. “Hardware in SDS needs to enable flexible and elastic configuration of storage resources through software," she says. "The best way to achieve this fluidity is by using a building-block approach to storage that allows architects to dynamically add and remove resources, in contrast to legacy storage with rigid controller designs." For example, in an SDS system, administrators and end users do not need to specify technical storage configurations such as the RAID level, drive types, RAID set size for a volume, or cache size for a pool. Rather, they will ask for a volume with a certain performance and availability profile, which the system then automatically translates into the required storage specifications and creates an appropriate volume. Industry experts say SDS is a viable technology for small and large businesses, and the notion of SDS promises to deliver on the concept of breaking the proprietary links to hardware and separating the software layer from previously dedicated hardware systems. “Many ROI studies have proved the value enterprises can achieve by deploying SDS. Small businesses can also benefit from features of SDS for little investment that starts from $10,000,” sums up Awienat.
FEATURE
Cyber warfare
From bullets to bits In addition to dealing with cybercriminals and hacktivists, enterprise security managers must pay increasing attention to avoid becoming collateral to nation-state cyber-warfare. Do recent high profile attacks on the region indicate that Middle Eastern businesses are at greater risk of attack, and what damage can cyber warfare inflict?
48
Computer News Middle East
september 2014
www.cnmeonline.com
C
overt, cancerous, catastrophic. Cyber-warfare may not be as violent and destructive as war, but the havoc it can potentially wreck is vast. As technology advances, the capacity for governments to inflict damage and administrative chaos increases, which in turn could have longer-term, farther reaching implications than initial loss of life. Cyber warfare holds several advantages over physical military action. It is less costly, and the nature of a cyber-assault allows attackers to keep their targets at arm’s length by remaining in a location of their choice; away from danger and enemy lines. This greatly decreases the risk of loss of life, and, crucially for governments, cyber-attacks can be very difficult to trace. What’s more, gaining faster, more direct access to an opposition’s infrastructure is a stealthier, less aggressive means of attack. Big or small, more and more nations are turning their attention to the battlefield of the future. “Turning to the cyber realm is a viable option for smaller countries that cannot exercise a formidable military strength,” says Lucas Zaichkowsky, Enterprise Defense Architect, AccessData. “Even a small team of cyber experts can cause a significant amount of damage as previous attacks have proven. So in a way, this is seen as levelling the playing field.” The lack of transparency in terms of attributing blame is also enticing for many, “Cyber warfare has been existent for quite some time now, however identifying direct culprits is rarely straightforward,” Megha Kumar, Research Manager, Software, IDC MEA, says. “Many attacks between countries are run by hacktivists – who are very prominent within the
security advisor
www.cnmeonline.com
august 2014
Computer News Middle East
49
FEATURE
Cyber warfare
Middle East – who generally claim to be far more patriotic compared to their governments.” The region’s status as an emerging market, the abundance of natural resources and the number of wealthy individuals residing in it mean it is one that is ripe for cyber warfare. The lack of universal standards in fields including banking, oil and gas and communications, along with evolving infrastructures and political instability underline and exacerbate this prospect. Two of the most high profile Middle Eastern cyber-attacks in recent years confirm this. In 2013 the Syrian Electronic Army hacked the Twitter account of news agency Associated Press, tweeting, “Breaking: Two Explosions in the White House and Barack Obama is injured.” This led to a 150 point drop in the Dow index, which temporarily erased $136 billion in stock market value. Although the money was recovered, this show of what cybercriminals – even those based in the Middle East – had the power to accomplish when striking a high profile target. Distributed in June 2010, the Stuxnet worm reportedly wiped out one fifth of Iran’s nuclear centrifuges. Allegedly sent by the US, once introduced to a uranium enrichment plant in Natanz, Stuxnet progressed to the programmable logic controllers managing the plant’s turbines, and destroyed the centrifuges by disrupting their rotation frequencies. The malware then spread beyond Natanz, something the US did not intend. Furthermore, in 2012 the
Turning to the cyber realm is a viable option for smaller countries that cannot exercise a formidable military strength. Even a small team of cyber experts can cause a significant amount of damage as previous attacks have proven. So in a way, this is seen as levelling the playing field.” Lucas Zaichkowsky, Enterprise Defense Architect, AccessData
$136B
amount wiped off stock markets following 2013 Syrian Electronic Army Twitter attacks
In an advanced persistent threat scenario, the first thing the attackers do is to replicate the defense systems of the target in their own lab. Once this is done, all they have to do is engineer, by trial and error, a malware piece that will not be detected by such defense systems - this is always possible to achieve.” Guillaume Lovet, Senior Manager, FortiGuard Labs, Fortinet EMEA
50
Computer News Middle East
september 2014
www.cnmeonline.com
Shamoon virus which was unleashed on Saudi Arabia’s oil firm Aramco erased data on 30,000 of the company’s PCs. It took Aramco – one of the most valuable companies in the world – a month to reverse the damage. In the same vein, perhaps the greatest threat that cyber-warfare poses is destabilising the breadth of high-powered assets that nation states possess. Where money is involved, there is the possibility of tension. Energy supply and financial systems stand out as key targets in this respect, while transportation and critical infrastructure facilities are also vitally important. The processes used to assault these assets are premeditated and precise, with attackers looking to craft the opportunity to begin the onslaught. “Usually, in an advanced persistent threat scenario, the first thing the attackers do is to replicate the defense systems of the target in their own lab,” Guillaume Lovet, Senior Manager, FortiGuard Labs, Fortinet EMEA, says. “Once this is done, all they have to do is engineer, by trial and error, a malware piece that will not be detected by such defense systems this is always possible to achieve, because of Cohen’s Theorem. Companies traditionally respond to that by setting up defense systems that are very costly and complex to replicate, thus making the job of attackers very difficult.” Lovet also recognises the capacity for this process to mirror that of traditional military action, “This is essentially an arms’ race, to make defense systems hard and too costly to replicate, either because of their complexity, or because of their hidden nature.”
We’re all geared up! Visit Us @ GITEX 2014 Hall 2, Stand # D2-1
R
Deliver On
FEATURE
Cyber warfare
In the face of this widespread threat, organisations need to be vigilant to ensure they are as well prepared as possible to avoid being caught in the crossfire of attacks. “As in all wars the biggest problem is that of collateral damage,” says Firosh Ummer, Managing Director, EMEA, Paladion. “Today, the world is heavily interconnected and Cyberwarfare attacks may be targeted at military infrastructure, critical infrastructure, businesses or even the bystanding citizen. In a worst case scenario, the critical infrastructure can be brought down which can result in the breakdown of lawfulness in society leading to looting, rioting and violence.” Attacks will always result, and if hackers are smart and ruthless enough organisations will remain powerless to defend themselves. Nevertheless, rigorous analysis beforehand can at least mitigate the resultant damage from cyber warfare. “Businesses need to start by playing a game of ‘what if ’,” David Emm, Senior Regional Researcher, Global Research & Analysis Team, Kaspersky UK, says. “That is, they should conduct a thorough risk assessment that looks at (a) how they operate, (b) the risks the business faces as a result of this, (c) how security might be compromised (d) the cost to the business of a breach and (e) how effective the mitigation strategy is.” Nader Henein, Regional Director, Product Security, Advisory Division, BlackBerry, is clear about
“Businesses and individuals need to cooperate in the investigation, apprehension and prosecution of cyber criminals. We also to ensure that economic activities over the Internet can proceed unfettered and intellectual properties are protected.” Alaa Abdulnabi, Regional Pre-Sales Manager, Turkey, Emerging Africa and Middle East, RSA
52
Computer News Middle East
september 2014
www.cnmeonline.com
There’s no question that we are entering an era of ‘cold cyber-war’, where nations have the ability to fight each other unconstrained by the limitations of realworld war. Looking forward we can expect more countries to develop cyber weapons – designed to steal information or sabotage systems.” David Emm, Senior Regional Researcher, Global Research & Analysis Team, Kaspersky UK
the standards that are needed for businesses and nation states to stay on top of their game. “The most dangerous mentality we see today is this ‘good enough’ approach to security,” he says. “’Good enough’ will protect you from a simple automated attack, or if an employee loses their laptop, but it will not amount to much else. Good is not good enough.” To what extent will future warfare be conducted via computers? Emm believes history is repeating itself, only this time in cyberspace. “There’s no question that we are entering an era of ‘cold cyberwar’, where nations have the ability to fight each other unconstrained by the limitations of real-world war,” he says. “Looking forward we can expect more countries to develop cyber weapons – designed to steal information or sabotage systems.” Paranoia has its drawbacks, says Alaa Abdulnabi, Regional Pre-Sales Manager, Turkey Emerging Africa and Middle East, RSA, who believes security must be balanced with retaining the integrity of personal and intellectual activity, “There should be no tolerance for cyber war in the same way we have abhorrence to nuclear and chemical war,” he says. “Businesses and individuals need to cooperate in the investigation, apprehension and prosecution of cyber criminals. We also to ensure that economic activities over the Internet can proceed unfettered and intellectual properties are protected. Today personal information is the true currency of the digital era hence it is very important that our fundamental freedoms are protected.”
FEATURE
54
NFV
Computer News Middle East
september 2014
www.cnmeonline.com
in association with
telecoms WORLD
Going virtual Network functions virtualisation (NFV) technology promises to help carriers reduce costs and quickly roll out new services.
T
raditionally, network functions were run on proprietary equipment. Offering new services meant testing and deploying new specialised appliances - an expensive and slow process. Major carriers are interested in NFV because its gives them a standards-based approach to virtualising telecom applications, allowing them to run on industry standard servers, according to Gartner. The idea of NFV is to adopt cloud principles to make telco networks much more cost effective and agile. Instead of being delivered as special purpose hardware “boxes�, network functions will be virtualised in the form of software. These virtual network functions can be deployed on any generic server-based cloud infrastructure.
NFV runs on high-performance x86 platforms, and it enables users to turn up functions on selected tunnels in the network. The goal is to allow people to create a service profile for a VM, or flow, and leverage x86 muscle to build an abstraction on top of the network - the tunnel - and then build virtual services on that specific logical environment. Once in place, NFV saves a lot of time on manual provisioning and training. NFV also reduces the need to overprovision: rather than buying big firewall or IDS/IPS boxes that can handle a whole network, the customer can buy functions for the specific tunnels that need them. This reduces initial Capex, but the operational gains are the real advantage. NFV can be thought of as a parallel to VMware, with a few boxes running a lot of virtual servers, and a point and click provisioning system.
www.cnmeonline.com
september 2014
Computer News Middle East
55
FEATURE
NFV
Game changer NFV has the potential to advance significant changes in the way telecom networks are built and operated. “There are many benefits to virtualising network functions, one of the top being a reduction in the numbers of devices and a corresponding reduction in equipment costs as well as reduced power and space costs as one server can host several virtualised network appliances," says Adrian Pickering, VP-MEA, Juniper Networks. "Virtualisation also speeds time to market by minimising the number of devices that the operator needs to certify and train their staff on. Services can be rapidly scaled up as required as it is only necessary to install additional virtual appliances on existing server equipment." Mitch Auster, Senior Advisor, Market Development, Ciena, sums up the overarching promise of NFV in one word: agility. “By shifting the services software that previously executed on dedicated, purpose-built hardware to a consolidated, generic compute platform on common-off-the-shelf servers, operators have the flexibility to adapt to changes and customer demands much faster than in the past. It gives operators the ability to introduce and modify new services, and in-turn respond to customer demands much faster,” he says. As a result they can greatly accelerate and simplify
By shifting the services software that previously executed on dedicated, purposebuilt hardware to a consolidated, generic compute platform on common-offthe-shelf servers, operators have the flexibility to adapt to changes and customer demands much faster than in the past. It gives operators the ability to introduce and modify new services, and in-turn respond to customer demands much faster” Mitch Auster, Senior Advisor, Market Development, Ciena
56
Computer News Middle East
september 2014
www.cnmeonline.com
Virtualisation also speeds time to market by minimising the number of devices that the operator needs to certify and train their staff on. Services can be rapidly scaled up as required as it is only necessary to install additional virtual appliances on existing server equipment.” Adrian Pickering, VP-MEA, Juniper Networks
the introduction of new services and experiment with more new product offerings since the hurdle of potentially wasted hardware is overcome. Operators can quickly roll-out new services and feature upgrades without truck-rolls. In addition, NFV enables operators to switch vendor products without having to replace equipment. Importantly, NFV enables operators to create more tailored, value-added services depending on unique customer requirements. In addition, as NFV has the potential to drastically reduce the weighty burden of an initial CAPEX investment when rolling out new services, operators can take more risks when deploying new product offerings, ultimately creating more value; encouraging and increasing customer loyalty while driving new revenue streams and sales opportunities. NFV is considered a next-generation network architecture, reducing telecommunications network complexity by replacing incompatible network appliances with standardised software. “Network operators are tiring of needing to have dedicated hardware for each function in their networks," says Diego Arrabal, VP-Southern Europe and ME, F5 Networks. "They want to virtualise the hardware. In a more traditional network infrastructure, operators would have a ‘Box A’ from Vendor Y doing routing, ‘Box B’ from Vendor X managing the NAT, and so on; every function requiring its own dedicated hardware. Ultimately, the ideal end-game is for operators to rely on virtualised instances of specialised equipment on general computing hardware in a data centre."
FEATURE
NFV
NFV is coming, and the train is already in motion. But while full virtualisation might be further down the tracks it won’t be very long until we see virtualisation of valueadded services and optimisation services being deployed commercially. Those service providers that get ahead early stand a good chance of leading the pack for some time to come.” Diego Arrabal, VP-Southern Europe and ME, F5 Networks
Another factor that makes NFV an attractive proposition is that it can be incrementally deployed with very modest impact on existing network elements. “By leveraging virtualisation to replace dedicated hardware, NFV can be incrementally deployed frequently with modest impact on existing network elements. NFV Management and Orchestration (MANO) systems must be integrated with existing network and element management systems, but hardware changes are not required,” says Auster. Pickering adds that as the NFV paradigm affects the complete telecommunication and remote communication service ecosystem, it is foreseen that in the next years all the different infrastructures will be updated either directly to the new architecture providing the complete benefits or on a migration path with limited advantages. Transformation to virtual network architectures will require OSS systems that can manage both physical and virtual resources simultaneously. One of the biggest challenges vendors and operators have had historically is integration issues with OSS/BSS as they are typically deeply ingrained and difficult to change. “As NFV delivers on the promise of a more cloud-like dynamic network and services, OSS/BSS systems will have to adapt to new notions of dynamic, cloud-like services, which necessitate major changes to billing, service assurance, product catalogues and order management,” says Auster. 58
Computer News Middle East
september 2014
www.cnmeonline.com
Types of Network Functions Virtualisation
Almost any network function can be virtualised. The NFV focus in the market today includes: Virtual switching – physical ports are connected to virtual ports on virtual servers with virtual routers using virtualised IPsec and SSL VPN gateways. Virtualised network appliances – network functions that today require a dedicated box can be replaced with a virtual appliance. Examples include firewalls, web security, IPS/ IDS, WAN acceleration and optimisation. Virtualised network services – examples here are network management applications such as traffic analysis, network monitoring tools, load balancers and accelerators. Virtualised applications – almost any application you can imagine. For example, there is a great deal of development today for cloud applications, such as virtualised storage and photo imaging services, to support the explosion in tablet and smartphone usage. Source: 6WIND
The mobile operators are hoping to get many of the same advantages that server virtualisation has afforded enterprises, including lower costs and the ability to roll out new services faster using NFV, which is part of every vendor’s product strategy. “NFV is coming, and the train is already in motion. But while full virtualisation might be further down the tracks it won’t be very long until we see virtualisation of value-added services and optimisation services being deployed commercially. Those service providers that get ahead early stand a good chance of leading the pack for some time to come,” says Arrabal.
Opinion Ian Fleming
Five trends that will shape the future of ERP Ian Fleming, Managing Director, IFS Middle East, Africa and South Asia proscriptive regarding the technology employees can use risks the emergence of shadow IT; when IT solutions are built or adopted without explicit organisational approval. Enterprise Resource Planning (ERP) in particular has a lot to gain from adopting an open approach to new innovations. Here are the five technology trends that I believe have the potential to shape the future of ERP, if implemented correctly:
B
usinesses today are required to deal with technological advancements occurring at a pace never experienced before. What’s more, trends like the consumerisation of IT have lessened the CIO’s ability to regulate which technologies are used alongside the corporate network. As trends like Bring Your Own Device (BYOD) continue to make an impact, it’s important that the IT department embraces new technologies for a number of reasons. Aside from missing out on any potential benefits, being too
60
Computer News Middle East
september 2014
The Internet of Things The Internet of Things (IoT) is a concept that provides objects, such as cars and electrical appliances, with the capacity to transfer data over a network without requiring human interaction. In the case of ERP, devices are available that can be attached to tools and even vehicles, feeding data back to applications hosted in the cloud. Information such as location, usage and performance can then be easily accessed, allowing organisations to identify issues like where unused assets are, or if maintenance is required. Wearable technology This was one of the focal points at this year’s Consumer Electronics Show (CES 2014) and Gartner has predicted that the wearable technology market will be worth $10 billion by 2016. While much of the attention generated by wearables has focused on consumer propositions like fitness trackers, there are also a host of applications in the workplace. Augmented Reality enabled glasses like Google Glass will enable hands free operations which can be of great
www.cnmeonline.com
benefit for many blue collar workers. Even smart watches represent a step forward compared to PDAs and smartphones since they are more easily accessible and are less likely to be misplaced/ dropped etc. Devices designed to monitor external factors like UV exposure or heat can help improve management of employee health. Big data analytics Organisations have become more dependent on IT and, as a result, they have accumulated a wealth of data that has been traditionally underutilised. As the IoT connects tools and employees to the internet, this data generation is set to grow exponentially. By employing analytical tools, organisations can begin to use this data to make accurate predictions that form the basis of a more intelligent approach to business strategy. The age of context With businesses increasingly operating in a multichannel world, using technology that understands the situation you’re in, what information you would like to see, and how you would like to see it, will begin to have a real impact on performance. PCs and mobile apps will increasingly integrate context aware functionality to anticipate user needs and improve the efficiency of day to day tasks. For example, a field service engineer will automatically receive all the asset data, job instructions, customer relationship history as soon as they arrive at the repair site. Opening business to innovation Over the next few years, technology like wearables, the IoT and big data analytics stand to reinvent business processes across many different industry sectors. Organisations need to keep an eye on technological advances, even those that may seem to be irrelevant. Recent developments have shown that solutions which first appeared to be designed for consumers are increasing finding profitable applications within businesses. By taking an innovative approach to the adoption of technology, businesses stand to save time and increase productivity; results that will be reflected in the bottom line of enterprises that choose to embrace new technologies.
Visit us at Gitex, Hall 1, Stand D1 – 34 12 - 16 October 2014
Analyst corner Gartner
Rethinking endpoint protection Endpoint protection platforms need to become more proactive, writes Peter Firstbrook, Research VP, Gartner
O
ver the last few years, there’s been a significant increase in targeted attacks affecting connected devices. In a study of endpoint protection platforms, or EPP, Gartner found 35 percent of customers have been compromised by malicious code. It’s clear that industry, with its adherence to reactive protection techniques, is failing to keep malicious code off end-user devices.
62
Computer News Middle East
september 2014
The sad reality is that any targeted attacker will code and test his or her payload to evade the target’s anti-malware system. If EPP solutions are to be successful, they need to become more proactive. They need to focus on the entire security life cycle of policy, prevention, detection, and remediation. Organisations need policy to proactively configure the endpoint to reduce the potential
www.cnmeonline.com
attack surface; prevention that provides realtime protection techniques to identify and filter malware; detection that indicates the presence of anomalies and threats; and remediation to repair any existing damage. Gartner’s research shows that, while proactive policies will defeat 85 to 90 percent of malware, EPP buyers actually put the highest value on prevention, hoping to avoid the additional work of proactively setting policy or tracking down anomalies that may turn out to be false positives. Long dwell times - the number of days that malware is on an endpoint before it is detected and quarantined or deleted - are a hallmark of successful advanced attacks. Gartner clients are searching for tools to reduce dwell times, as well as EPP products that can handle the full spectrum of servers and clients. Today, large enterprise buyers are selecting best-of-breed mobile device management (MDM) tools to protect and manage endpoints for iOS and Android devices. However, Gartner expects the EPP market to absorb this function within the next two years. There are also specialised features required for virtualised servers such as Exchange, SharePoint, Linux and Unix. The large enterprise EPP market continues to be heavily dominated by Symantec, McAfee, and Trend Micro – with these three companies accounting for around 65 percent of total EPP revenue. Sophos and Kaspersky Lab are also competitive across multiple functions and geographies. These global leaders account for 82 percent of the EPP market share. While impressive, this figure is actually down 3 percent on the 2013 analysis. In the less demanding small and midsize market, niche players and visionary companies, with their dedicated focus on specific features and geographic regions, are having a bigger effect, slowly eroding the market share of the global leaders. In the longer term, Gartner believes the biggest threat to market share will come from the increased displacement of Windows endpoints by application-controlled operating systems. By 2017, more than 50 percent of end-user devices will be restricted to running only apps that have been preinspected for security and privacy risks. These solutions shift the value proposition from traditional anti-malware to MDM, and data and privacy protection capabilities.
opinion IoT
3
security practices that IoT will disrupt By Jonathan Lampe, Security Researcher, InfoSec
R
ight now, there are hundreds of companies churning out “Internet of Things” (IoT) devices as fast as they can. The people slapping these devices together are often doing things on a shoestring budget, with an incomplete understanding of the full potential of their components, and rarely any eye toward security. The result so far has been millions of devices reaching the market with Clinton-era network, web and physical security. Today we’re seeing IoT devices - even those in the medical industry - ship with default passwords such as “1234”, vulnerable services such as ‘telnet’ enabled, web applications that allow users to easily bypass authentication and other vulnerabilities that we thought we addressed more than a decade ago. Is help on the way? Some companies and communities are starting to realise that many IoT devices pose a threat to their security and privacy, but most still do not. For consumers and businesses, organisations such as the Internet of Things Security Laboratory promise to list and rate devices by their “hackability,” allowing people to make informed decisions before buying insecure devices.
64
Computer News Middle East
september 2014
But how does this affect established security practices? As an IT professional concerned about security, you are already probably familiar with several secure best practices, each backed up with millions of man-years of actual use in high value environments. Best practices include putting your internal resources behind a good firewall, putting your Internet-communicating applications in the DMZ, proxying your outbound web traffic and relaying your email as well as centralising credential management and using shared authentication services (‘single sign on’ or ‘unified login’). One of the popular attributes of IoT technology is that it’s disruptive. Normally, when you hear that term, it means that it threatens the market share of an established player, or that it may replace a different kind of application used for a similar purpose. But when ‘disruptive’ is applied to IoT, it also means that IoT threatens a number of well-established security practices. With that in mind, there are a number of best practices under threat by IoT. IoT vs. Internal resources behind a firewall The most common network topology we see in homes and businesses today looks like this: Internet - firewall - internal network. In this case all of the devices on the Internet are untrusted
www.cnmeonline.com
and prevented from connecting to the Internet network and all of the devices on the internal network are allowed to talk together using internal protocols like SMB. This works, but only as long as all the devices on the internal network can be trusted to talk to each other, or at least are protected with other robust security practices such as regular patching and using antivirus. The BYOD movement that began around 2010 lobbed the first grenade into this orderly world, and led many businesses - and a few
opinion IoT
consumers - to build a separate ‘guest’ or ‘mobile’ network for devices their employees, partners and contractors brought into the home or office. Today, IoT devices threaten to completely upend this model. Many people install IoT devices such as security cameras for business purposes and expect them to be readily available on their Internet network. Others install new devices - such as smart TVs, kitchen appliances and light bulbs - without expecting them to have any computing abilities or the need to talk to anything else. The wide range of intentions and business purposes can quickly lead to a chaotic internal network environment where cheap, easily hackable devices may share signals with core storage and database servers. A solution to this problem exists in the form of network segmentation - by business purpose and class of device - but deploying separate cables and wireless access points consistently across a business campus can strike many companies as cost-prohibitive. Cost-driven compromises and the common errors that people make when installing the wrong device in the wrong network mean that untrusted IoT devices will continue to have access to critical data across internal networks. However, the massive exposure weak segmentation creates gives me hope that the outdated practice of “just putting Internet network resources behind the firewall” may soon be a thing of the past. IoT vs. DMZs, web proxies and email relays It is an accepted best practice in larger organisations to use DMZ network segments to isolate outbound traffic emitters, including web proxies for all internally-initiated web traffic and email relays for all internally-composed email messages. IoT devices disrupt this model in several ways. IoT devices are almost never installed in DMZ segments, so typical DMZ firewall rules provide no protection. Some IoT devices do not support a web proxy configuration, so people are forced to abandon their devices or make web proxy exceptions for them. Some IoT devices can use cellular network services to dial out for updates and new information, rendering DMZ and all other firewall rules useless. Rather than send email alerts and messages
66
Computer News Middle East
september 2014
locally, some IoT devices ‘phone home’ (connect to a web service) and use their home service to send email back to the installer’s email account across the Internet. To defend against behaviour that challenges established DMZ, proxy and relay practices, device capabilities must be researched before they are purchased. Specifically, determine a few key aspects of the Iot device in question. Firstly, determine whether or not the device needs to connect to the Internet using web services and whether it supports a configured web proxy. Devices that do not support a configured web proxy should be avoided. Then determine if the device connects to a cellular network for Internet services of SMS access and if it sends email alerts or other messages. If it does, I suggest allowing the device to connect to the Internet network with care.
Now a similar challenge to centralised credential management is being mounted by the onslaught of IoT devices - most of which only allow local user management - and associated IoT management systems, which frequently also only allow local user management. Business-facing cloud services were brought to heel eventually because their “freemium” business strategies required business customers to buy the premium services, and businesses demanded integration with their local authentication systems. However, it remains to be seen if IoT devices will face the same pressure, especially in arenas such as kitchen appliances, light bulbs and security cameras where so many of the potential buyers are home consumers, who don’t value centralised authentication. In the meantime, it is worth seeking out devices and management consoles that support Active Directory, SAML, RADIUS and
A solution to this problem exists in the form of network segmentation - by business purpose and class of device - but delpoying separate cables and wireless access points consistently across a business campus can strike many companies as cost-prohibitive. IoT vs. centralised credential management and shared authentication services A movement toward centralised credential management built on shared authentication services - such as Active Directory - has long been a central tenet of system architecture. Network security has benefited from this as well, since access to multiple systems can be quickly revoked from a central console, and users have fewer incentives to reveal ‘post-it’ passwords when they can use the same credential on multiple systems. The early days of cloud services provided a direct challenge to central management, but this challenge has largely been beaten back by cloud services that support external authentication such as Active Directory agents or SAML. The BYOD movement also challenged this tenet, but is being defeated through integrations that require common credentials to access email, IM and file servers.
www.cnmeonline.com
other well-established external authentication methods that allow you to control access to IoT functionality with your existing systems. As we saw, IoT devices will disrupt three wellestablished security practices, but only one is likely to fall permanently into the dustbin of history. Shaken but safe: Using DMZs, web proxies and email relays. Shaken but should eventually be safe: Using centralised credential management. Shaken and falling: Using one big internal network behind a firewall. Nonetheless, it pays to do your research on the security attributes and integration points of any IoT device before purchasing it. Without certain key features like web proxy support and external authentication, the workarounds required to support IoT devices may end up disrupting the security of your network.
insight Authentication
Trust but verify Multi-factor authentication is fast becoming the security norm. However, not all authentication tools are the same. When choosing a authentication protocol, there are a few things to keep in mind to avoid common pitfalls and keep the data safe. 68
Computer News Middle East
september 2014
www.cnmeonline.com
W
hile it may be human nature to make comparisons, not all of them are helpful or accurate. When comparing a Porsche and a Volkswagen, for example, the most plain comparison that can be made is that they are both German car companies. They sell cars that have wheels, doors and engines, and will get you from Point A to Point B. Superficially, they have basic things in common, but look closer, and the Porsche is a different animal. In a similar vein, not all multi-factor authentication approaches are the same. The variances can mean the difference between true security and security that is susceptible to phishing, between timeliness and late arrival of
MEET
Gartner Security & Risk Management Summit 2014 15 – 16 September 2014 | Raffles Hotel, Dubai, UAE gartner.com/me/security
Smart Risk: Balancing Security and Opportunity
HOT TOPICS @ THE GARTNER SUMMIT Cybersecurity Risk and Compliance Internet of Things Mobile and Cloud Security Single Sign-on and Identity Governance Operational Technology Risks Security Metrics and Analytics
AT
insight Authentication
authentication codes, and between user-friendly and hard-to-use applications. The first thing to beware of when considering multi-factor authentication tools is pre-issued passcodes. Many authentication platforms operate similarly to token-based technologies with pre-issued one-timepasscodes that are based on a seed file. If these codes are pre-issued then they are vulnerable to hacking. Hackers can access information through unauthorised usage or theft of seed files. This is not just a theoretical risk but has actually happened before, requiring the replacement of millions of hardware tokens. If the authentication code is pre-defined before the login, then it can be stolen and used for another login. In the end this means that the system’s security can be significantly compromised and the code can be exploited by phishing. A second important factor is the significant benefit that challenge and session-based security brings to the table. Being challengebased enables organisations to set up systems that make employee remote logins even more secure. With this approach, when a code is generated it’s only after the user session has been confirmed. By waiting to generate the code, instead of relying on a pre-set bank of existing codes, administrators can see which computer workstation the login request is coming from. A code is then created and linked to the computer so the code can only be used from the same machine from which the request was originally initiated. If for any reason the code is intercepted, it cannot be used on any other device. This helps to protect against sophisticated attacks such as man-in-the-middle attacks. Next, it’s important to look past the shiny surface of authentication apps. Certainly mobile apps are cool and most users are familiar with using them on their smartphones.
Hackers can access information through unauthorised usage or theft of see files. This is not just a theoretical risk but has actually happened before, requiring the replacement of millions of hardware tokens. But as an authentication mechanism, the ‘coolness’ of the mobile app will quickly fade once an organisation starts deploying it in the real world. Making sure an app is successfully deployed to everyone in an organisation can be a challenge, as is the chore of maintaining compliance so that everyone is using the most up-to-date version. If an organisation opts for an approach that requires user-deployed software, then it drastically increases user dependency since the success of the implementation relies on all users having the software deployed and up-to-date. In addition, the technology relies on all users having a smartphone, which is not always the case. The mobile app (unless it uses a basic soft token) also requires a data connection to work and this can be impractical and expensive to use for employees while traveling. When implementing a multi-factor authentication security platform that leverages SMS as a delivery mechanism for the OTP (One-Time-Passcode), the reliability of the SMS arriving on-time becomes missioncritical. Users are waiting to log into critical business applications remotely and cannot proceed until the code arrives. There is a huge difference between the SMS arriving within 10 seconds or two minutes. If the code isn’t effectively delivered on-time, it might create
There is a huge difference between the SMS arriving within 10 seconds or two mintues. If the code isn’t effectively delivered on time, it might create a situation in which a high percentage of the codes arrive late. 70
Computer News Middle East
september 2014
www.cnmeonline.com
a situation in which a high percentage of the codes arrive late. Some authentication providers claim that SMS delivery is not reliable enough and, as a result, they encourage the usage of pre-issued codes. However, this lowers the level of security significantly because the OTP cannot be generated in real-time and can be a dangerous trade-off to make. Another consideration when implementing mobile-based multi-factor authentication technologies is the level of adaptive support. One best practice is to take full advantage of contextual information, such as login behaviour patterns, geo-location and type of login system being accessed. This provides some powerful benefits for an organisation in terms of added user convenience. For example, it allows for the level of security to dynamically adjust based on where the user is located when logging in, what time they are logging in and what network they are logging in from. If the user is logging in from a trusted location - such as the user’s home - where they have logged in from before, then they will not be prompted for an OTP in order to authenticate. On the other hand, if the user is attempting to log in while traveling (i.e. from an airport lounge or hotel with public Wi-Fi), then an OTP is mandatory to gain access. If all you need is a rig to get you to the local shops and back, a Volkswagen is fine. But if you need a vehicle that delivers high performance at high speeds, a Porsche is a much better choice. Just as all cars are not created equal, neither are all multi-factor authentication tools. Security, reliability and ease of use are just some of the many vital components to consider when choosing a security platform. It’s essential that organisations move beyond “good enough” authentication to keep ahead of modern security threats and keep data safe.
insight Big Data
A Discovery in the Big Data Era Big Data can be extremely useful, or equally as tedious. With the world generating more and more data, businesses need the tools to tame this beast.
72
Computer News Middle East
september 2014
www.cnmeonline.com
relentless explosion of Big Data continues to ignite pervasive and persistent problems as organisations grapple with how best to retain, access, discover and ultimately delete content in compliance with evolving regulations. Growth is being impacted by evolving data retention requirements, and industry regulations, which necessitate that some types of data be kept for anywhere from a few years to indefinitely. Big Data plagues many stakeholders, from IT to Legal. While IT departments grapple with how to support complex Big Data environments, legal teams are tasked with making accommodations for Big Data in the already expensive eDiscovery process.
Inform. Involve. Inspire. In Doha. ITU Telecom World 2014 will explore the strategies, policies and models that are set to disrupt the future of the ICT sector. It’s a unique opportunity to experience the insight of world-class experts. To position your country, brand or organization, highlight opportunities and innovation, and secure partnership leads. It’s also the world’s only communications conference where emerging and developed markets alike share perspectives with both public and private organisations. Contact us today at participate.telecom@itu.int to ensure the future doesn’t take you by surprise.
insight Big Data
The world generated more than one zettabyte (ZB), or one million petabytes (PBs), of data in 2010. This year, the growth is predicted to reach 72 ZBs a year, fuelled in part by the rapid rise of machine-generated data. Structured data (e.g., data records from programmed trading and financial transaction systems, intelligent meters, call-detail records for smartphones and tablets, etc.), unstructured data (e.g., images, audio or video files) as well as semi-structured data (e.g., emails, logs, etc.) add yet another layer of management complexity, especially when determining the most efficient and reliable way to ingest, protect, organise, access, preserve and defensibly delete all this vital information. In sifting through voluminous Big Data to find responsive information, organisations can spend millions of dollars to isolate relevant Electronically Stored Information (ESI) and even more to review it. Simply put, the Big Data problem brings new meaning to the phrase, “looking for a needle in a haystack.” Companies can begin to view data backups and archives more strategically while leveraging integrated solutions for lowering storage costs and compliance risks. Technology solutions need to meet the demands of the business with a flexible and adaptable strategy that best reflects the needs of the business as it evolves. Crossing Big Data’s Backup and Archive Chasm For many organisations, backup and archive functions are deployed and maintained as separate “silos” within an overall information management strategy. Multiple, disparate hardware and software products typically manage these data silos, which leads to duplicate copies of information that must be protected and preserved. Additionally, legal pressure to find and preserve data typically causes yet more silos or a worst-case scenario - indefinitely extended retention of information assets because of inadequate visibility into what an organisation is keeping. Storage and backup administrators oversee data protection and are heavily focused on the impact Big Data has on backup windows, recovery SLAs and infrastructure costs. While information management buyers are fixated on how Big Data affects data retention, discovery and information governance policies, and often operate without regard to the operational impact of these policies.
74
Computer News Middle East
september 2014
Companies can begin to view data backups and archives more strategically while leveraging integrated solutions for lowering storage costs and compliance risks. As a result, a chasm exists between these two critical constituents in ongoing Big Data conversations. According to Gartner, backup complements archive and vice versa - yet most tools and technologies address either one or the other of these disciplines. Gartner, among others, predicts that being able to look at backup and archive holistically promises significant cost reduction and risk management benefits. The convergence of backup and archive is an emerging concept that’s gaining traction as organisations seek solutions to reduce the number of copies created for backup and archiving while more closely aligning data access policies for both. Taking a United Front on Data Convergence One way to accomplish this is the unification of backup and archive, but it requires cross functional teaming, ensuring that the needs of the business are met for every stakeholder. This starts with developing a better understanding of how applications, users and critical business processes need to access data throughout its lifecycle. As part of this process, many of the hurdles thwarting streamlined access to individual and corporate data across the enterprise will be uncovered while at the same time, areas will be identified where limited visibility into vital information assets has created undue exposure to compliance and information governance risks. The notion of a single data repository that eliminates redundancies and separate silos is compelling on many levels. A holistic approach that captures data once and then repurposes it for data protection and preservation is key to getting the right data into the hands of the right people so they can turn it into something more meaningful and actionable for the business. Moreover, the ability to leverage a singlequery data repository enables legal teams to obtain the most comprehensive results to an
www.cnmeonline.com
eDiscovery request in the least amount of time. Having a single collection ensures that all data sources are accounted for in a discovery effort, ensuring all case critical data has been collected, preserved and is ready for review. Also, a central place to delete data also reduces both the cost and risk of inadvertently storing multiple copies. Understanding large data pools well enough to extract and collect relevant subsets for both reactive and proactive eDiscovery can prove to be a huge cost and risk reduction exercise. Converged data protection and retention strategy allows for centralized reporting that enables business and IT leaders to make more informed decisions with their data while bolstering analytical skills. Organisations can extend their view into the business with embedded intelligence and analytical tools that provide granular insights into the ever-evolving role data can, and should play, in driving business direction. Most important, companies can maintain a balance between capturing too much data or not enough as both scenarios pose potentially serious business risks. Armed with appropriate insight and tools, it’s possible to verify whether all data sources have been collected across the enterprise. With robust reporting and predictive tools, it’s much easier to forecast, analyze and budget properly for the ongoing onslaught of Big Data. Reporting can be used as a tool in the eDiscovery process to effectively defend methodologies of a data collection and preservation effort of an organisation responding to litigation, regulatory request or an internal investigation. Forward-thinking companies, which embrace a unified approach for managing both backups and archives, will be able to take full advantage of a future-proof solution that elevates overall information management while providing appropriate access to business-critical information as it ages.
insight 802.11 AC
Transitioning to T Gigabit Wi-Fi Overlay or rip and replace? Site survey or wing it? Need to upgrade the links to the APs? What about monitoring and management? Here is what you need to consider when you migrate to 802.11ac.
76
Computer News Middle East
september 2014
www.cnmeonline.com
he move to 802.11ac gigabit WiFi is picking up steam, seeing a 540 percent increase since 2013, for obvious reasons: 802.11ac is faster, more agile and more robust than any of its predecessors. Providing Wi-Fi at the speed of wired networks, 802.11ac is revolutionizing how enterprises support the large quantity of devices connecting to their corporate networks. With multiple product introduction waves expected in the coming years, adoption will only accelerate. With all that 802.11ac has to offer, organisations need to make sure they are set up for success. Here are the top things to consider as you prepare for the transition:
insight 802.11 AC
Consider your options. The basic consideration is this: rip-and-replace, or simply add a new 802.11ac network to your existing WLAN (often called an “overlay” network). If your network is like most enterprise networks, the bulk of your traffic is probably still in the 2.4GHz band, using the traditional b/g channels. Even if you’ve added 802.11n along the way, it’s most probably still heavily focused in the 2.4GHz band. If this is the case, an overlay network is the way to go. Since 802.11ac only uses the 5GHz band, there will be little or no disruption to your current user base, and new clients with 802.11ac technology will immediately benefit from the new network. And, if you have clients that already support 802.11ac technologies (like the newer Macbooks) you will even see a benefit on your existing 2.4GHz network as these users will seamlessly migrate to the new 802.11ac network, freeing up bandwidth on the 2.4GHz channels. ABI Research predicts that 70 percent of smartphone shipped by 2015 will have “ac” chipsets, and since smart phones are probably the biggest BYOD challenge, moving them off to a new 802.11ac network in a new frequency band will provide some instant relief. However, 70 percent isn’t everyone, and there are still all those 802.11b/g/n laptops to worry about. An overlay strategy will allow these devices to remain viable until you’re ready to replace them, and if you have certain users who must have the performance of 802.11ac, they can always do an inexpensive upgrade by simply buying an 802.11ac WLAN USB adapter. Rip-and-replace is a complete replacement of all 802.11 APs (and probably all controllers if your WLAN is controllerbased). Since most 802.11ac APs are dual radio, with one of the radios supporting the legacy 2.4GHz band (b/g/n technologies), you won’t lose support for existing clients, and you’ll end up with a simpler and easier to manage WLAN infrastructure. But a rip-and-replace strategy is typically more expensive, as you’ll need new APs everywhere, not just in the areas where you need higher capacity today.
78
Computer News Middle East
september 2014
But if you haven’t yet made a big investment in 802.11n, and you know you’re WLAN needs a serious overhaul, a complete rip-andreplace may be the best strategy. The overlay vs. rip-and-replace decision is not an easy one, and it includes factors beyond just technology. It’s important to analyze the financial impact and determine which solution is best for you. But if you haven’t yet made a big investment in 802.11n, and you know you’re WLAN needs a serious overhaul, a complete rip-and-replace may be the best strategy. Survey your site. Site surveys are always controversial. Some swear by them. Others see the time and consulting fees as a waste. But regardless of whether you plan to just add some 802.11ac equipment, or do a wholesale replacement, now is the time for a site survey. With 802.11ac you’re entering some unchartered territory: the 5GHz band. A professional site survey will tell you exactly what the 5GHz band looks like in your environment, helping you identify and avoid existing interferers, and make smart configuration choices for your new equipment. With all of the new features in 802.11ac, including some optional advanced features like beam-forming, the only effective way to truly take advantage of 802.11ac is to use a site survey to come up with a sensible WLAN design. You will converge on a design much more quickly, with the time savings more than paying for the cost of the survey. Wired upgrades? The migration to 802.11ac means speed. And that presents some new challenges in deployment and management. Gone are the days when a 100Mbps link to your access points was sufficient. With 802.11ac, maximum data rates easily exceed 1Gbps with current phase 1 technology (1.3Gbps to be exact), and will be creeping up towards
www.cnmeonline.com
2Gbps with phase 2 equipment. Even though the aggregate data rate from these APs will never hit these maximums, aggregate data rates in the range of 500M – 800Mbps will be possible on networks with primarily 802.11ac clients. This means you need at least a 1Gbps drop to each AP, and you may need to plan for more if you expect to continue to upgrade your 802.11ac equipment to take full advantage of what it will offer over time. Don’t drop your packets. In the good old days network monitoring and analysis was pretty straightforward. Access points (APs) and the USB WLAN adapters typically used to capture packets for monitoring and analysis pretty much had the same capabilities regarding encoding, data transmission, and data rates. But with 802.11ac, APs often have much greater capabilities than clients, and this is especially true when comparing 802.11ac APs with 802.11ac USB WLAN adapters. As a result, attempting to monitor and troubleshoot an 802.11ac network with an 802.11ac WLAN USB adapter can be very problematic. The WLAN adapter will not capture, and will not even indicate in any way, that there is 802.11ac traffic that exceeds its data rate capabilities. This results in serious blind spots in network analysis and troubleshooting. The exponential growth of mobile access and its introduction into the workplace has accelerated the need for network reliability and uptime. The new 802.11ac wireless standard offers increased throughput, better capabilities for multiple users, and overall improved features for the content- and data-heavy networks of today. 802.11ac improves the WLAN user experience by providing data rates more 10 times the speed that was previously available..
The largest business awards in the GCC 30th November, Dubai
Stars of Business has become an iconic awards brand like no other in the r egion. It recognizes the very best SMEs across 26 business categories. It’s universally respected as scientifically assessed and unimpeachably judged.
327,000 SMEs across the UAE $234 billion estimated total revenue of the SME sector 4,974 Awards entries in 2013 1,856 Individual company applicants
nominate now at www.starsofbusinessawards.com
Presenting Partner
Strategic SME Partner
Knowledge Partner
Official Publication
Organiser/Publisher
ADVERTORIAL
Secunia Research Team Discovers Critical Vulnerabilities IT Security in the Middle East: Concerns and Opportunities Earlier this year, IDC proclaimed IT security was too big of a concern to be disregarded by companies based in the Middle East. Recent attacks have urged both CIOs in the region to consider investing more in IT security awareness and governments to devise and implement national information security strategies. Examples include the National eSecurity Center in Saudi Arabia, NESA and aeCERT in the UAE and QCERT and ictQatar in Qatar. The Middle East Cybersecurity market is estimated to grow from $5.17 billion in 2014 to $9.56 billion in 2019, which represents an estimated compound annual growth rate of 13.07%, according to a study by MarketsandMarkets. Also, we estimate that financial losses in the UAE and Saudi Arabia – the biggest IT markets in the region – reached about $3 million on average per company in year 2013. Sectors including oil & gas, banking and financial services and telecoms are most attractive to cybercriminals. The proliferation of mobile and business applications and the explosion of smartphone penetration have not only provided companies with insights into consumer behaviour but also allowed hackers to increase their attacks. Therefore, IT and cybersecurity companies are required to invest further in security intelligence, deploy more resources to adapt to the market needs and proactively uncover any vulnerabilities.
Secunia, the leading provider of IT security solutions is extending its reach in the market to meet those demands. The company will also be present at Gitex Technology Week 2014 to highlight its commitment to this region and celebrate the accomplishments of its unmatched Research Team.
Middle East Cybersecurity market growth From $5.17 billion in 2014 to $9.56 billion in 2019
Oil & Gas, Banking and Financial services and Telecoms sectors are most attractive to cybercriminals
Financial losses in the UAE and Saudi Arabia reached about $3 million on average per company in year 2013
Secunia Research Team: the Most Reliable Source of Information Since the inauguration of Secunia, it has been the company’s goal to be the most accurate and reliable source of Vulnerability Intelligence. The Secunia Research team comprises a number of Secunia security specialists who conduct their own vulnerability research in various products in addition to testing, verifying and validating public vulnerability reports, and meticulously coordinate vulnerability disclosure with researchers and vendors. “With the upsurge in cyber-attacks, individuals and enterprises alike want to ensure that their sensitive data is safe and secure. This is why our customers greatly appreciate our accuracy in verfying all disclosed vulnerabilities and the reliability of the information we provide. Being the world’s most trustworthy Vulnerability Intelligence source requires skilled and dedicated staff with a passion for exposing vulnerabilities”, said Kasper Lindgaard, Director of Research and Security at Secunia. The Secunia Research Team members spend a considerable amount of time researching various high-profile closed source
and open source software using a variety of approaches, but focus mainly on thorough code audits and Binary Analysis. This allows them to verify and detect vulnerabilities that are not normally nor easily found via e.g. fuzzing techniques. Members of the Secunia Research Team have discovered critical vulnerabilities in many popular products from various vendors including: Microsoft, Symantec, IBM, Adobe, RealNetworks, Trend Micro, HP, Blue Coat, Samba, CA, Mozilla and Apple. There are different platforms available to access information released by the Secunia Research Team including, 1) Secunia advisories which are available for non-commercial, private use; 2) Secunia Vulnerability Intelligence Manager (VIM) which is a powerful threat intelligence solution covering more than 50,000 systems and applications and accessible to users by license for commercial/ corporate use; and 3) the Secunia Corporate Software Inspector (CSI) which receives information about the security patches made available for the vulnerabilities present in the corporation’s infrastructure.
ADVERTORIAL
through Advanced Technologies Code of Conduct: the Secunia Disclosure Policy Based on years of experience with vendors of various sizes having different approaches and attitudes towards fixing vulnerabilities, Secunia has witnessed that software vendors too often deliberately fail to respond to vulnerability reports, do not respect the valuable work made by the researcher, or simply take too long to develop fixes thus leaving their customers exposed for a long period of time. Hence, the Secunia Research Team has decided upon a standard disclosure policy, which represents a reasonable “match” between a fair amount of engineering and quality assurance efforts and the need of providing a timely fix to vulnerabilities. The team first works on sourcing the right security contacts and following up with the vendor to remedy the issue. However, should the vendor not respond to the repeated requests, the vulnerability information is published without further coordination attempts. By default, vulnerabilities are coordinated for no more than 6 months. About one month prior to the half year mark, the vendor is informed about a fixed disclosure date set by Secunia Research at the half year mark. At that time, a Secunia advisory is published regardless of patch availability. A vulnerability may in certain cases be coordinated for up to one full year if the vendor is communicating a clear intention to address the vulnerability and can commit to a date within that period and the vulnerability is considered to be complex to address.
Secunia’s participation at GITEX 2014 “Secunia will be present at Gitex this year to increase visibility and awareness about our Research Team and highlight our commitment to the Middle East. This is evident in our team’s investments in researching and publishing the quarterly KSA country reports releasing critical information on the state of security on private Saudi PCs. Being one of the biggest tradeshows worldwide, this event will also serve as a great platform to network with customers, partners and other vendors. Secunia has seen significant growth in the past year throughout its operations in the region and is determined to continue acquiring bigger shares in the Middle Eastern cybersecurity market,” commented John Spoor, Director Emerging Markets & APAC at Secunia.
Face to face Brian Kenyon
Malware maladies Brian Kenyon, Chief Technology Strategist, McAfee, a part of Intel Security, follows a “define-freeze-fix” approach to eradicate malware. He is confident that his company is well positioned to deal with today’s ever-evolving threat landscape. How do you see the threat landscape evolving? Are attacks getting more sophisticated and targeted? Even the newest hacker can purchase the deadliest malware today. Viruses and the like are being churned out at an astronomical rate. Various tools and techniques are available that can equip anyone to pose a threat. The nature of current malware is quite refined. This includes ransomware and digitally signed
82
Computer News Middle East
september 2014
malware, to name a few. Cryptolocker, a kind of ransomware, targets Microsoft Windows and restricts access to the computer system that it infects until a ransom amount is paid to the creator(s). Our systems are hacker-friendly. Normally, malware will scan the infrastructure for a weak point that can be breached. We promote such intruders to get into the system in order to study their behaviour and use the information
www.cnmeonline.com
against them – to block them from other places. When an attacker tries to break-in, we trace the footprints well enough to thwart all future attempts. There are two broad classifications for all attacks. The first kind is the targeted attack when infiltration is done patiently as the attacker is after a specific kind of data. The other kind causes a nuisance by casting a wide net of malware and seeing what is infected.
What is the integrated security approach McAfee is preaching to protect governments and businesses? We educate businesses and governments on various security risks and how a security strategy needs to be put in place to induce risk mitigation. This is done largely through our network of resellers and individuals who sit with these entities and understand what their priorities are, how they are struggling and where McAfee solutions can come in. How effective are standalone appliances in protecting enterprise networks today? Appliances and security tools today are already moving to a virtual infrastructure but it is progressing slowly – organisations aren’t just jumping onto the idea. Virtualisation of network infrastructure is happening at a steady rate. Earlier on cloud was the big move that everyone made. Software-defined networking and virtualisation aren’t quite there yet. Security needs to be taken seriously in the virtualisation process. When a server rack is added to a data centre physically, it’s hard not to notice. That isn’t the case virtually. People can launch newer servers and new applications without taking security into account. While that is happening, McAfee is working with VMware, Microsoft and Citrix to bring a security capability into these organisations to make the network appliances secure. For instance, if Microsoft turns on a virtual web server – the security in place (i.e. firewall or antivirus) turns on simultaneously. What is the biggest source of malware today? Where is it coming from? It is originating from all over the world but is focused more on cross-platform applications. For example, Adobe and a few Microsoft applications are relatively popular as these work on Mac, Windows and all mobile platforms. Applications of such a nature are more likely to be targeted. The security of each application depends on who wrote it – Android being open-source is more vulnerable because anyone can access it, as compared to Windows or iOS. How do you protect against Advanced Persistent Threats (APTs)? McAfee follows a three-pronged approach to deal with all APTs: Define – whereby, we enable customers through our technology to find
What is required today is different from what was needed before, as we have to provide an integrated security fabric - we can’t go in and sell as product here and a product there. threats in their environment; freeze – next we quarantine the threat so that it doesn’t spread any further; and fix – finally, we eradicate it. All APT(s) are there for a long time. If you are able to find that threat quickly and in an automated fashion, you can contain it in time and eradicate it so that it doesn’t spread any further. When a piece of malware comes through an endpoint, we identify it and use what we have learned to hunt the rest of the environment to see if that exists anywhere else – and if it does, we define and pull it out. Cryptolocker is a case in point – how it was identified on the system alongside all the encryption algorithms that helped us remove it and stop some of the remains from pushing through. Can you tell us a bit about the sandboxing technology available in your latest appliance? Also called Advanced Threat Defense, it is built to arm us with an alternate inspection engine. Using our network technologies such as IPS or web gateways, we can move suspicious files to it, contain them in a virtual container and detonate these so we can see how the malware behaves, how it activates, what it does and use that information to protect other solutions and get them to block the virus if it is detected anywhere else. Is anti-virus obsolete as a technology? Is it just the idea that stands there and not the product itself? Antivirus isn’t obsolete – it is still very much viable and it still stops a lot of malware everyday but it is not the answer to the future. It’s a technology that is still very relevant but we need to build advanced detection capabilities and get more insight on how users are browsing the web. We are still five years ahead of the antivirus technology becoming obsolete in its traditional form. Has the rebranding of McAfee Security to Intel Security changed your operations in any way? Intel Security is a partnership initiative with Intel whereby we are using Intel hardware to make our security capability better and leverage future capabilities of Intel processor chips and
www.cnmeonline.com
data centres. The McAfee roadmap is still very much independent – there are things we are doing with Intel that are being introduced in the market as a combined effort - but McAfee is handling the product development on its own. What suggestions would you give to C-level IT decision makers about justifying IT spend to drive business? Is selling a particular solution more of a challenge today as compared to before? Not really, as security is still top-of-the-mind for an enterprise. What is required today is different from what was required previously as we have to provide an integrated security fabric – we can’t go in and sell a product here and a product there. We have to provide them with an overarching solution that leads them to a path of defending their assets. That is different from the past when companies would just go and buy an IPS or a firewall. Today, companies approach the security solution provider for an overarching strategy to help them protect their assets. What is McAfee’s IT security roadmap for the next two years? McAfee is focused on four core areas: These include advanced malware – being able to quickly define, freeze and fix; Big Data analytics - being able to take anomalous data and identify when things are out of the norm; threat intelligence – how can we bring both local intelligence and global intelligence to fight the threat; and virtualisation – continuing to develop the networking functionality of that software that enables virtualisation. Any parting words for the enterprise buyer? Organisations need to keep in mind what they intend to defend before getting into what tools they should buy. What they need to analyse first is which information would make the attacker rich from targeting the company, what would ruin them or what regulatory and compliance issues do they have to abide by – from that information they can move onto devising a strategy on what systems and tools would they need to put in place.
september 2014
Computer News Middle East
83
Face to face Shaygan Kheradpir
Flying high In his first visit to an emerging market after taking over the reins at Juniper Networks, CEO Shaygan Kheradpir sat down with us to talk about his vision for the company and strategy for the new era of IT.
Y
ou have met some of your biggest customers here. What are they telling you? Any common themes? Growth. There is a big growth happening in this region centred around networks. It’s the same trend across the planet but it is more accelerated in the Middle East. I see big ambition everywhere. The world is pivoting towards everything-as-a-service, delivered through big networks, otherwise known as cloud.
84
Computer News Middle East
september 2014
What is the integrated operating plan that you have announced recently? Do you have any plans to re-evaluate your portfolio and streamline R&D? IoP’s focus is on the ‘big areas’ that matter to customers, who are building the technology for the new-age cloud network. We focus on highIQ networks that deliver a lot of intelligence to the applications. IOP is about focusing on the rapidly changing world and making sure
www.cnmeonline.com
that we catch those winds. We focus our R&D around those areas, and also the way we work. In a sense we are taking the company back to its roots, which is entrepreneurial, agile, and very much with our customers. Is this internal restructuring ‘One Juniper’ all about? I wouldn’t call it restructuring but refocusing the company on innovation that matters most
Download the
cloud
GITEX App
One week to supercharge your business strategies 1 2 - 1 6
O C T O B E R
2 0 14
DUBAI WORLD TRADE CENTRE, DUBAI, UAE
GPOWERHOUSE IT E X OFco n fer en ces KNOWLEDGE AND NETWORKING 13 OCTOBER
Smart
big data real time mob i le
Official Country Partner: NIGERIA
14 OCTOBER
15-16 OCTOBER
12-16 OCTOBER
15 OCTOBER Gain valuable insights from an unrivalled speaker lineup:
Daniele Catteddu
Simon Torrance
Ali Mattar
Carolynne Schloeder
Managing Director, EMEA Cloud Security Alliance
Member, Big Data Programme World Economic Forum
Managing Director, MENA LinkedIn
Director, Global Mobile Partnerships Wikimedia Foundation
REGISTER TODAY! Access unprecedented levels of knowledge exchange and focused networking opportunities
Visit: www.gitex.com/reg-conf E : G I T E X @ DW T C. C O M T: + 9 7 1 4 3 0 8 6 8 0 5 W W W. G I T E X . C O M / T R E N D S GitexTechnologyWeek Organised by
Knowledge Partners
@gitextechweek Co-located Events
GITEX TECHNOLOGY GROUP Official Travel Partner
Official Media Partner Cloud Confex + Big Data
Official Country Partner: Nigeria
GitexTechWeek
Diamond Sponsor Cloud Confex
Supporting Media Partners
GitexTechWeek
blog.gitex.com
Platinum Sponsor Cloud Confex
Diamond Sponsor Big Data
Official Publisher
Lead Sponsor Digital Strategies Forum
Official Travel Partner
Face to face Shaygan Kheradpir
to our customers. We are refocusing on high-IQ networks and cloud building, and as I said earlier, taking the company back to its roots. You have your roots in the service provider business. Will that be the primary focus of business? Service providers are our heritage and we are very focused on them, partnering with them on the journey to the next wave of growth. We are also focusing on other vertical segments, where the network is mission critical. Do you feel the line blurring between service providers and enterprise markets? The line is blurring in the sense that there is a set of enterprises that have all the attributes of a service provider. For example, are Google and Amazon service providers or enterprises? We have dealt with a couple of airport operators with mission critical networks that are serving the airlines, immigration services, etc. On one hand, these are massive service providers from a mission critical perspective. On the other, you have an amazing retail experience being built into these airports. So there are two elements. One is an enterprise network that caters to consumers and the other that provides services to small and medium businesses. You can’t design your grandfather’s network for them. Before, in the enterprise everything was centred around data centre design. Now forward-looking enterprises consider cloud services that emanate from these data centres. Earlier, it used to be all about servers, storage and networking. Now, it’s the reverse with networking being number one. Networking has become the first mover in creating these ‘cloud ecosystems’ and there
Service providers are our heritage and we are very focused on them, partnering with them on the journey to the next wave of growth. We are also focusing on other vertical segments. is a reason for that. What people want to do is deliver everything-as-a-service, be it through public or private cloud. You need to have big scale, reliability, Fort Knox security, massive automation and multi-tenancy. Those characteristics define enterprises today, and these are our customers today. Juniper is the only pure-play, highperformance IP networking company in the market today. There isn’t a second one. Customers come to us to help - and in some cases co-create with them - innovative networking solutions that can roll out services so they can stay competitive. Are you going to review your product portfolio? There is speculation that you might stop selling some of the older brands? We are very happy with our cloud builder, high IQ network strategy. Things which fit that include routing, security, switching with a lot of intelligence on top, putting it all together. That is what we do and we are very focused on it. We are not selling storage, radio access networks and servers. This is good because at this moment in time the network is the first mover; it’s a world where everything is available as a service today. And we are presently at the core of it- Layer 3 all the way to layer 7; we are sitting in a very good spot. You have been able to grow your switching
When I was growing up, it was a luxury to be able to take your work together home - now you have millions of people who are in control of their lives in every way.
86
Computer News Middle East
september 2014
www.cnmeonline.com
business by 45 percent, and yet your overall market share is just 3 percent. How do you plan on competing with Cisco, who still has the lion’s share? The market for switching is growing by 3 percent. So why has Juniper’s business grown over 3 percent? This is because enterprises are building for the future and they want all the characteristics I have mentioned before - the new tech because the old word doesn’t work anymore. Smart customers who are pushing the boundaries with innovation are cutting Juniper’s way and we are thrilled about it. We are very fortunate to have been announced by AT&T as their selection for what they call domain 2.0. We won a very large, global financial services company, all going on Juniper for their internal high IQ network and cloud. Our growth in the first quarter came from Web 2.0. Here you have to ask yourself why Juniper was chosen? It is because these customers want pure-play, high-performance and most importantly an open solution that can be easily scaled-up and scaled-down. What is your vision for Juniper in the next 12 months? We want to make sure we are able to cater to the needs of new world – the power of the network is so dynamic that the challenges are also multi-fold as businesses have greater responsibilities due to changing customer demands. Everything is possible today. When I was growing up, it was a luxury to be able to take your work home – now you have millions of people who are in control of their lives in every way. The rise of the creative planet has turned everything upside down for them. We understand new tech extremely well. We understand our customers really well – we cocreate with them their future business.
ai
4 ,D
ub
01 we
rs
r o 2 te
sT
be ira
to ah
Em
Oc eir
um
th m
,J
12
oo llr Ba in lph do Go
cnmeonline.com/ictawards For sponsorship enquiries, please reach: Rajashree R Kumar Publishing Director raj.ram@cpimediagroup.com +971 55 105 3782 +971 4 440 9131
Michal Zylinski Senior Sales Manager michal.zylinski@cpimediagroup.com +971 55 230 2341 +971 4 440 9119
GOLD SPONSORS
For nominations, please reach:
For registration enquiries, please reach:
Jeevan Thankappan Group Editor jeevan.thankappan@cpimediagroup.com +971 4 440 9133
CPI Events Team +971 4 440 9154 bitevents@cpimediagroup.com
SILVER SPONSORS
Launches and releases
PRODUCTS
PRODUCT WATCH A breakdown of the top products and solutions launched and released in the last month.
PRODUCT OF THE MONTH Product: Zenfone Series Brand: ASUS What it does: ASUS’s latest addition to its portfolio of low-cost gadgets is the Android-based Zenfone series. The Zenfone line-up has already been compared to the HTC One series, only with a smaller price tag. Other than a difference in the screen display that gets taller by an inch on every model upgrade in the three-device series, the Zenfone also accommodates two SIMs and a microSD card. Built on Intel Atom Dual-Core Z2520 with 1 GB RAM and 8 GB storage in addition to 5 GB of ASUS Webstorage, this device could be an answer for those who crave style and functionality on a small budget. Running on Android Jellybean 4.3, it is the first ASUS device equipped with ZenUI as well as two exclusive apps – What’s Next and Do It Later – that enable endusers to prioritise tasks in order of importance. What you should know: Despite a decent resolution at 1280 x 720 megapixels, the auto mode camera lighting is dimmer than an average IPS display. The unique shooting modes do make the phone fun to use, but a picture captured in the depth of field mode can appear artificial and the user needs to be quite steady when clicking. When outdoors, it is best to capture images in night mode or low light mode. If you intend to use it for a photo shoot, the maximum on-screen time you should expect is four hours. Overall, it is a well-equipped budget smartphone that can be purchased online starting from US$108.63.
88
Computer News Middle East
september 2014
www.cnmeonline.com
Product: TREK Wireless Weatherproof Speakers Brand: TDK Life What it does: The TREK Wireless Weatherproof Speakers recently launched by TDK Life on Record, aims to deliver quality sound that doesn’t flicker with background movement. It is three-and-a-quarter inches square in size and weighs less than half a pound for a wireless audio device with a battery life that lasts up to six hours. Perfect for the sporty user, the product’s weatherised design shields it from any wear and tear resulting from bad weather. Built on NFC-enabled TrueWireless Stereo technology, it easily pairs with a phone and plays music from any device with a headphone jack. What you should know: Noteworthy in particular, is the ease with which the TREK Wireless Speaker can be carried around. It virtually goes unnoticed when attached to the backpack, belt loop or purse. It uses an Advanced Audio Distribution Profile (A2DP), which is a Bluetooth profile type, to play wirelessly transmitted stereo audio from a phone or a computer. The TREK Micro Wireless Speaker can be purchased from any electronic specialty store for US$ 81.40.
Product: HTC Desire 516 and 616 Brand: HTC What it does: The much-awaited HTC Desire 516 and 616 were also introduced to the Middle East market last month. With relatively similar features, both the phones are equipped with Li-Po 2000 mAh batteries that keep the Octa-core 1.4 GHz Cortex-A7 processor of HTC 616 and Quad-core 1.2 GHz Qualcomm Snapdragon processor of HTC 516 charged for 3-4 hours easy with the gaming apps running. The HTC 516 includes a 5MP rear-facing and a 2MP front-facing camera both of which record videos at 720p; the HTC 616 features an 8MP back-camera which shoots full HD videos at 1080p and a 2MP front-facing camera which shoots videos at 720p. What you should know: Both the HTC Desire phones support two SIM card slots; one of these is a regular SIM card slot that runs on 3G whilst the other is a microSIM card slot that runs on 2G only. Running on Android Jellybean 4.2.2 OS currently, both the phones can be upgraded to Android KitKat by the user. However, the user is likely to struggle with storage when installing app(s) or running a software upgrade. With 4GB storage and 10GB RAM, the defaults apps on both the phones already take up 2.2GB of storage space. The higher-priced HTC 616 is thinner at 9.2 mm size, and includes a premium HTC feature, BlinkFeed, which aggregates news stories and social network updates. The HTC Desire 516 can be purchased online for US$217.53, slightly more expensive than the HTC Desire 616 retailing for US$ 258.37.
www.cnmeonline.com
Product: Xperia M2 Aqua Brand: Sony What it does: Dubbed the ‘world’s most waterproof phone’, Sony will bring the Xperia M2 Aqua to the regional market midSeptember. The phone has the same features as Xperia M2 with the waterproof advantage; it still features the same 8MP camera with a 4.8 inch display and runs the same Qualcomm Snapdragon 400 processor with Quad-core 1.2 GHz CPUs. Compared to its predecessor, the Aqua version better fits the photography appetite of a diver wanting to snap pictures underwater. The smartphone’s camera also supports live streaming to Facebook. What you should know: With the launch of the Xperia M2 Aqua, Sony is bringing waterproof expertise to a mid-range smartphone for the first time. The M2 Aqua is designed to connect to the Sony Smart Band SWR10, creating an automatic diary of all daily activities and entertainment. Available in black, white and copper, the phone will available online for US$326.71 following the official launch.
august 2014
Computer News Middle East
89
Column The word on the street
James Dartnell
Chasing shadow I
CNME’s man about town gives his spin on the latest IT news and trends. 90
Computer News Middle East
september 2014
T departments can be unpopular at the best of times. They bear the brunt of bad will when technology fails the business, and are all too often left giving employees the hard-line, ill-explained “No” to seemingly simple requests. When it comes to shadow IT, and BYOD, this is particularly the case. Research suggests that 35 percent of employees feel obligated to bypass IT’s established security policies and procedures to get their work done, often via their own consumer products which put the organisation at risk. This should set alarm bells ringing among CIOs. If that volume of employees will freely admit to flouting established rules, how many instead choose to grin and bear them? RSA’s stat suggests staff are frequently antagonised by IT’s refusal to bend to their wants. If a compromise can be reached, making a conscious decision to frustrate staff undoubtedly makes bad business sense. Aside from avoiding this conflict, finding a middle ground on shadow IT has the power to breed innovation. Like it or lump it, as in the case of BYOD, IT departments will be bypassed when employees feel restrictions are unjust and counter-productive. They are becoming more tech savvy; cloud services like Dropbox, iCloud and Google Disk
www.cnmeonline.com
are dropping in price, or are already free. Why not harness their urge to use these technologies to the company’s advantage? I hear the hard-nosed CIO cry, “What nonsense. Imagine the security holes that will emerge when I let that happen. How will it make me look when the company’s reputation is damaged and we lose money? Utter rubbish.” Granted, there are obvious concerns in deviating too far from IT’s guidelines. Call it hair-brained optimism, but it could well be useful to sit down with employees and determine the services that they feel they need to be at their best. Next, establishing clear guidelines on BYOD, applications and cloud services is a must. Cloud services have to be managed and monitored. Leveraging an objective and comprehensive registry allows the highest risk services to be identified and blocked via the organisation’s existing IT infrastructure, or by communicating directly with users. The organisation needs real-time insight into business case gaps, conflicts and security issues. Network monitoring is also essential in keeping a hawk-eye over shadow IT goings-on. Empowering workers with secure, ITcontrolled-anywhere access to information which works within a solid MDM framework has the power to achieve great reward. Throughout all these processes, the onus remains on IT to communicate concisely what it wants from employees without dictating what will seem to them as draconian terms. The end result is worthwhile: employees being able to access corporate data securely across locations and devices. Awkward perhaps, but rather than wasting time chasing show IT, CIOs can coax employees into a middle ground, which will, aside from benefitting the business, put them in the best possible light.
START LOADING THE FUTURE WITH THE LEADING PROVIDER OF IT BUSINESS SOLUTIONS IN THE GCC
Looking for an IT partner that offers a winning combination of world-class technology, customized solutions and personalized expert support? Look no further. As the sole distributor for IBM in the Gulf*, with over 20 years of regional experience and an expansive network of best-in-class partners, particularly Cisco, Gulf Business Machines (GBM) understands how to leverage the potential and power of IT better than anyone. Fast, future-proof and easy. Visit www.gbm4ibm.com to get started.
ABU DHABI DUBAI BAHRAIN KUWAIT OMAN PAKISTAN QATAR
*IBM Sole Distributor in the GCC excluding selected products and services, excluding Saudi Arabia. Š2014 Gulf Business Machines. All rights reserved. GBM, the GBM logo, START LOADING THE FUTURE are trademarks of Gulf Business Machines. IBM and the IBM logo are registered trademarks of International Business Machines Corporation (IBM) in the United States and other countries and used under license. IBM responsibility is limited to IBM products and services and is governed solely by the agreements under which such products and services are provided.