Managed Services Special by Bhupinder Sharma

VOL 02 | ISSUE 09 MARCH 2010 | RS. 50 A 9.9 MEDIA PUBLICATION

SELECT

S ERIE S

MANAGED SERVICES SPECIAL From demystifying CLOUD COMPUTING and unlocking MANAGED SECURITY to getting a fix on DATA CENTRES and profiting from

MANAGED VIDEO SERVICES – it’s all in here. Look inside, partners...

BUSINESS SERVICE MANAGEMENT

APPLICATION DELIVERY

MANAGED SECURITY

BSM helps IT improve process efficiency and provides the capability to address multiple challenges at the same time

Mature, well-proven application delivery controllers hold the key to unlocking the potential of cloud computing

Two-factor authentication foils identity thieves, and today’s solutions are inexpensive and easy to use

editorial

Managed Service?

or many in the industry who admitted they didnâ&#x20AC;&#x2122;t know much about outsourcing, one example was often cited in various forums. The analogy of the washerman providing an â&#x20AC;&#x2DC;outsourced or managed serviceâ&#x20AC;&#x2122;. (Even to those who had fancy washing machines but used them for everything other than washing.) But those were early days. From such simple examples being used to describe a growing phenomenon in IT to the multi-acronym XaaS (replace X with S for Software, P for Platform or I for Infrastructure as a Service), we have come a long way. So long, in fact, that everything now seems to emerge and evaporate into those big clouds in cyberspace! On a serious note, could things be going any other way? Customers â&#x20AC;&#x201C; whether individuals or businesses â&#x20AC;&#x201C; were getting cheesy of expensive software and hardware upgrades each time a new bell-andwhistle was announced. And then the downturn hit big time. And then the CIOs, CFOs and even CEOs wised up to the notions of pay-as-you-go, energy efficiency, TCO (Total Cost of Ownership) and sundry other concepts contrived to deliver more computing juice for the buck. No wonder almost the entire vendor community huffed and puffed in eXaaSperation. The result: the idea of managed service now envelops more and more stuff in its fold. The new

sanjay.gupta@9dot9.in

The tech industry must constantly find and tweak ways to deliver more services on a usage model

buzz word is â&#x20AC;&#x2DC;cloudâ&#x20AC;&#x2122; but, essentially, many experts believe cloud computing to be a subset of managed services. Whatever the relationship, thereâ&#x20AC;&#x2122;s little argument that the way forward for the entire tech industry is to constantly find and tweak ways to deliver more services â&#x20AC;&#x201C; and value â&#x20AC;&#x201C; to customers on a usage and contractual model rather than one based on outright purchase. Of course, this shift does not mean (can never mean, in fact) that there will be no hardware guys. But there will be fewer of them in absolute numbers and most of them are likely to be attuned to serving data centres and managed service providers instead of consumers and enterprises. This adjustment is not just for the small in size: even a Microsoft has to fight it out to stay relevant in a much-Googled world. So, at what stage of this movement are we? You tell me...

SANJAY GUPTA Editor Digit Channel Connect

sounding board sounding board VOL 02 | ISSUE 09 MARCH 2010 | RS. 50 A 9.9 MEDIA PUBLICATION

S E L ECT

t "DDPSEJOH UP QSFEJDUJPOT CBTFE PO B (BSUOFS XPSMEXJEF TVSWFZ PG PWFS SFTQPOEFOUT UIF PWFSBMM NFBO BWFSBHF GPS TQFOEJOH XJUI FYUFSOBM TFSWJDF QSPWJEFST JT FYQFDUFE UP JODSFBTF QFS DFOU JO :FU UIFSF JT B HSFBU EFHSFF PG WBSJBUJPO CZ DPVOUSZ GPS FYBNQMF *OEJB VTFST FYQFDU UP JODSFBTF TQFOEJOH CZ QFS DFOU BOE +BQBO VTFST FYQFDU B EFDSFBTF PG QFS DFOU

S E R I E S

MANAGED SERVICES SPECIAL From demystifying CLOUD COMPUTING and unlocking MANAGED

SECURITY to getting a fix on DATA CENTRES and profiting from MANAGED VIDEO

t 'PSSFTUFS 3FTFBSDI QSFEJDUT UIBU XPSMEXJEF TQFOEJOH PO *5 DPOTVMUJOH BOE TZTUFNT JOUFHSBUJPO TFSWJDFT XJMM HSPX QFS DFOU JO

SERVICES â&#x20AC;&#x201C; itâ&#x20AC;&#x2122;s all in here. Look inside, partners...

BUSINESS SERVICE MANAGEMENT

APPLICATION DELIVERY

MANAGED SECURITY

BSM helps IT improve process efficiency and provides the capability to address multiple challenges at the same time

Mature, well-proven application delivery controllers hold the key to unlocking the potential of cloud computing

Two-factor authentication foils identity thieves, and todayâ&#x20AC;&#x2122;s solutions are inexpensive and easy to use

Write to the Editor E-mail: editor@digitchannelconnect.com Snail Mail: The Editor, Digit Channel Connect, K-40, Connaught Circus, New Delhi 110 001

DIGIT CHANNEL CONNECT

MARCH 2010

t "T QFS B SFDFOU TPGUXBSF QSJDJOH TVSWFZ CZ *OUFSOBUJPOBM %BUB $PSQPSBUJPO *%$ DVTUPNFST XBOU TPGUXBSF QSJDJOH NPEFMT UIBU BMMPX UIFN UP QBZ POMZ GPS XIBU UIFZ VTF XIJMF NBJOUBJOJOH BO FWFO EJTUSJCVUJPO PG DPTUT PWFS UJNF 5P BDIJFWF UIJT WFOEPST BOE DVTUPNFST XJMM IBWF UP XPSL UPHFUIFS UP SFEFGJOF UIF TPGUXBSF WBMVF GSBNFXPSL

contents VOL 02 ISSUE 09 | MARCH 2010

Managing Director: Dr Pramath Raj Sinha Printer & Publisher: Kanak Ghosh

MANAGED SERVICES SPECIAL

EDITORIAL Editor: Sanjay Gupta Sr. Correspondents: Charu Khera (Delhi), Soma Tah (Mumbai) DESIGN Sr. Creative Director: Jayan K Narayanan Art Director: Binesh Sreedharan Associate Art Director: Anil VK Manager Design: Chander Shekhar Sr. Visualisers: PC Anoop, Santosh Kushwaha Sr. Designers: Prasanth TR & Anil T Photographer: Jiten Gandhi

From demystifying CLOUD COMPUTING and unlocking MANAGED SECURITY to getting a fix on DATA CENTRES

BRAND COMMUNICATION Product Manager: Ankur Agarwal SALES & MARKETING VP Sales & Marketing: Navin Chand Singh National Manager - Events and Special Projects: Mahantesh Godi (09880436623) Business Manager (Engagement Platforms) Arvind Ambo (09819904050) National Manager - Channels: Krishnadas Kurup (09322971866) Asst. Brand Manager: Arpita Ganguli Co-ordinator - MIS & Scheduling: Raj Sharma Bangalore & Chennai: Vinodh K (09740714817) Delhi: Pranav Saran (09312685289) Kolkata: Jayanta Bhattacharya (09331829284) Mumbai: Sachin Mhashilkar (09920348755)

and profiting from

MANAGED VIDEO SERVICES – it’s all in here. Look inside, partners...

MANAGED TELEPRESENCE

BSM

THE TIPPING POINT

REAPING THE BENEFITS

Has the technology for telepresence finally come of age?

Business Service Management helps IT improve process efficiency and provides the capability to address multiple challenges at the same time

A BREAK IN THE CLOUD

Mature, well-proven application delivery controllers hold the key to unlocking the potential of cloud computing

SECURITY 28 MANAGED THE IDENTITY FIX

EDITORIAL ......................................................... 02 TRENDS ............................................................. 06 IP NETWORK INFRASTRUCTURES ...................... 11 DRIVE COST DOWN ........................................... 12 DOING IT RIGHT ................................................ 13 REDEFINING VALUE COMPUTING...................... 14 MAKING ENTERPRISE SECURITY EASY.............. 22 THE HEAT IS ON ................................................ 26 THINK IT THROUGH ........................................... 27 MANAGING THE CHANGE ................................. 30 BUILDING VALUES ............................................. 32 WINDS OF CHANGE .......................................... 34 AN EXCITING OPPORTUNITY ............................. 35 MANAGING COMPLEXITY OPTIMALLY .............. 36

ADVERTISERS INDEX Lenovo ...........................................................IFC, BC, IBC Simens ...........................................................................1 DigiLink .........................................................................3

Two-factor authentication foils identity thieves, and today’s solutions are inexpensive, easy to use and ready for India’s banks

OFFICE ADDRESS

Nine Dot Nine Interactive Pvt Ltd., KPT House, Plot 41/13, Sector 30, Vashi, Navi Mumbai - 400 703 Phone: 40789666 Fax: 022-40789540, 022-40789640 Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd. C/O KPT House, Plot 41/13, Sector 30, Vashi (Near Sanpada Railway Station), Navi Mumbai 400703 Editor: Anuradha Das Mathur C/O KPT House, Plot 41/13, Sector 30, Vashi (Near Sanpada Railway Station), Navi Mumbai 400703 Printed at Silverpoint Press Pvt. Ltd, TTC Ind. Area, Plot No. : A - 403, MIDC, Mahape, Navi Mumbai - 400709

Gigabyte ........................................................................5 Lenovo ....................................................................18,19 HP ..........................................................................24,25

CHANNEL CHAMPS Sr Co-ordinator - Events: Rakesh Sequeira Events Executives: Pramod Jadhav, Johnson Noronha Audience Dev. Executive: Aparna Bobhate, Shilpa Surve

OTHERS

APPLICATION DELIVERY

DIGIT CHANNEL CONNECT

PRODUCTION & LOGISTICS Sr. GM Operations: Shivshankar M Hiremath Production Executive: Vilas Mhatre Logistics: MP Singh, Mohd. Ansari, Shashi Shekhar Singh

MARCH 2010

COVER DESIGN: SAMEER KISHORE

trends

S E L E C T

Sharad Srivastava launches own firm, Grassroots Channels

A-Data announces investments in India

consultants and agenharad Srivastava, cies, helping compawho recently left nies execute plans as Western Digital, per agreed parameters. has launched a unique What is unique with business development Grassroots Channels ser vice company is its ability to match Grassroots Channels. the problem with the Leveraging his vast most workable solution experience of working enabling the vendor in market development companies to connect and channels in the Sharad Srivastava with their potential region, first with Seagate customers in the shortest possible and then with Western Digital, timeframe,” elaborates Srivastava. Srivastava is offering companies a “The concept has been well received unique promise of build-operateby companies and I am hopetransfer - under which he will ful that we will shortly bring in a set up the complete distribution varied portfolio of innovative prodbusiness for companies which are ucts that are well suited to Indian hesitant about committing direct needs,” he adds. resources to enter the market, Grassroots Channels will not only operate with for agreed period of plan entry strategy for its customtime with ownership of company ers but will actually help jump start sales/revenue target and transfer their market engagement, covering the working business at the end of a wide array of services: Market contract period Research & Analysis, Direct/Viral “Grassroots Channels will help Marketing, Brand Building, etc. bridge the gap between analysts/

Brocade appoints new partners

rocade has announced that it has selected three strategic reseller partners to help expand its existing data centre distribution network to enterprise IP networking products. Brocade selected Smartlink, MRO-TEK and GLS for their ability to efficiently deliver networking solutions to channel reseller partners, as well as their extensive knowledge, skills, and expertise in the networking industry. Under the agreement, Smartlink , MRO-TEK and GLS will assume responsibility for all of Brocade’s IP networking sales, marketing and servicing activities in India. Additionally, the extended agreement with these three new channel partners will serve as an important platform for

S E R I E S

Soma Tah -Data, a Taipei-based DRAM module and flash based memory products manufacturer, is opening an Indian operation centre in Mumbai in May, 2010 as a part of long-term investment in India. “A-Data India office will ensure that customers’ needs are responded to in a timely manner. This will further strengthen our presence in the local market,” said Shalley Chen, Executive VP, A-Data Technology. In a channel event held recently in Mumbai, the vendor also announced its channel alignment and products promotions strategy in India for its different products series. The vendor has appointed Rashi Peripherals for its DRAM modules. Simultaneously, it has appointed Ingram Micro for its Flash memory and UFD products in order to reach more B, C, D-class cities, besides major metros. Apart from Ingram, Inspan and Cyberstar are also selling Flash memory and UFD products nationally. It has also appointed two regional distributors, Technocrat Infotech in Kolkata and Sanghvi Electronics in Mumbai, to focus better on the regional marketplaces in eastern and western parts of India for its entire products range. A-Data eyes 6-8 percent revenue from the Indian market this year and aims to grab 20-25 percent market share in DRAM and Flash categories.

its diversified business and growth strategies in India whose IT market is estimated to grow at 13% in 2010 for hardware, software and services combined, according to market research firm IDC India. Brocade will continue to sell storage networking products through SAN distributor Renaissance Softech & Transition Systems. “Brocade is pleased to be partnering with Smartlink, MRO-TEK and GLS in order to expand our routes to market for industry-leading networking products,” said Charlie Foo, director of partner business group at Brocade Asia Pacific. “Brocade’s partnership with SMARTLINK, MRO-TEK and GLS, will enable our end customers to leverage their extensive data centre networking and enterprise IP networking product expertise and solution support to help customers build extraordinary networks.”

Return to growth in IT services market likely in 2010: Gartner

igns of increased spending with external service providers (ESPs), when the economy recovers, point to a return to growth in the IT services market in 2010 and beyond, according to a recent survey by Gartner. The survey showed that when the economy recovers, 85 percent of organizations anticipate that their spending with ESPs will increase or stay the same. Furthermore, in their business planning, 76

DIGIT CHANNEL CONNECT

MARCH 2010

percent of organizations surveyed are optimistic about the economic recovery time frame, indicating that in their planning cycles, they are seeing that the recovery already began in 2009 or will occur in 2010. In November and December 2009, Gartner conducted a survey of 1,073 respondents, covering a range of company sizes and vertical markets (excluding government organizations) across three regions (America, Europe

and Asia/Pacific) to determine how economic changes have impacted IT services buying. “The impact of the global recession in 2008 through 2009 has been significant, in some cases radically changing a vertical market or a company’s competitive position. Buyers of services have been impacted in many areas, making them more cautious regarding IT spending,” said Allie Young, VP and distinguished analyst at Gartner.

trends Hitachi Data Systems signs Accel Frontline as Gold Partner

itachi Data Systems has signed Accel Frontline as its Gold Partner. Accel Frontline is a provider of comprehensive IT services for enterprises. This partnership will help enterprise and SMB customers across BFSI, Manufacturing, Telco, government and media avail system integration and vertical specific storage services. Vivekanand Venugopal, Vice President & General Manager, India, Hitachi Data Systems said, “With a focus on IT infrastructure services, strong system integration capabilities and experience, Accel Frontline will now deliver Agile Storage Infrastructure solutions and Storage Infrastructure Management Services. The extensive support and sales network, will help us expand and strengthen our presence across various markets.” Maqbool Hassan, Executive Vice President and Head of Operations, Accel Frontline said, “We are excited with this strategic alliance, which will enable us to provide innovative solutions to address the information infrastructure challenges of our customers. Our successful track record and demonstrated competence coupled with Hitachi Data Systems’ certification and training, will provide highly skilled integration and services to a broader range of customers across enterprises, mid-market and SMB markets.” Recognized as best practice on an industrywide basis, the Hitachi TrueNorth Channel Partner Program has offered rich incentives, marketing and sales tools, and resources and has been instrumental in increasing partner profitability and driving Hitachi Data Systems revenue since its launch in 2004.

RSA appoints new channel manager for India and SAARC

Amitabh to the team and am confiSA has announced the dent that his skills and experience appointment of Amitabh will not only propel our channel Jacob as RSA Channel initiatives and strengthen our relaManager for India and tionships further, but he will also be SAARC. In this role, Amitabh is instrumental in ensuring a successresponsible for fostering and managful channel strategy.” ing RSA channel relationships as well Jacob has held senior positions in as empowering channel partners to Sun Microsystems & IBM India over go to market with effective informathe past ten years. In his previous tion-centric solutions from RSA that Amitabh Jacob roles, Amitabh was responsible for meet customers’ needs. developing and managing channels across Ben Corser, Channel Director, Asia Pacific India, including large and mid-sized SIs. and Japan, EMC Corporation said: “I welcome

Adobe announces new channel partner programme

dobe Systems has announced the launch of the India Channel Partner Programme, which comprises more than 100 resellers nationally. To strengthen the partnership with resellers, Adobe is investing in developing their skill-sets with extensive training and certification opportunities. The programme seeks to cater to different types of resellers by using different membership criteria for resellers in three industry-based streams – Commercial, Government and Education as well as three membership S Krishnamachari levels – Platinum, Gold and Silver. It will enable joint marketing activities and go-to-market initiatives with program members. Sandeep Mehrotra, Country Head – Sales (India), Adobe Systems, said, “We value our relationship with our channel community and continue to invest in their business as they contribute to Adobe’s success in India. This programme is specially designed to equip resellers with the skills to better identify, develop and close market opportunities. It’s an educational and informative process where we closely work with resellers, allowing significant incremental revenue opportunities for both resellers and Adobe.” In response to strong market demand from the Government, Commercial and Education segments, Adobe has restructured its business in India and set up dedicated divisions to meet the increasing demand for its solutions. “Enabling resellers through a more structured training and certification process is a key element of Adobe’s Channel Partner Programme,” said Shriram Krishnamachari, Head – Channels & Distribution (India and SAARC), Adobe Systems. “Pre-sales and sales training programs offer our resellers a sharper focus on how they can build a consultative approach.”

Belkin forays into structured cabling business

elkin has announced an aggressive rollout of its structured cabling business strategy in India. Taking another important step, Belkin will also offer its entire range of copper and fibre structured cabling solutions to customers in India. “Structured cabling provides the critical backbone for any high performance, unified communi-

DIGIT CHANNEL CONNECT

their IT infrastruccation system. At Belkin we ture will be designed, understand the complex constructed, and issues involved in planinstalled to meet their ning, installing and maincurrent and future taining unified network business needs,” he communication systems added. build around Structured Understanding that Cabling solutions,” said the structured cabling Mohit Anand, Managing business requires Director, Belkin India, Mohit Anand dedicated and highly “We provide our customexperienced channel partners, ers with the commitment that

MARCH 2010

Belkin is also embarking upon an aggressive channel program to recruit, train and equip partners for its structured cabling business. With this rollout Belkin will become the only vendor in India to offer a one stop shop for providing active (wireless networking, KVM switches) and passive (Structured Cabling) networking products.

business service management

REAPING THE BENEFITS OF BSM Business Service Management helps IT improve process efficiency and provides the capability to address multiple challenges at the same time Mark Settle

an you imagine saving more than five million dollars by reusing servers and dramatically reducing lead times for asset provisioning? What if you could also reduce power consumption and the requirements for floor space by about 20 percent? The IT organization at BMC Software has achieved these results and more with Business Service Management (BSM), a comprehensive and unified platform for running IT. We have been able to meet our management challenges while achieving tremendous cost savings and improvements in IT effectiveness. Many IT organizations are focusing internally on improving process efficiency. In fact, I spend the majority of my time trying to leverage IT assets to support our global business processes. That includes leveraging all of our physical assets â&#x20AC;&#x201D; such as servers, storage devices, and network switches â&#x20AC;&#x201D; but probably even more important, getting the most value from people. Our IT staff supports routine business operations and R&D labs worldwide. BSM helps IT improve process efficiency and achieve our objectives by providing the capability to address multiple challenges at the same time. In implementing BSM at BMC, we have learned several lessons along the way that may be helpful to your IT organization. Here are some of them.

DIGIT CHANNEL CONNECT

MARCH 2010

MANAGED SERVICES SPECIAL Pay Attention to ROI Return on Investment (ROI) is a key metric of a CIO’s effectiveness. Many different forms of technology are available today to solve business problems, so you must prioritize investments judiciously. ROI is one of the absolute metrics that you can use for measuring the effectiveness of your organization’s investments in technology. Look for documented, analytically objective performance indicators that demonstrate benefits. These types of metrics can help you to make your own projections about how BSM can benefit your organization and to communicate those expected benefits to business leaders. Focus on metrics that address the various aspects of your IT organization, including people, processes, technology, and business partners. Here are some examples of improvements that can be measured in terms of ROI: s 5SING SERVICE AUTOMATION SOLUTIONS to increase the server/administrator ratio s ,EVERAGING VIRTUALIZATION TO INCREASE asset utilization and reduce asset purchase costs s )MPROVING CHANGE MANAGEMENT processes to reduce unplanned outages s )MPROVING INCIDENT AND PROBLEM management processes to improve the mean-time-to-repair and lower the overall system outage time In many cases, the business justification for implementing BSM is specific to a particular user group that IT is supporting through the use of the business service tools. The needs of an R&D group, for example, may be very different from those of a sales group or an inventory management group. The real payoff should be articulated in business terms (i.e., number of orders satisfactorily placed or volume of standing inventory) rather than in IT terms (i.e., how many user tickets were processed in a certain amount of time). Ask yourself, “What business metrics are supported by the use of business service tools?”

Consider a Comprehensive Approach We implemented best practices from the IT Infrastructure Library (ITIL) on a comprehensive basis. In many IT shops, there is reluctance to take on many changes in a short period of time. The more typical approach

is to begin in one or two areas where process improvement would be beneficial. We have realized greater benefits, however, by implementing multiple processes simultaneously. BMC began its BSM journey by implementing incident, problem, and change management in an integrated fashion, employing an enterprise-wide configuration management database (CMDB). Adherence to service level commitments is monitored continuously for individual business services and reported to BMC’s Executive Leadership Team on a quarterly basis. The CMDB has evolved into an engineering platform and plays an integral role in supporting availability and capacity management. It also contains financial data for hardware and software assets and is used to support IT’s Vendor Management Office. In implementing integrated tools and building new processes around them, there are high-leverage points in almost every process — areas (very typically around standardization of options to users) where BSM can make IT’s job easier and more effective. Across the board, you can find certain policies that will make IT’s work more efficient. The timing of certain types of activities within an IT organization can reduce unintended impacts on customers as well. As a result, you can become much more sensitive to the principles of service delivery and keeping customers continuously online. Availability is a key performance metric for all users of IT business applications. We employ a suite of monitoring tools to track the availability of all enterprise applications. In addition, we proactively employ synthetically generated transactions to monitor the availability of our ERP system and all externally provided Software as a Service (SaaS) applications. This combination of reactive and proactive monitoring tools has enabled us to identify system anomalies in advance of service disruptions and avoid potential outages. In addition, it has reduced our response times to outages when they do occur. Meantime-to-resolution of service disruptions to our Tier 1 business systems has improved by more than 20 percent over the past 15 months through the use of these tools. BMC has realized numerous benefits from implementing BSM solutions. Here are just a few.

feature Achieve a New Customer Focus

MARK SETTLE

Look for documented, analytically objective performance indicators that demonstrate benefits. These types of metrics can help you to make your own projections about how BSM can benefit your organization and to communicate those expected benefits to business leaders.

A big value that BSM provides to companies is in bringing the IT organization to the front lines as opposed to the back office. BSM has been a unifying concept for IT staff because it re-establishes the line of sight with the users in the business.

A big value that BSM provides to our customers is in bringing the IT organization to the front lines as opposed to the back office. BSM has been a unifying concept for IT staff because it re-establishes the line of sight with the users in the business. IT shops are often broken up into several, very technically oriented support teams. Each one understands only what is happening on the network, the desktop, and so on. BSM, however, looks at the needs of the business users — the actual customers. Then BSM looks at the convergence of IT capabilities, which includes the equipment, internal resources, or capabilities that are needed to address the needs of the business. In fact, the broader the implementation of BSM, the closer you are to connecting with the business. Our conversations in IT have shifted from talking less about projects on an individual basis, or about assets as a stand-alone initiative, to focusing more on delivering services to the business. These services can be related to order management, financial systems support, research and development lab support, and other areas. We also have an increased focus on using the tools in combination with processes to address business needs.

Take a Global Perspective Another big payoff of using BSM in our organization has been in global operations support. Our internal emphasis on BSM and its implementation at BMC began years ago, and BMC has become increasingly more global through acquisitions over time. As the company became more global, that unifying approach to IT operations has enabled us to expand our IT suppor t groups. We now support our global business processes out of Amsterdam, Tel Aviv, and India, as well as North America. Our functional teams operate under a cohesive BSM framework with all teams playing the roles that they need to play in the different service areas.

Keep an Eye on Spending Another benefit of BSM for us in the current economy has been in helping us to hold down spending within the IT organization. Given limitations on capital expenditures, we are no longer at liberty to go out and buy new hardware every time someone has a new

DIGIT CHANNEL CONNECT

MARCH 2010

business service management

project. BSM solutions help us monitor our existing resources closely and find ways to better utilize them. We now have higher levels of hardware utilization, which in itself is significant. But looking at the broader picture, this has also allowed us to shrink our data centre footprint, so that we now need less incremental hardware to meet rising business demand. We successfully avoided a planned $10 million data centre expansion by managing IT more effectively with BSM. Taking this a step further, we even reduced data centre power consumption by 23 percent and eliminated 900,000 pounds of CO2 emissions per year. Looking at the outcomes in these terms provides much more insight than a simple statement of “better hardware utilization.” A down economy also translates to hiring constraints, and BSM has helped our organization cope with the resulting limitations on staffing. We have been able to automate certain forms of work, expanding the output of our staff by using them in new and more valuable ways. Automated procedures have been developed for server rebooting within our production environments and server provisioning within our R&D labs. Servers can

DIGIT CHANNEL CONNECT

now be restored in a matter of seconds, instead of minutes or hours, and can be provisioned within hours instead of days. The use of scripting tools to automate the building and booting of servers has eliminated several years of full-time employee labour within our operations teams. BSM provides a framework to take people out of roles that are primarily or exclusively technical and give them a more direct view of what is happening in the business. One of the key ways that is accomplished is by automating certain repetitive processes, allowing staff to focus on a richer nature of activities to support on a day-to-day basis.

Support Virtualization Virtualization is helping many companies today to save money by using existing assets and to manage power in the data centre, as well as to address a number of other strategic objectives. BSM has supported virtualization in our large server environments. Through better server utilization, we’ve eliminated 4,000 servers and all the associated operating costs. Managing pools of servers requires the engineers and operators that oversee that activity to better understand

MARCH 2010

MANAGED SERVICES SPECIAL

WE SUCCESSFULLY AVOIDED A PLANNED $10 MILLION DATA CENTRE EXPANSION BY MANAGING IT MORE EFFECTIVELY WITH BSM. TAKING THIS A STEP FURTHER, WE EVEN REDUCED DATA CENTRE POWER CONSUMPTION BY 23 PERCENT AND ELIMINATED 900,000 POUNDS OF CO2 EMISSIONS PER YEAR.

the immediate needs of their user group. They are basically doling out portions of the pool of servers and pulling them back in on an as-needed basis. When you are operating in that fashion, as opposed to just purchasing equipment and dedicating it on a static basis to users, you get a lot of feedback from your users, and you really feel that you are part of the business.

Closing Thoughts As a result of our commitment to BSM — through improved processes and service management solutions — our IT organization has achieved a significant boost in R&D productivity and reduced costs. We’ve also cut in half the time to provision a server, enabling us to provide business services that much faster. If a server fails, the time to get it back online has improved by 30 percent. The first-call resolution rate on the service desk has increased from 70 percent to 90 percent, vastly improving customer satisfaction and reducing the costs associated with each incident. Business Ser vice Management is more of a jour ney than a destination. Mark Settle is Chief Information Officer at BMC Software.

network management

MANAGED SERVICES SPECIAL

Taking Control of

IP Network Infrastructures Organisations must ensure that their IP network is built for performance, availability and scalability Ashis Guha

oday’s IT organizations face dwindling resources and rising demands for convergence, consolidation, and virtualization. Many of these organizations are discovering that the performance, redundancy, resiliency, and scalability of their network infrastructures are no longer sufficient to meet current and future needs.

Next-generation IP networks For many organizations, IP networks are the lifeline to their businesses, enabling critical communication with co-workers, customers, and suppliers. With reliance on IP networks steadily growing, organizations risk losing revenue and business opportunities with each instance of network downtime or poor application performance. For this reason, organizations need an effective strategy for gaining greater control over their networks to minimize outages as well as more costly, difficultto-detect service degradation. At the same time, they need to adopt procedures to reduce operational risks and optimize their existing network infrastructures to meet the performance, availability, and scalability requirements of a next-generation IP network infrastructure.

Issues affecting networks Maximized performance of existing networks: Performance issues often arise when organizations underestimate the complexity of implementations—mainly the impact that any additional applications and data traffic will have on the existing network infrastructure. Many organizations do not have the time or

resources to properly plan data centre growth and simplyinstall new services and applications on the network as needed. As a result, these additions are not always installed in a manner that optimizes network performance. The issue is further compounded when there is no effective plan to efficiently balance the delivery of services. Minimizing network outages and performance issues: Organizations must approach network outages and performance issues differently to minimize or prevent such occurrences. Outages can typically be reduced by using redundancy mechanisms, such as hardware and software, with high availability built into their design, deployment, and connectivity. To further improve network and system uptime, organizations need to ensure proper configuration of the protocols that react to outages, and ensure that their network monitoring system notifies the right people at the right time. Incorporating scalability to account for growth: This is so that organizations can avoid these delays and emergency situations, and be poised to grow efficiently and with a level of predictability. It is essential that organizations can adjust to changing network demands without impacting current users and services. Reducing operational risks: To understand and address these risks, organizations should be routinely asking themselves the following questions: s 7HAT HAPPENS WHEN ONE ENGINEER HAS all the knowledge in his head and then leaves the company? s )S IT TIME TO CONSIDER A SECOND DATA centre to increase redundancy—

ASHIS GUHA

ORGANIZATIONS NEED AN EFFECTIVE STRATEGY FOR GAINING GREATER CONTROL OVER THEIR NETWORKS IN ORDER TO MINIMIZE OUTAGES AS WELL AS MORE COSTLY, DIFFICULT-TODETECT SERVICE DEGRADATION.

It is essential that organizations can adjust to changing network demands without impacting current users and services. In other words, each time a new service comes online, a network redesign should not be required to support it.

and availability—to all users? s )S THAT DISASTER RECOVERY VENDOR REALLY the best option for business continuity? s 7ILL THE 6O)0 CONVERGENCE ROLLOUT HAVE a negative impact on other applications? s (OW DO WE PRIORITIZE THE ISSUES s 7HAT OTHER ISSUES SHOULD WE BE AWARE of? An honest assessment of corporate practices and procedures is critical to ensure network efficiency, stability, predictability, and manageability. Organizations must consider services that are designed to help them gain control over and create an environment in which they can focus on their business rather than their network. Services that: s 0ROVIDE BEST IN CLASS NETWORK ENVIRONments with flexibility for growth s /PTIMIZE NETWORK PERFORMANCE TO address increased data traffic s )MPLEMENT BEST PRACTICES TO OPTIMIZE network configuration and management s 0ROTECT INVESTMENTS IN EXISTING networks s 5TILIZE TECHNICAL EXPERTISE TO BUILD sustainable next-gen networks Let’s look at what the scope of such services includes. IP Network Assessment: Reviewing the network architecture and design based on performance, infrastructure to include applications, cabling, and router and switch configurations. IP Network Design: After analyzing their unique requirements, practical design plans should be developed that best match the organisation’s budgets and schedules. IP Network Implementation: Design and configuration specifications for the new deployment, including help in mounting equipment into the prequalified racks, connecting to adjacent networking equipment, test power and interfaces, loading the configuration, migrating the network to the production environment, etc. IP Network Migration: Technical expertise and best-practice methodologies to make migration as simple and nondisruptive as possible. As organizations begin to embark on key business initiatives, such as virtualization and consolidation, they will need to ensure that their IP network infrastructures can provide the necessary performance, availability, and scalability to meet current and future requirements. Ashis Guha is Country Manager of Brocade India.

DIGIT CHANNEL CONNECT

MARCH 2010

managed print services

MANAGED SERVICES SPECIAL

Drive Cost

DOWN

Managed print services are a simple way to get a handle on undocumented, unpredictable and, often, excessive printing spends Nitin Hiranandani

NITIN HIRANANDANI

s we are all aware, the pressure to drive cost out of IT continues to increase on the IT teams. Enterprises are continually seeking ways of driving cost out of managing their IT infrastructure without compromising service quality or business continuity and the printing environment is now an integral part of the IT infrastructure. Thus it comes as a surprise that yet 90% of all companies in the world don’t invest in tracking the cost of distributed office print. This in turn results in losses due to unmanaged and seemingly out of control printing, copying, document retrieval and general paper management. Industry expert Gartner states that organizations are steering their focus to towards researching the costs of office print, copy, and fax functions, and assessing a managed print services approach to meet its office output needs. Further, Gartner estimates that companies could save up to 30% on printing costs through better management of the distributed print environment. As more and more organizations look for ways to reduce costs and conserve capital, many are turning to managed print services as a simple way to get a handle on largely-undocumented, unpredictable and often excessive annual printing expenditures. By opting for managed print services (MPS), organizations can reduce the total cost of ownership associated

DIGIT CHANNEL CONNECT

with an unmanaged print environment by assessing the existing printing environment, as well as reducing environmental impact and achieving cost savings. It proven that managed print environment can help reduce printing costs by as much as 30%. Managed print services have emerged as a way to create efficiencies in the print environment through device consolidation, ongoing print management and document workflow solutions to support business processes. These solutions are customizable and provide a flexible, hassle-free way to procure printing hardware, supplies, service and support in one convenient, bundled contract. Through MPS, one can customize solution by choosing from a scalable menu of standard and custom service options that meet the company’s specific business needs. Using MPS optimises the way in which networked printers, copiers and multifunction peripherals (MFPs) are managed to minimise the wastage of paper and toner/ink cartridges. By adopting efficient and responsible printing practices, businesses can save consumables and energy while reducing downtime and improving productivity. Better printing practices also contribute towards reducing the environmental impact of printing. For instance, according to Gartner, organizations can potentially reduce annual paper costs by at least 30% by selecting duplex printing as the default setting

MARCH 2010

As many as 90% of all companies in the world don’t invest in tracking the cost of distributed office print. This results in losses due to unmanaged and seemingly out of control printing, copying, document retrieval and general paper management. BY ADOPTING EFFICIENT AND RESPONSIBLE PRINTING PRACTICES, BUSINESSES CAN SAVE CONSUMABLES AND ENERGY WHILE REDUCING DOWNTIME AND IMPROVING PRODUCTIVITY. BETTER PRINTING PRACTICES ALSO REDUCE THE ENVIRONMENTAL IMPACT OF PRINTING.

across the output fleet. Organizations can achieve this by deploying duplexcapable devices and setting duplex printing defaults at the network level through effective printing tools. Some of the best practices for Managed Print Services: 1. Develop a print strategy: For any corporation who wishes to reduce costs by managing their printing, a document and print strategy is essential. Further, establish a baseline which is used as the kick-off point for developing the corporate print strategy. During baseline assessment, best practices incorporate all costs into the picture, not just consumables - the largest cost being human resources. 2. Treat Printers as an asset: Best practices recognize that the printer fleet is a corporate asset, and thus, should be managed like any other IT asset. 3. Reduce: The direction of managed print services is to reduce – to reduce total costs, to reduce the amount of printing, to reduce the number of devices, to reduce the number of manufacturers and models, and to reduce the number of vendors. 4. Automate: Managing print services in a cost effective manner requires automation of many of the processes involved. The printer fleet management tool should also automate: service requests in the event of a device alert or toner request, maintenance reminders, device retirement and replacement, scheduled reports, and so forth. 5. Monitor, Measure, Manage: The key to sustaining the savings reaped from managing printing is measure, adjust, measure adjust on a continuous and ongoing basis. The report card should provide areas where improvements can be made such as moving, swapping, or replacing – always with an eye to managing more of the corporation’s devices in combination with reducing total printing costs. Keeping the above in mind, a vendor needs to have a deep understanding of its customers’ requirements and thus offer a total printing solution enabling customers to manage their print environment with the latest printer technology, supplies, support and maintenance services. Nitin Hiranandani is Director – Managed Enterprise Solution, Imaging and Printing Group, HP India.

MANAGED SERVICES SPECIAL

application management

DOING it RIGHT

n the digital era where heaps of data, information and knowledge are tossed every day on the net, every facet of life needs an application. An application that caters to the specific need of a user and increases the accuracy, efficiency and effectiveness of the task at hand. In large organizations, many large applications are developed and managed by the tech staff. But here, we are going to talk about small applications which are critical and important. For instance, applications meeting statutory requirements in the field of, say, Excise, Income Tax, Tax Deducted at Source, Value Added Tax, Service Tax, Provident Fund, Employee State Insurance, etc. These are the applications which are critical in terms of time and accuracy. We will discuss a few points that touch channels and vendors in terms of managing these applications.

Testing Time is the essence in development, delivery and management of such applications. As soon as a statutory amendment is announced, the developer must provide its update at the fastest pace while being flawless. But in case of small applications, the developer has limited resources, making thorough testing a difficult task. Here the role of channels becomes crucial. They have to assist the vendor in testing the application to make it bug-free. Since they are near to the fire (actual users) they very well know the critical areas of the application and can do thorough testing work before distribution of the same.

Feedback system A proper feedback system should be in place with the channels to record each and every issue that is raised, study its causes and suggest solutions for it. Every application has numerous problems that are reported very frequently. If a feedback system is in place, it would be easy to identify frequent queries and to be prepared with their resolution immediately, increasing customer delight.

Channels that work on small but critical applications must get some basics right in order to match the fast pace of change Nilesh Shah

Staff selection The staff required by the channel may not be highly qualified in the field; at the same time, they must have good analytical skills and should be trainable. The after-sales support in managing applications is very crucial, and requires the ability to analyse the problem in various contexts and suggest most appropriate solutions, in time.

Training the staff Politely listening to the issue, applying experience and resolving it to the highest level of customer satisfaction should be the ultimate goal of training the support staff. Effective listening, talking on the phone, patience, a positive mental attitude and interpersonal skills are some of the areas that need to be looked into. Identifying the exact issue by asking minimum questions, finding the exact solution from the FAQ list prepared from the feedback system, and managing the application in the best manner is the crux of staff training.

Training the customer Customers, too, must be trained on issues like proper periodic back-up, update of applications, and causes and solutions to critical frequent issues in order to reduce the support load while increasing customer satisfaction. Ready PowerPoint presentations with

NILESH SHAH

In case of small applications, the developer has limited resources, making thorough testing a difficult task. Here the role of channels becomes crucial. They have to assist the vendor in testing the application to make it bug-free. IDENTIFYING THE EXACT ISSUE BY ASKING MINIMUM QUESTIONS, FINDING THE EXACT SOLUTION FROM THE FAQ LIST PREPARED FROM THE FEEDBACK SYSTEM, AND MANAGING THE APPLICATION IN THE BEST MANNER IS THE CRUX OF STAFF

TRAINING.

screen shots, or videos of critical areas of the application must be kept ready and freely distributed to help customers manage most things on their own.

Domain knowledge There must be a person in the channel organisation, might be the CEO or a person in a senior position, who has the knowledge of the field, the domain for which the application has been developed.

Critical challenges A provision should be made to meet any eventualities when the customer faces a statutory deadline and the application is not working properly or not working at all. Use of applications like desktop transfer may be employed in such circumstances. Rushing to the clientsâ&#x20AC;&#x2122; place, too, may be what is needed. Providing a standby application, even with the requisite hardware for the time being, can raise the graph of your popularity and rank in the preference list of customers. As is rightly said, Change is the only constant in the world. And things change at an ever-increasing pace. To match such speed, the channels will need to work as catalysts to make the changes rapidly available to the users as well. Â&#x201E; Nilesh Shah is Managing Director of Vadodara-based Sani Software Pvt Ltd.

DIGIT CHANNEL CONNECT

MARCH 2010

cloud computing

REDEFINING

VALUE COMPUTING

The initial hype surrounding cloud computing is giving way to widespread adoption based on real business benefits Sharad Sanghi

“I

T departments will have little left to do once the bulk of business computing shifts out of private data centres and into the cloud,” predicted tech author Nicholas Carr in his book The Big Switch: Rewiring the World, from Edison to Google. While this exaggerated statement earned the wrath of many CIOs and industry veterans, it underscores the tremendous potential that cloud computing wields. While I don’t necessarily agree with the statement, I do believe that cloud Computing

DIGIT CHANNEL CONNECT

MARCH 2010

adds a dimension of simplification into IT. Cloud computing involves the provision of dynamically scalable and virtualized resources that are provided as a service over the Internet. They are usually delivered through data centres equipped with servers with different levels of virtualisation technologies. This allows businesses to manage and provision IT infrastructure depending on business demands. The attractive proposition offered by this technology is that users do not need expertise over the tech-

MANAGED SERVICES SPECIAL nology infrastructure in the “cloud” that supports them. Cloud computing usually includes one or more of the following: infrastructure as a service (IaaS); Platform as a service (PaaS) and Software as a Service (SaaS). Cloud computing customers do not generally own the physical infrastructure that hosts software and applications. Cloud computing service providers provide a pool of computing infrastructure that is virtualized and abstracted across many enterprises, unless it’s a ‘private’ cloud – something deployed exclusively for one customer.

Rapid adoption Last year, cloud computing was touted as the next big technology wave that would change the way IT infrastructure and services are delivered. Gartner predicted in its 2008 Hype Cycle for Emerging technologies that cloud computing, would have “transformational impact” on the enterprise. Sure enough, in 2009, the move from obscurity to pervasiveness is complete with many enterprises in India testing the waters and coming up convinced about the benefits of cloud computing. A survey by Applabs released in June 2009 indicates that 30 percent of global companies have already adopted cloud Computing and an additional 20 percent are planning to do so within the next 12 months. One of the reasons why companies are compelled to ride the trend is the economic recession. At a time when IT purse strings are drawn tight, cloud computing emerged as timely technology that reduces steep capital expenditure (capex) on hardware, software and services and hassle free hosting on a usage basis. The cloud is being acknowledged as a reliable platform for hosted applications and e-mail, scalable storage and on-demand computing power. Users of the cloud prefer the flexibility, reasonable pricing and demand oriented usage. IT teams are better prepared to handle large spikes in traffic and loads seamlessly. However, despite the undeniable benefits that the cloud offers, some CIOs are still hesitant to embrace it. The Applabs survey reveals that lack of awareness was a major constraint for adoption of cloud computing and, while security concerns also weighed in heavily as a major deterrent. As with any new trend or technology, concerns over

security, viability and business value of the services are bound to exist. Let us examine some of the concerns:

architecture physically separates one company’s data from the other.

Benefits of a cloud Security One of the biggest concerns is that of security. Some feel that the cloud is an unknown and insecure world where everybody’s data is mixed up with no boundaries. In reality, nothing could be further from the truth. The boundaries that segregate customers’ environments from each other on a cloud are reinforced and protected by the most stringent methods, using the highest levels of security. World-class Service Level Agreements further reinforce the levels of security that a service provider offers on their cloud platform. While some applications rely on the storage of such data as customer records and emails within the cloud, there is an entire class of applications that reap the benefits of cloud computing without any risk to confidential data. If enterprises are wary of deploying infrastructure from a common pool, they also have an option of a private cloud where they can directly create virtual applications that they need from dedicated servers.

Billing Enterprises rent usage of computing power from a third-party provider. So they pay only for the resources they use. Cloud-computing offerings follow the utility billing model traditionally followed by utility services providers such as electricity or gas. Some providers are allowing flexible options such as monthly and even hourly billing. IT managers and CIOs who are accustomed to the fixed costs associated with owning hardware face the anxiety of dealing with a new billing model totally different from the typical billing. While comparing the economies of scale and larger benefits of a cloud, the effort of adjusting to the new business model is a lesser headache.

Gaining control over applications and data When data is stored in the cloud, there is a concern about how much control an enterprise has over its data especially when it resides on infrastructure that is elsewhere. The cloud’s intrinsic multi-tenant

SHARAD SANGHI

Cloud computing customers do not generally own the physical infrastructure that hosts software and applications. Cloud computing service providers provide a pool of computing infrastructure that is virtualized and abstracted across many enterprises, unless it’s a ‘private’ cloud – something deployed exclusively for one customer. CLOUDCOMPUTING OFFERINGS FOLLOW THE UTILITY BILLING MODEL TRADITIONALLY FOLLOWED BY UTILITY SERVICES PROVIDERS SUCH AS ELECTRICITY OR GAS. SOME PROVIDERS ARE ALLOWING FLEXIBLE OPTIONS SUCH AS MONTHLY AND EVEN HOURLY BILLING.

Reduced Cost: The cost of entry for start-ups is lowered since any company big or small can use the cloud to literally run their business. They have immediate access to a wide range of applications. Users can avoid capital expenditure on hardware, software, and other services and instead pay the provider only for those utilities they use. Reduced capital expenditure leaves a larger budget outlay for other activities important to an enterprise. Scalability and Flexibility: The scaleas-you-grow model means that you can tap into more compute resources and services as your business picks up. The ability to scale up and modify activities according to user demands makes the company more nimble and quick to adapt to the changing economic scenarios. Access to good technology: Businesses can explore new technologies and products without worrying about issues such as cost, software upgrade, training IT people to run the new systems and disruptions. Upgrading to a new system can be done fast sans disruption or losing time on migration of technology. Highly Automated: IT personnel need not worry about managing software upgrades or manual management of systems. Allows IT to focus on core operations With IT team not having to worry about trouble shooting, ser ver updates, management and other infrastructure issues, IT is free to focus on key issues like innovation, increasing productivity, and activities that can increase efficiency and improve business. Given today’s competitive business landscape, cloud computing has emerged as a business enabler especially for newer and innovative companies to adapt to the market and scale up fast. As Forrester Research analyst James Staten stated last year, “As the gap widens between enterprise and Web giant economics, it may get to the point that it no longer makes financial sense for many businesses to run their own servers. When this happens, will you be a cloud or a cloud customer?” Sharad Sanghi is CEO & MD of Netmagic Solutions.

DIGIT CHANNEL CONNECT

MARCH 2010

MANAGED SERVICES SPECIAL

application delivery

BREAK CLOUD in the

Mature, well-proven application delivery controllers hold the key to unlocking the potential of cloud computing Sanjay Deshmukh

hile there is still broad enthusiasm towards cloud computing, many people’s outlook seems to have darkened. It’s nothing more than the usual cycle of over-excitement followed by a backlash as early efforts meet the initial challenges; a refreshing moment of realism in what will still prove to be a wind of IT change. The two biggest barriers revolve around exactly where an organisation’s data resides, and just how reliable IT can be served in a cloud environment.

Where’s my data? Where data is stored is primarily a legal issue. Financial services companies, in particular, are extremely sensitive to where data is stored for fear of falling foul of various legal jurisdictions. Indeed, some organisations deliberately base themselves in favourable tax locations, and would be horrified at the thought of their data invoking a different tax administration. Likewise, companies can be concerned

DIGIT CHANNEL CONNECT

that trade secrets stored in countries with a relaxed attitude towards intellectual property rights could leave them vulnerable to competitors. Cloud computing offers considerable cost savings and much data, while of little financial value, must still be processed and stored. Thus, companies are keen to embrace cloud computing at one end of their data spectrum, but reluctant to take anything more than a low-level tentative step.

Availability and reliability The thought of a critical business application, say, air traffic control, only being available ‘in the cloud’ would terrify passengers, given they all will have experienced major websites – Hotmail, Twitter, Google for example – being unexpectedly ‘down’ and assume the aeroplane could suffer a similar fate. It’s a fear that has haunted online retailers for years: the fretful moment when the the website fails to respond at checkout. Ironically, remedying this concern has led to tech that will also ease anxieties over cloud computing.

MARCH 2010

Application delivery controllers THE APPLICATION DELIVERY CONTROLLER (ADC) WILL BE A CORNERSTONE OF IT SYSTEMS IN A WORLD OF SERVICEORIENTATED ARCHITECTURE (SOA), WEB 2.0 APPLICATIONS AND CLOUD COMPUTING.

Early online retailers put a lot of effort into distributing requests across a group of servers responsible for delivering a specific web application, such as round-robin DNS. Over time this evolved into an approach called loadbalancing, which improved website performance but still didn’t reliably ensure that ‘shopping carts’ weren’t timed out at check out. Traditionally, the load-balancing world belongs very much in the networking arena, with networking vendors selling networking solutions to end-user network IT people. Indeed, the adoption of application delivery controllers (ADCs) is often held back by the traditional silos within enterprise IT teams between ‘network people’ and ‘application people.’ Breaking out of that silo mentality, broadening outside of traditional networking confines and into application deployment and management, led to the development of ADCs. A decade on, the ADC has become broader still, and will be a cornerstone of IT systems in a world of service-

MANAGED SERVICES SPECIAL orientated architecture (SOA), Web2.0 applications and cloud computing.

Problem solving steps Like almost every other area of enterprise IT, cloud computing is far from a ‘one-size-fits-all’ solution. There are at least five types of cloud architecture, from the basic public internet to an ‘accelerated internet’ (where ADCs can significantly speed performance), an ‘optimised internet,’ a ‘private cloud’ utilising VPN and an ‘internal cloud’ based solely on an enterprise’s own equipment. The accelerated internet model is emerging as the most common model and, as a result, both cloud providers and enterprises are embracing ADCs to speed performance and manage traffic. Even away from cloud computing, accelerated performance is a burning issue for most enterprises. The past decade has seen huge growth in browser-based enterprise applications, from enabling online support, booking and sales systems to delivering a back office application to a remote site. These services create new demands on IT infrastructure because of “chatty” and complex protocols.

As a result, end-user performance can be very disappointing unless issues such as bandwidth, latency, and, of course, security are suitably addressed. Organisations adopting application delivery controllers will significantly improve internal application performance. For external facing applications, end-user experience will improve considerably which will be evident through better customer and partner satisfaction. The intelligent routing capabilities of ADCs also allow data to be identified and channelled according to pre-defined rules. In other words, financial data can be housed within an internal cloud at all times, while less sensitive data can be directed into an external cloud. The same technology used to aid virtualisation in the first place, and to speed the delivery of services and applications over the internet and across the various flavours of cloud computing, can also provide the answer to the crucial question of knowing where one’s sensitive data is stored.

application delivery

Problem already solved?

SANJAY DESHMUKH

The accelerated internet model is emerging as the most common model and, as a result, both cloud providers and enterprises are embracing ADCs to speed performance and manage traffic.

Although they address challenges posed by emerging technologies such as cloud computing and Web 2.0 applications, application delivery controllers are a mature and proven technology. Having been born out of load balancing, as organisations have replaced load balancing systems many have upgraded to ADCs without acknowledging the opportunities they present. Chances are that a review of an organisation’s installed infrastructure will reveal a level of under-deployed ADCs. Working from that base, an organisation can quickly build its internal ADC skills and better understand the benefits on offer. By placing ADCs at the centre of its infrastructure, an organisation can significantly improve its internal and external delivery of services and – depending on how far ADC has grown by stealth – potentially at very little cost. With application delivery much improved, the infrastructure is then in place to take advantage of cloud computing, in whatever form it takes. Sanjay Deshmukh is Area VP - India Subcontinent, Citrix Systems.

DIGIT CHANNEL CONNECT

MARCH 2010

managed telepresence

The

TIPPING POINT

Has the technology for telepresence finally come of age? A look at costs, maturity of technology and business imperatives suggests that it has Pradeep Sreedharan

DIGIT CHANNEL CONNECT

elepresence is by no means a new technology. Videoconferencing, the forefather of telepresence, was being tested as far back as the 1930s over closed circuit television links, while the 1960s saw the technology being tested using telecoms networks. Telepresence was tipped for greatness from the outset. During the 1960s, when technology was advancing at an exponential rate, anything seemed possible, and telepresence fired the imaginations of a raft of science fiction writers who predicted that by the 21st Century it would be our main form of communication. Despite all that, telepresence and video conferencing never made the leap into mass usage, never quite living up to the promise. The reason for this was that developers could not produce a solution that combined the high

20 MARCH 2010

quality and low cost needed for mass adoption. For decades video conferencing was synonymous with slow speeds, poor picture quality and low levels of usability. Without being able to get video conferencing right, telepresence was never going to take off. Telepresence demands much more than video conferencing. It requires video to run at real time and to be so clear it actually feels like the person you are speaking to is in the same room as you. It seemed that telepresence would never make the leap from science fiction to real business usage â&#x20AC;&#x201C; until now. Today, telepresence is once again causing a stir in the technology and businesses worlds. For the first time, however, the technology seems to be living up to the buzz and actually sitting on the verge of mass adoption. A recent report by telecoms analyst house,

MANAGED SERVICES SPECIAL Ovum, predicted that managed telepresence services will provide a significant new stream of revenue for operators in the next five years, totalling around $1.7bn between 2010 and 2014. This is an analysis we whole-heartedly agree with. We are having more conversations than ever before with our customers about the benefits of the technology and we expect to see a rapid growth in live deployments over the next few years. But now that telepresence seems to have come of age, what makes this current wave of interest in the technology dif ferent to the past? What are the drivers behind adoption, and how will they lead to mass adoption of telepresence? A necessar y condition for the success of telepresence is the maturity of the technology. Without this underlying improvement businesses will never be able to replace face-toface communications with telepresence. Today, we have reached such a level of maturity in all aspects of teleconferencing that the user experience is breathtaking. Compression technologies have improved to a point where image data can be compressed – at a rate of about 1:500. This is due to improvements in the codecs – the coder/decoder devices which make compression a reality. The hardware used in telepresence has also become much more advanced. The suites of fered by ve n d o r s s u c h a s Ta n d b e r g a n d Polycom now come with HD quality screens that can be fitted into entire conference rooms to give a totally immersive ef fect. The experience truly has to be seen to be believed. It feels as if the parties you are talking to are actually sitting at the same table as you – it is easy to forget that you are actually holding little more than an advanced telephone call. None of this would be possible, however, without the improvements to the underlying network that supports the telepresence solution. One of the major barriers to telepresence in the past was that telecoms networks were simply not up to the task, running at speeds far too slow to support the application. This led to a very jittery user experience hampered by time delays and dropped packets. The only alternative was a highly expensive specialist

connection which had to be dedicated solely to the video call, all but impossible for the majority of businesses to build a supporting business case. Today, however, next-generation telecoms networks have the bandwidth and intelligence to support the demands of telepresence. Next-generation networks (NGNs) are based on Inter net Protocol (IP), an ideal technology for transporting compressed video, and today are being delivered as a managed network with up to 1Gbps of throughput – more than enough to suppor t teleconferencing. NGNs are built to provide multiple services over the same network, so the voice and video elements of telepresence can be effectively supported and delivered simultaneously in real time. This has meant that, for the first time, a crystal-clear, jitter-free service can be provided. Moreover, the network is not just dedicated to the video session; the huge bandwidth available means that a business can run all its networking functions, including voice, data and internet, simultaneously while the video conference is in session. Suddenly the business case stacks up. Just because something can be done, however, it does not mean it will be done. There needs to be a significant cultural shift within businesses for them to once again take telepresence seriously as a service. There is evidence, however, that this cultural shift is happening and it has been driven by the most unlikely of sources – the worldwide global recession. As the recession has progressed businesses of all sizes have been looking at how they can cut costs and make their operations more efficient. One of the greatest impacts of this appraisal has been on travel budgets. The vast majority of companies have, over the past 12 months, put stringent travel restrictions in place, virtually banning all but the most essential of travel. This has led to a resurgence in tele-conferences for meetings of all siz es and importance.

Real benefits Most would agree, however, that

PRADEEP SREEDHARAN

TODAY, FACING AN INCREASINGLY STRINGENT POLITICAL DRIVE FOR A REDUCTION IN CARBON EMISSIONS, BUSINESSES HAVE TO MAKE REAL STEP CHANGES TO THE WAY THEY OPERATE. TELEPRESENCE WILL FORM A KEY PART OF THIS. Next-generation telecoms networks have the bandwidth and intelligence to support the demands of telepresence. They are based on Internet Protocol (IP), an ideal technology for transporting compressed video, and today are being delivered as a managed network with up to 1Gbps of throughput.

a phone call can never replace faceto-face communications. The importance of non-verbal communication cannot be over-stated and forms an integral part of human interaction – with some studies claiming that 93% of all communication is nonverbal. Subtleties of emotion can only be conveyed through actually seeing the person you are talking to while the nuances of language are clarified through facial expressions and body language. This is why businesses are increasingly looking to telepresence – here they get the full benefits of face-toface communication without having to leave the office. The benefits this engenders in terms of cost savings to the business are huge and they can receive ROI within a very short space of time. Another cultural shift that is promoting the use of telepresence is the increased concern over the environment. Reducing corporate carbon emissions has moved well beyond being a simply PR tool – paid lip service in order to promote a company’s g reen credentials. Today, facing an increasingly stringent political drive for a reduction in carbon emissions, businesses have to make real step changes to the way they operate. Telepresence will form a key part of this. By removing the need to travel for businesses meetings, businesses can save hundreds of thousands of kilograms of carbon from entering the environment while preserving the world’s dwindling supplies of fossil fuels. We have estimated that last year, through the use of our telepresence suite, we have saved 600,000 kg of C02 from travelling less. For any product, service or idea to gain wide currency in a market, there needs to be a confluence of factors which together make the time right for adoption. The time for telepresence, it seems, has just come. With the maturation and lower costs of the technology as well as a cultural shift in the ways businesses perceive travel, these services are finally viewed as being ripe for exploitation. Within the next five years we believe telepresence will become a cornerstone of any businesses’ communications platform. Pradeep Sreedharan is Director – India Operations, Cable&Wireless Worldwide.

DIGIT CHANNEL CONNECT

MARCH 2010

managed security

MAKING

ENTERPRISE SECURITY

EASY

Just using security products is not enough â&#x20AC;&#x201C; it is how you manage people, processes and technology that makes a difference Vishal Dhupar

DIGIT CHANNEL CONNECT

22 MARCH 2010

ffective security helps maintain the integrity of valuable assets, enables compliance with industry regulations, and helps ensure the integrity of a trusted brand image and sustain business continuity. But providing an effective level of security requires state-of-the-art technology, experienced personnel, proven processes, and continuous threat intelligence that few organisations possess. Those organisations that choose to tackle these issues in-house invariably find themselves struggling to identify security events, provide security event alerts, and respond to threats. Specifically, the challenge is how to quickly identify which assets are at risk, determine the impact of breaches, and prioritise incident response. To make good decisions and protect information assets, companies must understand what is happening both inside and outside the corporate network. Security technologiesâ&#x20AC;&#x201D;including firewalls, network and host intrusion detection, and prevention systemsâ&#x20AC;&#x201D;have created a tremendous volume of information, and handling that information only makes security problems more challenging. As a result, organisations often find themselves choosing between two options: managing security in-house, or outsourcing either all or some security management to a managed security services provider (MSSP). With customers and partners dependent on accessing critical data via open networks such as the Internet, organisations must ensure the integrity of this information or risk jeopardizing their brand equity. In short, they need to protect the bottom line, the corporate image, and the brand. Organisations face a number of barriers to achieving and maintaining effective security programmes, including:

MANAGED SERVICES SPECIAL Security a core requirement, but not a core competence: Companies must ensure that their information is properly protected. Managing data security requires constant vigilance and accountability for every change in the state of the network and systems connected to it. Organisations often find they lack the in-house skills to manage this task. Need to find, hire, and retain security staff: Because of the strong demand for talent, organisations are finding it expensive to recruit—and difficult to retain—security professionals. A lot of time can be absorbed by the constant juggling of resources, resume sifting, interviews, contracts, and attrition. Security staff overloaded with routine daily operations: While the security staff commits to the tasks, they often lack time, expertise, and technical resources to provide effective, enterprise-wide monitoring and management on a 24x7x365 basis. Need to develop a repeatable process for identifying and escalating security incidents: Trying to determine what constitutes a security incident can be difficult. Traffic that looks benign to the untrained eye can be highly malicious when correlated with other security information. Understanding how to develop a repeatable process that can be quickly and consistently executed can be daunting for many organisations. Security products generating vast amounts of difficult-to-manage data: To protect corporate information assets on a 24x7x365 basis, and to identify and counteract security attacks in real time, staff must constantly analyze disparate data from various security devices, such as firewalls and intrusion detection systems. Security staff can attempt to consolidate this data for viewing purposes, but most consolidation software tools lack the ability to generate meaningful information. Growing volatility and sophistication of threats: The threat landscape has evolved from large-scale threats to quieter, more targeted attacks engineered to include multiple exploitation methods. These lower-profile attacks are engineered by cyber-criminals searching for new ways to steal information for financial gain. The attacks propagate more slowly to avoid detection and to increase the likelihood of compromise before security measures are put in place. The new reality is clear: Fraudsters and hackers are working in concert for financial gain—and they are relying increasingly on the Internet.

Proactive intelligence: Setting up a security operations centre in-house can be expensive and cumbersome, and many organisations that do so still aren’t aware of emerging Internet threats and vulnerabilities. Organisations that don’t stay abreast of new threats are left to react to new challenges as opposed to being proactively protected. Cost-ef fective 24x7 protection: Increased regulatory demands for business continuity coupled with a thrust for availability of systems to clients and partners is driving the need for cost-effective security protection on a 24x7x365 basis. The cost of building and staffing an SOC is daunting; it involves hiring 24x7x365 staff, implementing and tuning security information and event management technology, establishing processes, and managing the function. Furthermore, there is a high cost of entry just to have an in-house security management capability, regardless of the size of the security architecture.

Advantage MSSP Beyond pure cost, there are a number of advantages an organisation receives from a professionally managed service contract with a team of dedicated professionals. Partnering with an experienced, well-established, and professional MSSP offers enhanced levels of protection, 24x7x365 vigilance, a strengthened security posture, and a potential decrease in the risk of cyber-threats. Providing effective security requires powerful technology, accurate threat intelligence, proven processes, and experienced professionals to bring it together. But in today’s era of complex environments and limited resources, it can be difficult and costly to evaluate and deploy security controls capable of keeping up with the threat landscape. The key is to leverage the right combination of people, processes, and technology. Organisations can take advantage of the expertise of MSSP security analysts and engineers who manage and monitor security devices on a full-time basis. These analysts identify and respond to thousands of security incidents and attacks every day. This means that, compared to in-house security staff, they are more aware of threats and are more knowledgeable about best practices for protecting critical data. An experienced MSSP maintains a research capability dedicated to staying abreast of the latest cyber-threats, vulnerabilities, hacker techniques, and

VISHAL DHUPAR

PROVIDING AN EFFECTIVE LEVEL OF SECURITY REQUIRES STATEOF-THE-ART TECHNOLOGY, EXPERIENCED PERSONNEL, PROVEN PROCESSES, AND CONTINUOUS THREAT INTELLIGENCE THAT FEW ORGANISATIONS POSSESS. Managed Security Service Providers offer service-level agreements (SLAs) that define a contractual obligation to deliver services in a particular manner and within a specific response-time window. The SLAs determine the services the MSSP will provide and the performance targets they must achieve.

managed security

security developments. Constant monitoring of security alerts and advisories is essential to providing maximum protection against security threats. MSSPs offer service-level agreements (SLAs) that define a contractual obligation to deliver services in a particular manner and within a specific responsetime window. The SLAs determine the services the MSSP will provide and the performance targets they must achieve, and they define exactly what will be delivered and when specific organisational requirements will be met. A thorough MSSP will provide aroundthe-clock coverage for a client’s most critical systems, monitoring networks and infrastructures to ensure protection during the hours most hackers attack. This vigilance, especially important in an always-on, always-connected business environment, ensures that information assets are protected. Many organisations purchase security products that, for a variety of reasons, are never fully implemented. A highquality MSSP ensures that purchased solutions are installed, implemented, and integrated to provide the ongoing value an organisation needs and expects. By partnering with an MSSP to protect critical information assets, organisations can avoid the extensive personnel costs associated with hiring, training, and retaining security professionals. Managed security services reduce total cost of ownership by delivering predictable costs for security coverage. Because managed services are billed at pre-defined periodic intervals, organisations are also better able to predict and manage their security-related budgets. Effective security management requires a combination of skilled personnel, best practice processes, and stateof-the-art technology. A thorough cost analysis is important when evaluating an MSSP, but it comprises only part of the total analysis. Levels of staffing, security expertise, specialised skills that may only exist in-house, and existing security investments are other important considerations. Deciding between leveraging in-house security resources and partnering with an MSSP requires research and budgetary scrutiny, for both the short and long term. Ultimately, organisations should choose the option that will allow them to maintain a strong security posture and enables them to pursue their primary mission. Vishal Dhupar is Managing Director of Symantec India.

DIGIT CHANNEL CONNECT

23 MARCH 2010

Calender Camera Action

Clicked

Meet the passionate photographers of the Channel Community

cloud computing

MANAGED SERVICES SPECIAL b. Reduction of users and applications is also easy.

The

Vendor roadblocks

HEAT IS ON Is cloud computing a gamechanging technology or just one of those overhyped passing fads? Suresh Ramani SURESH RAMANI

loud computing is ‘hot’. You open any technology m aga z i n e a n d yo u w i l l surely find enough pages talking about it. Even the general press, including daily newspapers, has been publishing articles about the cloud. However, for a majority of people out there, it’s just a buzzword. Let’s try and understand whether it is a game-changing technology or just another tech fad. Essentially in cloud computing, your applications and data are stored in a ‘cloud’. If the cloud is hosted by you, then it becomes a private cloud. Else, it is a public cloud (Amazon, Google, Microsoft). Another characteristic of cloud computing is that you should be able to provision resources on the fly. These resources could be additional users, more storage, more applications, etc. Having understood the meaning of cloud computing, let’s try and understand the benefits of a cloud computing solution:

Reduced running costs a. Since the servers are not on premise, you save on power and also the cost of air conditioning. b. There’s no need for helpdesk team 24 x 7 as monitoring is done by the cloud vendor. c. Use of the latest software is possible without the headache of migration to new versions. d. Server patch management is no longer an issue as it is done by the cloud vendor.

Increased security and availability a. Ve n d o r d at a c e n t r e s a r e invariably more secure than your environment. b. The top vendors guarantee high availability by having their data centres globally distributed.

Flexibility in deployment

Reduced fixed costs a. No need to purchase server hardware b. No need for server software licenses

DIGIT CHANNEL CONNECT

26 MARCH 2010

a. Adding users and applications can be done just in time. So no need to have a head room for growth for the next three years when making a purchase.

One of the characteristics of cloud computing is that you should be able to provision resources on the fly. These resources could be additional users, more storage, more applications, etc. Many solutions providers are not very enthusiastic about cloud computing. They fear that the control they exercise over clients in an on-premise solution will be lost if customers migrate to the cloud. As a solution provider, we also had this view.

There are a few roadblocks which the cloud vendors need to negotiate successfully especially if they wish to succeed in a value economy like India. Some of the concerns which customers have expressed are: Implications of the Patriot Act of the USA: Since the top vendors have the major data centres in USA, customers are worried about their data being handed over to the US officials as is a possibility under the Patriot Act. Need for local data centres: Many Customers are demanding Indiabased data centres. Dif ferential pricing for Indian customers: Currently the vendors are following the policy of ‘one price fits all’. That may not work well in India since the cost of technical support is much lower in India as compared to Europe and USA. Latency: For applications like ERP, customers are concerned about the latency which could be a make or break issue.

Threat to solution providers? Many solutions provider s are not very enthusiastic about cloud c o m p u t i n g. T h ey f e a r t h at t h e control they exercise over clients in an on-premise solution will be lost if customers migrate to the cloud. As a solution provider, we also had this view. But a year back, we moved some of our applications over to ‘public cloud’. And we are very happy with the results. We are clear that the cloud is here to stay. We prefer to look at the cloud as an opportunity rather than a threat. To be relevant in the cloud space, we are tweaking our business models. A typical cloud implementation of email and collaboration would include additional services like custom integration and application development along with generous amounts of consultancy. So we are trying to transition from a Solution Provider to a Trusted Business Advisor. And that is the path most of the solutions providers have to take if they wish to be relevant in the cloud era. Suresh Ramani is CEO of Techgyan, a technology solutions provider.

cloud computing

MANAGED SERVICES SPECIAL

THINK IT THROUGH

While the benefits of the cloud are evident, businesses must be aware of what they are getting into and be able to mitigate the risks Govind Rammurthy

loud service providers are leveraging virtualisation technologies combined with self-service capabilities for computing resources via the Internet. In this environment, virtual machines from multiple organisations are located on the same server in order to maximise the efficiency of virtualisation. Enterprises are looking toward cloud computing horizons to expand their infrastructure, but no one can afford the risk of compromising the security of their applications and data. On the first look, cloud computing has the cost saving potential offered by service providers by taking data storage and applications online. The benefits of cloud computing are indeed compelling, creating a centralised method to access shared data, significantly lowering costs and reducing data centre space, power and cooling. Cloud computing is helping corporations create new, better business models. However, organisations must realise that accountability for valuable business data cannot be as conveniently outsourced. Despite having all the advantages, the use of cloud computing may lead to breaches of sensitive data by businesses and their information security obligations to clients. The likelihood of service interruptions raises concerns over use of the cloud for business critical applications.

Security risks Cloud computing poses serious data security threats to businesses wanting to save on software licensing and support services. Companies could be exposing themselves to a business continuity disaster as security vulnerabilities in the cloud may lead to breaches of data protection laws by businesses and this may have a direct effect on the end users. One must remember that management will always be responsible for

protecting company and customer data. It is therefore essential when moving towards cloud computing that businesses consistently ensure the health of the cloud-provided services. This includes gaining complete confidence that the cloud provider is a viable, stable business with assurances and protections, such as comprehensive risk and security defences in place, to safeguard business data.

Cyber cloud attacks In addition to the data protection risks and interruptions in business continuity, cloud computing also has the risks from hackers. Hackers’ invading global businesses especially financial systems with the objective of stealing money and disabling the whole financial network is also a possibility. Concentrating enterprise data in the cloud also makes an attractive target for advanced attacks by cybercriminals to steal intellectual property and confidential data. A single point failure of the common, underlying software that controls how resources in a cloud are shared could leave businesses vulnerable to attacks. Some of the other concerns are wellestablished criminal enterprises that exhibit many of the behaviours you’d expect from large corporations. These criminal organisations have internal business logic, invest in research, have highly motivated staff, project plans and, above all, they look to means of financial gains through fraud.

Countering threats When moving to cloud-based computing services, companies have to hand over control to the cloud provider on a number of issues, which may affect security negatively. In a poll conducted recently by eScan, it was found that information security management, along with regulatory compliance and the chal-

GOVIND RAMMURTHY

Companies could be exposing themselves to a business continuity disaster as security vulnerabilities in the cloud may lead to breaches of data protection laws. AUTHORITIES COULD TIP THE BALANCE IN FAVOUR OF MAKING CLOUD COMPUTING HIGHLY SECURE BY SETTING GUIDELINES THAT WILL NOT STIFLE GROWTH. CLOUD-BASED SERVICES CAN POTENTIALLY OFFER BUSINESSES A GREATER DEPTH OF DEFENCES THAN THEY COULD ACHIEVE ON THEIR OWN.

lenges of managing IT risks, were uppermost in members’ minds when it comes to security. To minimise the risks in cloud computing environment, the security administrator should prepare a list of questions that a company needs to ask potential cloud providers. Companies should especially pay attention to their rights and obligations related to data transfers, access to data by law enforcement and notifications of breaches in security by the cloud service provider.

Securing data in the cloud Securing data in the cloud is not a trivial task. And sensitive data can fall into the wrong hands. Before signing up with any cloud vendor, customers should demand information about data security practices and make sure they have the ability to encrypt data both in transit and at rest. Businesses must fully understand providers’ security measures or run the risk of endangering their data. In general, potential users of cloud services need to do a risk assessment that takes into account the importance of data to a business and the security that providers can probably deliver. As with any security area, organisations should adopt a risk-based approach to moving to the cloud and selecting security options. We believe that authorities could tip the balance in favour of making cloud computing highly secure by setting guidelines that will not stifle growth. Cloud-based services can potentially offer businesses a greater depth of defences than they could achieve on their own. A simpler, standard environment can be protected more easily and cloud providers can use rights management and encryption technologies to provide an extremely high level of protection. Govind Rammurthy is CEO & MD of MicroWorld Technologies.

DIGIT CHANNEL CONNECT

27 MARCH 2010

managed security

THE

IDENTITY FIX Two-factor authentication foils identity thieves, and today’s solutions are inexpensive, easy to use and ready for India’s banks Shekhar Kirani

DIGIT CHANNEL CONNECT

28 MARCH 2010

nline banking in India offers enormous promise both for banks and their customers. India counts some 81 million Internet users, representing a market penetration of just seven percent. For banks considering offering services online, India’s potential is exciting: Internet usage here has soared 1,520 percent since 2000. Yet realizing the potential of online banking in India is fraught with challenges: z Economic, due to a global recession and increasingly competitive marketplace; z Cultural, as banks try to balance long-held traditions with the need to generate profit; z Demographic, by instituting a “mass over class” approach to providing bank services to all Indians; z Criminal, as banks and their customers face increasing threats from fraud cartels and identity thieves. Lately, it’s the economic challenges that impact banks the most. India’s public and private sector banks are striving to halt the escalating costs of doing business. The need to reduce operating costs has prompted banks of all kinds to find more cost-effective ways to serve customers. Online banking offers a way to provide a range of services to anyone with even occasional access to the Internet. It’s vastly more convenient for customers, and it’s much more cost-effective than in-person tellers and call centre agents. How much? An Internet banking transaction is 85 percent cheaper to process than a typical transaction. So why haven’t more banks engaged this potentially lucrative channel?

The trust problem While only 16 percent of Internet users in India are expected to be banking users in the short term, that number can grow rapidly if banks are able to establish trust with an understandably wary public. But Inter net user s know the threats are real and spreading. India is specifically targeted in roughly 10 percent of the world’s phishing scams designed to lure online users to lookalike Web sites, where they are tricked into providing their personal account numbers, passwords, credit card numbers and more. In 2008, banks in India were subjected to more than 400 phishing attacks over the course of a few months.

MANAGED SERVICES SPECIAL A popular technique executed by identity thieves and e-fraud cartels, phishing scams can be set up quickly at very low cost. On the Internet’s global black market – where stolen identities are bought and sold 24 hours a day – e-criminals can even purchase “phishing kits” that enable them to create a fake Web page that convincingly mimics a bank’s log-in page. Even in the face of these threats, however, India’s banks simply aren’t protecting themselves or their customers. According to NASSCOM, an IT trade group based in India, more than 80 Indian banks lack the security safeguards they need to thwart attacks from phishers and identity thieves. Foiling fraudsters with two-factor authentication For banks around the world, the answer to establishing trust with online customer s is two-f actor authentication. Also known as strong authentication, two-factor authentication goes beyond simple usernameand-password sign-on, which is easily circumvented by phishers. With two-factor authentication (2FA), each user provides not just a username and password, but also a unique one-time password (OTP) generated by a special security credential. When the bank’s 2FA service

provider matches the OTP to the customer, then the user is authenticated. The latest 2FA solutions are simpler and more convenient for users as well. OTP credentials are available in a variety of formats, allowing bank customers to choose the credential that best suits their lifestyle. These include stand-alone hardware tokens, credit card-sized form factors, and Short Messaging Service (SMS) codes for mobile phones as well as a downloadable application that turns a mobile phone into an OTP generator. Because logging on with two-factor authentication requires something the user knows (his username and password) and something he has (his 2FA credential), it is much more difficult for fraudsters to gain unauthorized access to accounts. Because of this, 2FA has been proven to be effective against unauthorized access to online accounts, stopping potential fraud before customers and banks sustain financial losses. Some IT managers may have experienced 2FA in its former iteration as a costly, self-managed solution that is difficult to scale as user populations grow. Today’s 2FA solutions, however, are available as cloud-based (or managed) services that drive

SHEKHAR KIRANI

MANAGED TWO-FACTOR AUTHENTICATION SERVICES ALLOW BANKS AND OTHER ORGANIZATIONS TO ACHIEVE TOTAL COST OF OWNERSHIP SAVINGS OF 40 PERCENT ON CAPITAL EXPENDITURES AND OPERATIONAL COSTS, WHEN COMPARED TO TRADITIONAL ON-PREMISE SOLUTIONS.

managed security down per-user costs while enabling on-demand growth. Managed 2FA services allow banks and other organizations to achieve total cost of ownership (TCO) savings of 40 percent on capital expenditures and operational costs, when compared to traditional on-premise solutions. Most recently, the costs and logistics of distributing 2FA credentials to millions of users have effectively been eliminated with the introduction of mobile applications that transform mobile phones and PDAs into credentials that generate OTPs on demand. Since most online bank customers are mobile phone users, they don’t have to carry an additional credential to generate an OTP for strong authentication. Instead, the device the carry all day, every day doubles as their 2FA credential, creating a new level of convenience. And the application costs them nothing.

A relationship built on trust For Indian banks aiming to introduce or expand their online services, establishing trust with customers is a crucial first step. With its proven ability to keep fraudsters and identity thieves from gaining unauthorized access to customer accounts, two-factor authentication should be a core part of any bank’s online offering. As financial institutions around the world already recognize, 2FA: z Protects banks and their customers from financial losses stemming from online account takeover. Signing on to a 2FA-protected bank Web site requires users to provide something they know and something they have – a combination that e-criminals will find difficult, if not impossible, to acquire. z Is cost-effective and scalable. A cloud-based 2FA solution keeps implementation and administrative costs down while enabling deployments to scale on demand. z Is easy to use. A variety of 2FA credentials – including mobile device-based applications that provide the ultimate in convenience – make strong authentication easy for bank customers. India’s banks have a promising future online – but only if they provide the right safeguards against e-criminals. Those safeguards should include two-factor authentication. Shekhar Kirani is Country Manager of VeriSign India.

DIGIT CHANNEL CONNECT

29 MARCH 2010

outsourcing management

MANAGING THE CHANGE In a new outsourcing partnership, change is often the rule and not the exception. So, how should you be managing it? Mark Pettit

xpertise in the management of change can have a powerful impact on an outsourcing relationship. It helps both partners work together effectively. It ensures that complex changes are made in the most efficient manner. It provides the necessary discipline to maintain progress long after the initial implementation. It generates widespread support for the outsourcing solution. Most importantly, it helps people in both organizations successfully adapt to a new way of working. For all these reasons, the skilful management of change is literally the engine of organizational transformation. But how do you get maximum value from this critical outsourcing discipline? Here are ten key elements to focus on: Understand the way people react. When major change comes to the workplace, people often experience fears and anxieties that create resistance. If you carefully assess and address these causes of resistance, you can streamline the adaptation process and increase the pace of the transformation itself. Recognize that transformation is a complex organizational process. According to business author and leadership expert John P Kotter, there are eight key steps involved in an organizational transformation. And they each take time. He also says that you can’t skip steps if you really want to succeed – so it’s important to be patient with the process.

DIGIT CHANNEL CONNECT

Manage complexity with discipline, data and continuous improvements. Some outsourcing engagements today are more extensive in scale and scope than a merger or acquisition. Some involve multiple locations that cross national borders – bringing different languages, cultures, and laws and regulations into play. To manage this kind of complexity, you need disciplined processes, data-driven decision making and a firm commitment to continuous improvement. Get change management experts involved at the earliest. The best time to begin planning for a smooth transition is during the initial development of the contract itself. Early engagement helps change management professionals clearly understand the client’s culture, goals and challenges so they can develop a comprehensive strategy and targeted tactics to help people successfully adapt to a transformed work environment. Forge an effective working relationship across the different cultures. Cultural conflicts can interfere with the development of a successful outsourcing partnership. That’s why it’s important to carefully analyze the cultures of both organizations and develop action plans for a successful convergence. Build strong partnerships at every level of the relationship. A successful outsourcing partnership involves senior leaders and managers, end users, members of the service delivery team, representatives of partner organizations like IT and other stakehold-

30 MARCH 2010

MANAGED SERVICES SPECIAL

MARK PETTIT

Some outsourcing engagements today are more extensive in scale and scope than a merger or acquisition. Some involve multiple locations that cross national borders – bringing different languages, cultures, and laws and regulations into play.

Effective communications help both partners explain the vision behind the outsourcing decision, overcome employee resistance, build broad-based support and solicit the honest feedback that drives continuous improvements.

ers. Change management professionals can help build strong relationships and a sense of teamwork at every level. They should also make sure that the right people from both organizations are involved. Launch an intensive ongoing communication plan. You can’t help people adapt to change unless you communicate with them constantly and maintain an open, two-way dialogue. Effective communications help both partners explain the vision behind the outsourcing decision, overcome employee resistance, build broad-based support and solicit the honest feedback that drives continuous improvements. Help people transfer to the new employer. In some countries, regulations require that service providers offer employment to people who would otherwise be displaced in the outsourcing process. In other cases, providers may offer employment to members of the original in-house team to take advantage of their skills and familiarity with the client’s internal processes. In both of these situations, the transfer process must be handled with great care and sensitivity to comply with all regulations, address gaps in experience and expertise, integrate people into the culture of their new employer and ensure a smooth, effective transition. Design a high-performance work environment. To deliver maximum value to the client, members of the service delivery team have to be customerfocused, highly motivated and determined to keep raising the bar on performance. That’s why it’s important for change management professionals to help design a dynamic work environment that combines an effective performance management system with opportunities for reward and career development. Maintain momentum long after Day One. In the most successful partnerships, change management is woven into the service delivery process to help the outsourcing team bring best practices, improvements and innovations to the client on a continuous basis. If your approach to change management covers these key points, you will be able to expedite the business transformation process and reap benefits in an efficient, orderly manner. Change management is a vital contributor to outsourcing success. Mark Pettit is Executive Director, Xerox Global Services, Xerox India.

managed security

MANAGED SERVICES SPECIAL Helping VARs get started

BUILDING

VALUE

Here’s a winning approach for VARs to develop a sustained business in security services with a recurring revenue model Vishak Raman

n the past three years, we have witnessed a rapid consolidation and convergence of technologies, managed services and their applications within the security market. The enterprise need for outsourced security services is a strong one and a popular choice for many companies with challenges such as meeting regulatory compliance requirements and combating infrastructure and resource issues such as lost productivity, liability and staffing costs. In this context, outsourcing entire security strategies through a trusted partner has become a progressively more viable option for small, medium and large enterprises, creating an enormous opportunity for partners and service providers looking at offering value-added services to their customers. The challenge and opportunity remains in choosing the right security solution and technology partner to meet these requirements now and in the future, while at the same time enabling a highly profitable business model. This is where consolidated network security solutions are offering real advantages, delivering multi-layer security, wire-speed performance and modular scalability.

DIGIT CHANNEL CONNECT

Consolidated security Given the breadth of the addressable market, VARs must look for a flexible security service delivery infrastructure capable of meeting the evolving needs of their customers. Leveraging network security consolidation based on a Unified Threat Management (UTM) platform, VARs can benefit from the ability to cater to the maximum range of customers with the breadth of security functions and deployment scenarios. With consolidated security platforms, customer retention efforts are eased by the ability to respond with a wide portfolio of security services. VARs can leverage their single investment to benefit from “reselling” or upselling the essential security applications such as firewall, VPN, antispam, antivirus, antispyware, IPS, Web filtering, remote access, such as IPSec and SSL, to name a few, without incurring additional costs. Fuelling security services with such an integrated security platform is obviously far more cost-effective, rapid and simple than shipping another box or adding another point solution, and getting the service to interoperate smoothly -- all while providing an excellent customer experience.

32 MARCH 2010

VISHAK RAMAN

Outsourcing entire security strategies through a trusted partner has become a progressively more viable option for small, medium and large enterprises, creating an enormous opportunity for partners and service providers looking at offering value-added services to their customers. Many VARs are not able to pinpoint where to start with managed services and do not realise that the cost of entry to begin can be much lower than expected. By virtualising all the security functionalities in an integrated security device, VARs can provide comprehensive security to customers with minimal investment.

Many VARs are not able to pinpoint where to start with managed services and do not realise that the cost of entry to begin can be much lower than expected. By virtualising all the security functionalities in an integrated security device, VARs can provide comprehensive security to customers with minimal investment. There are several key areas within managed security services that are driving opportunities for VARs. VARs can either take over complete management of the network security function, which includes providing comprehensive network security as a service with continuous updates of the latest virus signatures, easy management, analysis and reporting. Additional recurring revenue can be obtained with a subset of services: s 2EMOTE MANAGEMENT AND CONFIGUration of security appliances. s 6ALUE ADDED BUSINESS RELEVANT reports for business owners to understand how their networks are being secured and helping to determine regulatory compliance. s 2EPORTS THAT ANALYSE SECURITY RISKS by enabling granular visibility into and analysis of applications that may hinder employee productivity (Facebook, YouTube or Twitter). There is also a great opportunity for VARs to conduct network assessment and audits. Many customers don’t fully understand where possible security vulnerabilities exist in their current networks, so VARs can to help customer understand what additional security layers are needed to prevent ever-changing threats, and the most cost effective way to do this.

The bottom line Generating success in managed security services is an object lesson in realising efficiency. Consolidated network security minimises the resources required to produce and deliver a suite of security services that provide customers and VARs with as many choices as possible. Chosen and deployed correctly, it offers far more than any alternative approach -- enabling partners to grow their businesses and support the dynamic security requirements of the broadest addressable market. Vishak Raman is Regional Director, SAARC and Saudi Arabia, Fortinet.

cloud computing

MANAGED SERVICES SPECIAL billion in the next five years or about 12 per cent of software deployed in the world.

Winds of

CHANGE The phenomenon of cloud computing is indeed transforming the way business consumes IT Nandu Pradhan

ot too long ago, a Singapore schoolboy wrote a drawing program for the iPhone to help his younger sisters draw on the touch screen using their fingers. Called Doodle Kids, it was downloaded nearly half a million times in three months from Apple’s App Store. The nine-year-old boy ‘got’ IT. Technology isn’t about building and maintaining infrastructure, it’s about using IT to solve problems. Yet, nearly seven in 10 enterprise IT dollars are spent on maintenance and, in a distributed computing environment, as much as 85 per cent of IT capacity can remain idle. This is not to diminish the importance of maintaining infrastructure, but the true value of IT lies in providing users with information they need to make critical business decisions. Today’s mobile, interconnected workforce places new demands and greater pressures on business application delivery. To meet these challenges, enterprises typically over-provide computing capacity and network resources, leading to the idling of excess capacity. This needs to change. The combination of the Internet, broadband networks, virtualization technology and increasingly powerful commodity computing resources creates the conditions for the next development in IT -- cloud computing. The idea behind cloud computing is to harness pools of computing resources to give enterprises access to IT infra-

DIGIT CHANNEL CONNECT

structure without incurring large capital investment. Cloud computing removes the need to over-engineer infrastructure. With it, enterprises can acquire resources as needed and when usage peters off, these resources can be turned off, offering great flexibility. When you only pay for what you use, the economics of providing IT resources changes dramatically. Available on a metered basis, IT expenditure shifts from capex to opex. If enterprises view IT as a utility, then continued investment in infrastructure, when options exist, would be like operating your own power station just to get electricity. IT is an information utility. Growing adoption of virtualization technology will advance cloud computing and its promise of self service, on-demand usage and portability. Research firm Gartner Inc anticipates that by 2011 enterprises will purchase as much as 40 per cent of their IT infrastructure as a service. And by 2012, at least one-third of business application software spending will be as service subscription instead of being as product licenses. The move to cloud computing won’t happen dramatically. Rather, it will be evolutionary as enterprises get used to freeing applications from being tied to specific infrastructure. A recent market study by Merrill Lynch predicts the global market for cloud computing to reach US$95

34 MARCH 2010

A new way

NANDU PRADHAN

Technology isn’t about building and maintaining infrastructure, it’s about using IT to solve problems. Yet, nearly seven in 10 enterprise IT dollars are spent on maintenance and, in a distributed computing environment, as much as 85 per cent of IT capacity can remain idle.

GARTNER ANTICIPATES THAT BY 2011 ENTERPRISES WILL PURCHASE AS MUCH AS 40 PER CENT OF THEIR IT INFRASTRUCTURE AS A SERVICE. AND BY 2012, AT LEAST ONE-THIRD OF BUSINESS APPLICATION SOFTWARE SPENDING WILL BE AS SERVICE SUBSCRIPTION INSTEAD OF BEING AS PRODUCT LICENSES.

Cloud computing is, of course, no panacea for all economic ills. But it does offer businesses a new way to provision infrastructure and computing services as well as a compelling financial argument by freeing up capital otherwise locked in physical equipment. In Singapore, pay-per-use computing services are already a reality for a number of government and commercial organizations through the National Grid initiative. According to one computing resource provider participating in the initiative, critical mass is within reach in three years’ time. The open source, collaborative model of developing and consuming software will be pivotal in cloud computing, In fact, open source and cloud computing are a natural fit, not least because of the inherent cost advantages. As cloud providers grow, given their scale, the costs of acquiring proprietary software will loom large in the business calculations. More importantly, communitydriven open source software ensures cloud computing is open, standardsbased, interoperable and free from technology lock-in. Openness delivers choice. It makes it possible for enterprises to switch cloud computing providers or architectures as their own conditions change as, for example, when acquisitions occur or new business requirements arise. In the USA, where the cloud computing wave is gathering momentum, nearly all major cloud providers like Amazon, for example, use open source software. Demand for open standards and development transparency will push the adoption of open source in cloud computing and in so doing, redefine the way software is developed and consumed. The on-demand cloud computing model will transform the way in which enterprises will use IT. Freed from the time and cost constraints of implementing and maintaining underlying IT infrastructure, enterprises return the focus to creating business solutions they need to operate successfully. In their continuous search for business advantage, enterprises need to re-emphasize the information in IT. Nandu Pradhan is President & Managing Director of Red Hat India.

managed video

AN EXCITING OPPORTUNITY Service providers can now deliver multiple video services over the same architecture with different solutions at the network edge Vikram Sharma

he growth of video on the Internet has had a corresponding impact in the world of business, as meetings, presentations, security monitoring, training sessions, customer service, and other activities increasingly include video. More & more businesses are using Video services such as TelePresence, WebEx etc. to connect with customers, employees across the globe. This huge increase in video traffic is transforming the requirements of networking. There is an inherent need for service providers to adopt a technology platform that can help them deal with this transformation but at the same time they need to keep up gradation costs low to optimize profit. Service Providers need to scale up their network capabilities tremendously and look at adopting a new approach to building mobile networks. The days of delivering voice, video, and data services as distinct offerings with each delivered over its own network, accessed using its own device, and billed as a single subscription are over. What is needed is a single network infrastructure which can be scaled up to meet the demands of the consumers and at the same time maintain cost efficiency. The key here is to move to an all IP based network where voice, video, data get converged into a single system, reducing the CAPEX for service providers. IP Next-Generation Network (NGN) architecture, due to its end-toend application awareness, gives every device the intelligence to treat a video application appropriately.

A new class of managed video services Video traffic accounts for a rapidly increasing percentage of global IP traffic, with the 2008 Cisco Visual Networking Index forecasting that video will make up 90 percent of consumer traffic by 2012. Businesses are embracing video, too. A 2008 study of companies in the United States and Europe by Chadwick Martin Bailey found that a majority of respondents surveyed were either now deploying or would deploy in the next 24 months video surveillance (57%), video conferencing (62%), and streaming video (50%) solutions. At Cisco, more than 60 percent of network traffic was video in 2008, and this percentage is rising. The corresponding video network services, such as multicast, content distribution, media transcoding, application optimization and acceleration, and bandwidth control, are vital to the smooth delivery of and access to video applications. Because video consumes significant amounts of network resources such as bandwidth, until now many network administrators have simply added more bandwidth to their networks. But as video traffic continues to grow, and as applications become more interactive and reach end users on a variety of fixed and mobile devices, the network infrastructure must incorporate new technologies to help ensure reliable video delivery. Although a 500-millisecond delay on a voice call may only produce an audible click or pop, even such a brief delay on a video application will produce a highly noticeable degradation of the image.

MANAGED SERVICES SPECIAL

VIKRAM SHARMA

The days of delivering voice, video, and data services as distinct offerings with each delivered over its own network, accessed using its own device, and billed as a single subscription are over. As video trafﬁc continues to grow, and as applications become more interactive and reach end users on a variety of ﬁxed and mobile devices, the network infrastructure must incorporate new technologies to help ensure reliable video delivery.

Increasingly, businesses are aware of the demanding nature of network video. The 2008 Chadwick Martin Bailey study indicates that there is strong interest among U.S. and European businesses in outsourcing video-oriented services, especially bridging, desktop and Tier 2 support, content management, and content distribution, to managed service providers. In India too businesses have increasingly started adopting video based collaboration technologies to reduce travel cost and strengthen customer relationships. With the advent of advanced technologies like 3G/4G, as quality of services improve there will be a further increased demand for video services.

Application-aware networking Along with new models for application delivery (such as software as a service), data centre consolidation, and virtualization of resources, the increase in video traffic and the array of evolving video applications are behind new requirements for networks. Networks must now be application-aware so that every device has the intelligence to treat a video application appropriately end-to-end. Managed service providers can activate key solutions to support customer service-level agreements (SLAs) for video services within their IP NGNs that include: s !PPLICATION VISIBILITY MONITORING and reporting solutions s !PPLICATION ACCELERATION AND OPTIMIzation tools s !PPLICATION CONTROL FOR BANDWIDTH and performance management

Business benefits IP NGN provides the inherent end-to-end application performance management capabilities required of today’s demanding video applications. It is media aware (capable of detecting and optimizing different media types to deliver an optimal quality of experience), endpoint aware (capable of detecting and configuring media endpoints automatically), and network aware (able to detect and respond to changes in device, connection, and service availability). Leveraging existing assets within their IP NGNs, managed service providers can create new revenue streams, upsell additional services, and create long-term customer loyalty. Vikram Sharma is VP, Service Provider, Cisco India & SAARC.

DIGIT CHANNEL CONNECT

35 MARCH 2010

MANAGED SERVICES SPECIAL

data centres

Managing

COMPLEXITY Optimally

Data centre policies and procedures need communicating them effectively and tying them to the bigger picture of operational excellence Asheesh Garg

riginating as a low maintenance space for back office applications, data centres have emerged as highdensity nerve centres for a wide variety of critical business functions. With this evolution, data centres have presented an ever increasing set of challenges to IT and Facility Managers, including business continuity, compliance and capacity planning. Combine these with the everyday issues of change management, security and scheduled maintenance and one thing becomes clear: A large data centre has too many ongoing processes to manage without some sort of generally accepted list of standard operating procedures. Data centre policies and procedures provide the initial framework for achieving this objective. Data centre policies and procedures need communicating them effectively and tying them to the bigger picture of operational excellence which is the first step towards holistic data centre management. Policies should focus on four main areas namely Security; Equipment Installation; Safety and emergency procedures; and Change management. Developing a cohesive set of policies

DIGIT CHANNEL CONNECT

and procedures specifically for the data centre environment is a critical part of managing core IT infrastructure. Focusing on key areas such as standard operating procedures for safety, equipment installation, safe work practices and change management can increase safety, reduce unnecessary business incidents, and help maintain integrity of the overall data centre environment. The end result is reduced cost as a result of less downtime and improved efficiencies around server installation and daily maintenance. Policies should apply to everyone. At the same time it is important to develop an effective communications plan to reach all stakeholders and to ensure ongoing compliance. Once these business processes have been defined and implemented, enforcement and accountability are critical.

Supporting infrastructure For managing a data centre to ensure maximum availability, it is necessary to ensure that all supporting infrastructure is regularly checked and maintained at optimum level. Supporting Infrastructure is but not limited to: UPS (Uninterrupted Power Supply);

36 MARCH 2010

ASHEESH GARG

For managing a data centre to ensure maximum availability, it is necessary to ensure that all supporting infrastructure is regularly checked. NEW DATA CENTRE POLICIES AND PROCEDURES ARE LIKELY TO IMPACT A LARGE NUMBER OF TEAMS AND PERSONNEL, INCLUDING THOSE WHO MANAGE VENDOR RELATIONSHIPS. IN ORDER TO DRIVE COMPLIANCE, IT IS ESSENTIAL TO OBTAIN SUPPORT AND ACCEPTANCE FROM THE MANAGEMENT TEAM FROM THE ONSET.

PAC (Precision Air Conditioning) and related outdoor units; PDU (Power Distribution Units); ATS & STS (Automatic & Static Transfer Switches); WLD (Water Leakage Detection); VESDA; Fire Detection and Suppression System; Electrical Distribution Units (MDB & DB); Earth & Grounding; Rodent Management; Access Controls and checks; Surveillance policy, Safety Drills . To ensure all these are up and running at optimum efficiency and capacity it is required to do periodic checks and planned preventive maintenance to keep unwanted downtimes in check. New data centre policies and procedures are likely to impact a large number of teams and personnel, including those who manage vendor relationships. In order to drive compliance, it is essential to obtain support and acceptance from the management team from the onset. To achieve client satisfaction, identify all stakeholders and actively solicit feedback regarding the policies. Having a comprehensive communications plan in place ahead of time will ensure everyone gets involved. Once policies have been implemented, consider nominating a review board to periodically assess them for effectiveness. Informative materials should be accessible to all personnel accessing the data centre. These can include posted signage in communal locations, information on your internal data centre website, and an orientation video that explains the basic data centre protocol to anyone requesting data centre access. It is advisable to define some reliable metrics to gauge the success of the new data centre policies. These can include the number of safety incidents, unintended outages, or scheduled outages due to failure to follow stated policies. Data centre policies and procedures are an important first step to effective data centre management. Engaging management and key stakeholders early on in the process and having a comprehensive communications plan will ensure success and drive home the message of operational excellence. Once policies have been communicated, enforcement and accountability are critical to ongoing success. The key tangible benefits for an organization are less downtime and improved efficiencies around ongoing server maintenance. Â&#x201E; Asheesh Garg is CEO of Nikom InfraSolutions Pvt Ltd.