IT NEXT February 2013 by Manan Mushtaq

FEBRUARY 2013 / ` 100 VOLUME 04 / ISSUE 1

FEATURE: Game Changers for a Cool Data Centre

BOSS TALK: How to be a business Advisor

IT MANAGER’S GUIDE TO FORMULATING EFFECTIVE VENDOR MANAGEMENT STRATEGIES Pg 12 A 9.9 Media Publication

INTERVIEW: BIG Q Emerson’s Khuti on the need Auditing is critical in for an aerial view of a DC Cloud Pg 35

Editorial

Striking the Right Chord In any business or industry, the performance of IT is gauged based on the value it brings through an effective vendor management strategy. IT decision makers are always on tenterhooks to prove their best vendor management skills that would help them strike the right deal. The bottom-line is that IT managers need to a strike the right chord with their vendors be it regarding writing a good RFP document, creating vendor policy, procurement framework, writing clear SLAs or any other challenge. Having a best vendor management practice and institutionalising it has been one of the tools for growth in any company. However, IT managers are confronted with a wide variance of methodologies with varying degrees of success or failure in underpinning the best which can be adapted. Most IT managers have not been formally trained in vendor relationship management. In fact, the ability to effectively manage vendors enhances the business perception of IT effectiveness. The cover story in the current edition of IT Next, ‘Making it a win win’ delves into the fact of how vendor management policies need to be institutionalised to drive maximum value out of this. It is a compelling need to get some insights into the areas which would help IT managers steer clear of vendor management pitfalls and how a good IT manager should be able to foresee requirements and risks which may arise in the future and plan accordingly. Besides, the story throws light on the nuances of the good negotiation skills that IT managers need to imbibe, which will enable them to nurture win-win relationships. The key to all these is to inculcate the ability to take risks, analyse them in a logical manner and build the skills necessary to bridge the gap between external vendors and teams and become orchestrators of services.

“The ability to effectively manage vendors enhances the business perception of IT effectiveness” Geetha Nandikotkur

Blogs To Watch! Driving Performance and value through strategic vendor management http://www.pwc.com/ca/en/ banking-capital-markets/ publications/vendormanagement-2009-05-05-en. pdf Vendor Management Success Tips http://operationstech.about. com/od/vendormanagement/ tp/VendMgtTips.htm How IT Improved Strategic Vendor Management http://www.cisco.com/ web/about/ciscoitatwork/ downloads/ciscoitatwork/pdf/ Cisco_IT_Case_Study_Vendor_ Management.pdf Generating Vendor Value through Collaboration http://h71028.www7.hp.com/ enterprise/cache/583640-0-0225-121.html

f e b r u a r y 2 0 1 3 | itnext

Content For the l atest technology uPDATES Go to itnext.in

F e b r ua ry 2 0 1 3

Volume 04 | Issue 01

Facebook: http://www.facebook. com/home.php#/group. php?gid=195675030582 Twitter: http://t witter.com/itnext LinkedIn http://www.linkedin.com/ groups?gid=2261770&trk=myg_ ugrp_ovr

Negotiate to

Win

Page

cover story

boss talk

interview

13 Collaborate to Win Inceased collaboration across functions, repeatable processes will help in bringing out a formal vendor management practice.

15 Best Vendor Management Practices Formal programs, documentation and careful review of licensing terms are some of the good practices

17 Interview with Forrester Research On how RFPs are prepared with unclear end -goal in mind and why IT teams are shortsighted in their approach when dealing with vendors

cover Design: Shigil Narayanan

itnext | f e b r u a r y 2 0 1 3

06 Be Advisors to Business | Ciscoâ&#x20AC;&#x2122;s Harpreet Singh on the importance of IT profressional services for IT teams

26 Get an Aerial View of the DC | Emersonâ&#x20AC;&#x2122;s Global CTO Baz Khuti on the need for having a greater visibility of the DC

itnext.in

MANAGEMENT Managing Director: Dr Pramath Raj Sinha Printer & Publisher: Vikas Gupta

EDITORIAL

Page

Group Editor: R Giridhar Executive Editor: Geetha Nandikotkur Sr Assistant Editor: Rajendra Chaudhary

All Game for a Cool dc| Adopting new

DESIGN

game changers with a holistic approach to challenge the conventional wisdom and enhance DC efficiency

opinion

Sr. Creative Director: Jayan K Narayanan Sr. Art Director: Anil VK Associate Art Directors: Atul Deshmukh & Anil T Sr. Visualisers: Manav Sachdev & Shokeen Saifi Visualiser: NV Baiju Sr. Designers: Raj Kishore Verma Shigil Narayanan, Suneesh K & Haridas Balan Designers: Charu Dwivedi, Peterson PJ Midhun Mohan & Pradeep G Nair

Tech Indulge

08 Money Wise: Expectations from CRM Rise | Talisma’s

Mruthyunjayappa on how CRM is getting to become CEM

the big Q 35 Cloud Security | Expert

panel says cloud audit is critical while choosing a cloud partner

cube chat 42 Playing with IT | Oberoi

Group’s Agrawalla on his passion for technology which drove him to gain knowledge of computers

42 GIFTS Geek? | No way —

these gifts are totally chic, and will impress even the most savvy of digital divas. A great gift for your loved ones in the new year

MARCOM

Associate Art Director: Prasanth Ramakrishnan Designer: Rahul Babu

Off the shelf 44 Acer Tablets | ICONIA

STUDIO

B1 Tablets from Acer in India which is priced at Rs 7,999. The 7 inch Tablet is designed to suit the varying needs of today’s consumers and targeted at the youth

Chief Photographer: Subhojit Paul Sr. Photographer: Jiten Gandhi

sales & marketing Brand Manager: Siddhant Raizada (09873555231) Senior Vice President: Krishna Kumar (09810206034) National Manager -Print , Online & Events: Sachin Mhashilkar (09920348755) South: Satish K Kutty (09845207810) North: Deepak Sharma (09811791110) West: Saurabh Anand +91 9833608089 Assistant Brand Manager: Varun Kumra Ad co-ordination/Scheduling: Kishan Singh

15-Minute manager 30 Data Held to Ransom | Idea

Cellular’s security team on how technology is posing new threats 32 Vitamin D | How can it reduce

the risk of various diseases

Production & Logistics

Letters _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 04

Sr. GM. Operations: Shivshankar M Hiremath Manager Operations: Rakesh upadhyay Asst. Manager - Logistics: Vijay Menon Executive Logistics: Nilesh Shiravadekar Production Executive: Vilas Mhatre Logistics: MP Singh & Mohd. Ansari

Industry Update _ _ _ _ _ _ _ _ _ _ _ 10

Office Address

Open Debate_ _ _ _ _ _ _ _ _ _ _ _ _ 45

Nine Dot Nine Mediaworx Pvt Ltd A-262 Defence Colony, New Delhi-110024, India

RegulArs Editorial _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 01

PHOTO /I LLUSTRATIO N/IMAG ING CRE DIT

My Log_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 48

Page

advertiser index IZenith IFC Panasonic 5 IBM 7 Cisco 9 ISACA 16-A Tata Communications 21 Patel Inida 25, 37 Bry Air Asia 31, 33 Avaya 39 Airtel IBC Microsoft BC

Certain content in this publication is copyright Ziff Davis Enterprise Inc, and has been reprinted under license. eWEEK, Baseline and CIO Insight are registered trademarks of Ziff Davis Enterprise Holdings, Inc. Published, Printed and Owned by Nine Dot Nine Mediaworx Private Ltd. Published and printed on their behalf by Vikas Gupta. Published at A-262 Defence Colony, New Delhi-110024, India. Printed at Tara Art Printers Pvt ltd., A-46-47, Sector-5, NOIDA (U.P.) 201301. Editor: Vikas Gupta Please recycle this magazine and remove inserts before recycling

f e b r u a r y 2 0 1 3 | itnext

INBoX NEXT100 SPECIAL NEXT100 SPECIAL

COVER STORY

IT NEXT

COVER STORY

JANUARY 2013 / ` 100 VOLUME 03 / ISSUE 12

NEXT100 SPECIAL: MEET THE IT LEADERS OF TOMORROW

THE NEW IT STARS

NEW THEARS

RE ERS A ED WINN RG WARD RBO-CHA U 100 A NEXT ED AND T G Pg 10 I S 2012 THE , FOCUS AKE IT B RT TO M SMA

VOLUME 03 | ISSUE 12

FUTURE CIOS, WINNERS ALL! They are smart, strongly opinionated, passionately driven to win in professional life. The NEXT100 2012 award winners are pragmatic in approach, more solution-driven and seem to be real leaders in the making

INDIA’s FUTURE CIOs A 9.9 Media Publication

january 2012

IT NEXT thanks its Readers for the warm response

BY T EA M IT N EX T I LLU ST R AT I ON BY AN I L T P HOTOGR AP HS BY SR I VATSA

CS-GATEFOLD.indd 14

12/31/2012 7:14:41 PM

CS-GATEFOLD.indd 15

12/31/2012 7:15:29 PM

IT NEXT values your feedback

We want to know what you think about the magazine, and how we can make it a better read. Your comments will go a long way in making IT NEXT the preferred publication for the community. Send your comments, compliments, complaints or questions about the magazine to editor@itnext.in.

Next100 boosted my confidence The Next100 award boosted my confidence and propelled me to aim at the ultimate destination, that of becoming a CIO. But even to reach the current position of Head-IT, I had a tough time in the last two years. I would like to suggest to the core committee of ITNext to have discussions or technology workshops or webinars by CIOs / IT Heads / IT Managers and not only by technology partners. These help a lot in understanding technology and their pain points. The specific initiative that I implemented and which helped me in my career growth was that of streamlining Business Process Management. Other areas which gave me sufficient opportunities were setting up a Data Centre with DR&BCP, development of an in-house ERP system, opensource CRM etc.

www.linkedin.com/ groups?gid= 2261770&trk= myg_ugrp_ovr 300 members

read this issue online http://www.itnext. in/resources/ magazine

Nagesh Aswartha SPML Infra Ltd

Here’s a suggestion I find the NEXT100 selection process excellent, but if I had the opportunity to include a criterion for selecting winners, I would introduce a group discussion. In the last leg, there should have been an event to judge the communication skills, leadership and technical knowledge of the participant, which could help in getting an active and dynamic NEXT100 CIO. While factors such as career advancement and promotions, education and learning opportunities, greater responsibilities, compensation packages, opportunities to work with business leaders/business units, professional accomplishments (which are part of NEXT100 selection process

itnext | f e b r u a r y 2 0 1 3

ITNEXT<space> <your feedback> and send it to

567678 *Special rates apply

focus) are motivating, my biggest apprehension is coping with rapid technological changes and increasing expectation from seniors. Ajay Kumar Jha, Next100 Winner

Kudos, NEXT1OO! The NEXT100 selection process was good; and my primary reasons for applying for the award were self-evaluation, and my professional growth. It was also something my boss recommended. The various stages of the awards process were good, with the application form being very simple; and the personality inventory test, management style inventory test and jury interviews being a straight and simple process. The jury interview process was excellent, it helped me personally because it was a reflection of what was expected of a CIO. Receiving the Next100 award was a most cherished moment, as it proved that I was one of the best in IT leadership in the country. The award has made a difference to my professional life as I feel my responsibilities have increased at work, my organisation has publicly recognised my achievements and I have started looking for opportunities to play a bigger role within my organisation. However, if I had to include criteria, I would have suggested highlighting achievements which make a difference to business. It is important that the future CIO understands business and brings effectiveness and efficiency to it. Hence, it makes sense to evaluate candidates on personal achievements. These achievements could be verified through reference checks with seniors or bosses. Mahesh Sarfare NEXT100 winner

(Note: Letters have been edited minimally, for brevity and clarity)

Boss talk | Harpreet Bhatia

services management

Be Advisors to Business

dopting a services mindset is critical as technology becomes all pervasive within an enterprise. Services are no longer considered a support system; in fact, most enterprises have re-christened the core philosophy of services. They are now called ‘Professional Services’ and given exclusive status. Continuous technology advancements, constant innovation, increased customer expectations and newer levels of competition are repainting the competitive landscape that companies operate in. Overwhelmingly, the challenges are not about technology per se; there are a plethora of technology choices available. The main challenge is how to apply technology to maximise business benefits. Businesses need to identify problems and apply the right technologies to serve customers, while at the same time become more productive and cost efficient. However, without the right resources and expertise, simply implementing the latest and greatest technology is a risky and costly proposition. The basic requirement to enable a business gain optimum benefits from technology is a robust suite of ‘services’ that help various business units to be connected on a single network platform. Such services must transparently integrate several solutions together and enable their delivery to customers. Along with the right technology and architecture, these services must enable businesses to reduce costs, improve operational efficiencies, increase customer stickiness and expand their capabilities. This means that a combination of a good architecture, relevant applications and efficient services is required to provide a dynamic business environment that facilitates productivity at all levels. It means that IT managers have an opportunity to take their engagement with business users to a higher level-that of advisors who will help businesses navigate

itnext | f e b r u a r y 2 0 1 3

“The IT team has to internally evolve a business model along the services line and clearly articulate that no service is free” the technology landscape, rethink newer ways to solve business problems.

Best Foot Forward Suggestion BOX

I liked this book because it really gives wings to disruptive ideas and ignites thoughts from a high tech development perspective and from customers. Writer:Geoffrey A. Moore Publisher: Harper Business Essentials Price:$12.23

IT managers need to understand the network’s lifecycle as the network platform is essential to the delivery of a number of applications and services. Many organisations lack the resources to maintain important information about their networks, support decentralised IT resources or operate in multiple remote locations, where network changes occur but are not tracked. They may have security concerns, want to add advanced technologies, or seek to improve the performance of their networks. A network assessment analysis, for example, can show customers which areas of their networks need replacement or are at end-of-sale in their lifecycle--be it platforms, components, or software. Network assessments also allow partners to set themselves apart from competition because they act as trusted advisors who can recommend more efficient solutions with confidence and speak with more authority about advanced technologies that could extend and enhance each customer’s unique network deployment. Harpreet Bhatia, VP Services, Cisco India and SAARC

Opinion

money wise Raj Mruthyunjayappa Managing Director-APAC & EMEA, Talisma

Expectations from CRM rise

ost IT executives are aware that businesses are increasingly migrating towards a customer experience zone and regime, in which the role of CRM cannot be undermined. While most businesses are carving out a niche to enhance customer experience and satisfaction and devising appropriate strategies, the immediate focus turns to CRM and its deliverables. The reason? Enterprises are unable to constantly innovate and measure up to customer expectations; this makes the going tough.

What can CRM do? The concept of CRM is perceived differently as the demand for newer ingredients grows. Businesses leverage the concept to give incentives to customers, not just in terms of customer service but also as gifts, discount and loyalty programmes. Newer perils of CRM opened up; while CRM did help improve customer loyalty in this decade, companies found it difficult to manage the large volumes of data generated by CRM applications and use them in appropriate scenarios. Most CRM users think that it is no longer about managing relationships. Instead, now it is about understanding customers, their preferences and proactively providing an enriching experience which results in improved loyalty, brand equity and consumer trust. A CRM solution needs to cover all bases, from intervening in social media conversations of businesses interest to managing loyalty programmes and upgrading customer relationships

itnext | f e b r u a r y 2 0 1 3

be able to manage feedback, and together with analytical software, provide rich insights into customer behaviour and process deficiencies. Speed of response is an important factor that has a direct bearing on customer loyalty. To respond rapidly and accurately, agents must have access to relevant information within a few clicks. This requires complete integration of the CRM with data management systems that allows a seamless flow of information from and to the CRM application.

CEM on the Anvil

â&#x20AC;&#x153;The new buzz word CEM is invading the industry by which the data generated by CRM is put to use to create the required customer experienceâ&#x20AC;? when needed. It needs to be scalable enough to manage the ever expanding scope of relationships across channels, loyalty programmes, transactions and geographies. A good CRM solution also provides ample scope for listening to customers. Customers are increasingly vocal about their experiences with a brand or product. The number of customers who give good reviews is significantly lower than those who share a bad or unsatisfactory interaction they have had. CRM needs to

Meanwhile, the new buzzword, CEM (customer experience management), is invading the industry. Through this, the data generated by CRM is put to use to create the required experience. Businesses are analysing transactions, customer behaviour threadbare to provide unique shopping, and interaction experiences and obtain feedback, even from customers who refuse to participate in surveys and customer satisfaction programmes. Not only is such information used to generate customised offerings, but also roll out targeted campaigns that carry messages that the target audience can relate to at a personal level.

Efficient Method of CRM Implementation Effective CRM implementation calls for a few key compelling strategies: Management buy-in Time-bound implementation with clear and feasible deadlines Vendor selection and software licensing Project management and best processes approach Data migration Training and support This would help enterprises in gaining agility to roll out new and unique customer experience initiatives and stay ahead of competition.

Author is the Managing Director-APAC & EMEA at Talisma

Digital Technologies Are Top CIO Priorities Tech TRENDS | Enterprises realize on average only 43 per cent of

technology’s business potential and if IT has to remain relevant in an increasingly digital world that number has to grow, according to research and advisory firm Gartner. As per the findings of a worldwide survey conducted by Gartner in the fourth quarter of 2012, in the last 18 months, digital technologies—including mobile, analytics, big data, social and cloud—have reached a tipping point with business executives. Gartner analysts believe that there is no choice but to increase

Virtual

Source: Kzero

Gartner survey highlights the need for CIOs to set aside old rules and adopt new tools

Virtual World Active Users The chart shows the Active VW user forecast: 2009 – 2013.

This has been calculated by assessing the active user data, combined with research relating to users having accounts across multiple worlds

itnext | f e b r u a r y 2 0 1 3

trends deals products services people

technology’s potential in the enterprise, and this means evolving IT’s strategies, priorities and plans beyond tending to the usual concerns as CIOs expect their 2013 IT budgets to be essentially flat for the fifth straight year. “Digital technologies provide a platform to achieve results, but only if CIOs adopt new roles and behaviors to find digital value,” said Mark McDonald, group vice president and Gartner Fellow. “CIOs require a new agenda that incorporates hunting for new digital innovations and opportunities, and harvesting value from products, services and operations. “In a world of change, it is concerning that around half of CIOs surveyed do not see IT’s enterprise role changing over the next three years,” McDonald said. “IT needs new tools if it hopes to hunt for technology-intensive innovation and harvest raised business performance from transformed IT infrastructure, operations and applications. The survey showed that CIO IT budgets have been flat to negative ever since the dot-com bust of 2002. The survey also revealed top 10 global technology priorities for 2013. The list reflects a greater emphasis on externally oriented digital technologies, as opposed to traditional IT/operationally oriented systems. It includes, in the order of priority: Analytics and business intelligence; Mobile technologies; Cloud computing (SaaS, IaaS, PaaS); Collaboration technologies; Legacy modernization; IT management; CRM; Virtualization; Security; ERP Application.

PHOTO /I LLUSTRATIO N/IMAG ING CRE DIT

Update I n d u s t r y

Canon launches DSLR - EOS 6D

Mobile projectors from Acer Acer has introduced the two projector lineup, the C110 and the K330. Both projectors are built for portable and multi-purpose use. Price: Rs. 15,000-Rs. 54,000.

Canon has released the Canon EOS 6D, its lightest full-frame camera. This is Canon’s third full-frame variant, designed to appease a larger audience. Price: Rs. 1,66,995.

The price of the Aakash 2 tablet will be brought down to $35, about Rs. 1,900, according to government source. The Aakash costs $49, Rs. 2,660 approximately. Aakash will come with Skype. Price: $35.

SAP’s Business Suite Powered by HANA application TRENDS | Enterprise

software major SAP recently announced the availability of SAP Business Suite powered by SAP HANA. The vendor claimed that the new solution suite empowers customers to run their business in real time within the window of opportunity to transact, analyze and predict instantly and proactively in an unpredictable world. According to SAP, the offering gives companies the unprecedented ability to translate real-time insights to action immediately while removing the complexity of redundant data and systems. A broad variety of business scenarios—including

Business Application Suite to run business in real time

Aakash 2 tablet to cost $35

marketing analysis, financial close, receivables management, material resource planning, as well as consumer and social sentiment analysis—and the most used operational reporting and

analytics have been specifically optimized to deliver the highest value to customers. Using SAP Business Suite powered by SAP HANA customers can now can manage all mission-critical business processes in real time such as planning, execution, reporting and analysis by using the same relevant live data. The new real-time SAP Business Suite provides an open environment allowing operational analytics and reporting on live data. A special rapid-deployment solution, planned to be released in the first quarter of 2013, will be designed for customers to go live in less than six months and will offer a complete package of preconfigured software, implementation services, content and end user enablement for a fixed price and scope.

quick byte

Around The World

PHOTO /I LLUSTRATIO N/IMAG ING CRE DIT

Nokia hires TCS to transform IT landscape Indian IT services major TCS has entered into a long-term agreement with Nokia under which it will help transform the handset manufacturer’s IT landscape. TCS will work with Nokia in realising its future IT roadmap, driving consolidation, rationalisation and simplification of applications and enabling business transformation across the core portfolios. Specifically, TCS will support and develop Nokia’s core applications for ERP, CRM, PLM, SCM, EIM and COF across the world.

Kapil Sibal, Union Minister of Communications & IT

“Internet is becoming an engine of economic growth and is expected to contribute over $100 billion (Rs 5 lakh crore) by 2015 to India’s GDP”

f e b r u a r y 2 0 1 3 | itnext

cover story | vendor management strategy

Negoti

Win E

nterprise technology vendors when pitching a piece of software or hardware technology often talk about how their offering is going to simplify the life of an IT manager inside the datacenter. Interestingly, they never talk about IT manager’s life outside the ‘dreaded’ facility. Why would they? But if they did, especially in the context of their offering, most would never be able to make such a claim. The way IT is consumed by enterprises has changed drastically in the recent years. Outsourcing, third-party hosting, and managed services have changed the very way IT is sourced. On-premise installations have given way to deployments in the cloud. Service provisioning is no longer the sole preserve of the IT and the number of vendors inside one’s datacenter (whether captive or hosted) has grown manifold. As a result of all this, licensing terms have become lengthier with additional fine print, SLAs tougher to negotiate and service fulfillment and vendor performance trickier to evaluate. For the IT manager, life has become anything but simple! Case for Vendor Management It is in this context that vendor management skills have become increasingly important for today’s IT leaders. As they make fresh purchases and upgrade in the hopes of shaping the future course of their IT to better align it with business requirements, IT managers also have to ensure that IT is delivered in a manner which is cost-effective and truly beneficial to the business at large.

itnext | f e b r u a r y 2 0 1 3

vendor management strategy | cover story

iate to

IT managers need to learn the science of traversing through the complex vendor landscapes and striking the right chord to nurture win-win relationships by rajend r a chau d hary I mag i n g : Shi g i l Na raya na n & P eterson D esi g n : s u n e es h K

“Vendor management has become a strategic function because of the focus on outcomes,” says Ray Wang, Principal Analyst and CEO at Constellation Research. “Organizations need to optimise on cost savings so they can free up funds for innovation. Vendor management is the process used to ensure that procured services are cost effective and deliver business value.” Perception and Skills Gap Vendor management, in the context of IT is often viewed in a limited sense. CIOs and IT managers in general seem fixated with driving out highest quality at the lowest cost in a relationship. Noble as their intentions may be, negotiating a lower cost forms only a part of a larger mandate. Effective vendor management involves the ability to draft a solid RFP, benchmarking vendors/ service providers, negotiating contract, determining water-tight SLAs, identifying useful metrics which can be used to asses performance and business value the relationship brings in and a whole lot more.

So do they have all the necessary skills? “Some do, while most others don’t,” quips Sanchit Vir Gogia, Principal Analyst, IDC India. “Given the changes that have come about in the

f e b r u a r y 2 0 1 3 | itnext

cover story | vendor management strategy

“There is a definite case for IT managers to acquire the necessary skills. They have to re-skill themselves in the science of vendor management” Sanchit Vir Gogia, Principal Analyst, IDC India overall enterprise IT ecosystem in the recent years, CIOs and those leading the charge for IT functions have had to develop additional skills for managing vendor relationships in a hurry. They have had to become orchestrators of services to internal users and their jobs have become much more about managing vendors and external service providers than before.”

In Gogia’s view, for the majority, vendor management in a true sense is still a work-in-progress. “There is a definite case for IT managers to acquire the necessary skills. They have to re-skill themselves in the science of vendor management. Right now, most IT teams do not have members who specialize in complex service agreements, contract negotiations or vendor benchmarking.” affirms Gogia.

Collaborate

to Win

Implementing IT vendor management as a formal practice requires increased collaboration across functions, a set of repeatable processes, governance etc

he quest for effective vendor management is fraught with challenges, some obvious, others not quite so. One such challenge is institutionalising vendor management as a standard practice in the organisation. On the surface, it may not seem like much, in reality however, it is much more difficult to accomplish. It would be critical to establish the importance of adopting a holistic approach to vendor management.

itnext | f e b r u a r y 2 0 1 3

Take a holistic Approach The single biggest reason why IT managers must try to establish vendor management as a standard practice is because only then can it be sustained over longer periods with tangible business benefits. Doing vendor management on an ad-hoc basis can result in inconsistencies in terms of the overall existing ecosystem of vendors and service providers that an organisation might have in place. Such

Fill the Gaps with Best Vendor Management Practices Formal programs, documentation, careful review of licensing terms and the intent to look beyond buyer-seller arrangement are some of the ways in which IT managers can practice to win Formal Programs Have a formal standardized vendor management practice, for the majority, vendor management is largely informal and is treated simply as a subset of the sourcing and procurement regime. Set up a program, an office if possible, consisting of individuals whose job it will be to deal with vendors throughout the relationship life-cycle.

Drafting Clear RFPs Put in place a intelligent team of individuals well versed with things like drafting RFPs, benchmarking product/service, licensing and contract negotiations and so on. A model which can be refined over time and customized to best suit the organizational needs and deliver optimum results.

Clear Documentation A crucial one at that is documentation of all the discussions that take place. In the course of business, it sometimes happens that in order to get the deal through, there are last moment discussion points which vendors marketing/sales team agree. But when it goes to the delivery team, they refuse such things. Hence to protect the interests of the company, all such things which are discussed and agreed upon should be documented along with the scope of the activity. details of the goods or services to be delivered, timelines, resource deployment etc.

the future. User organizations don’t always care to read the fine print. This at times works to vendor’s advantage as they come raising issues of non-compliance to their licensing policies.

Choosing the right vendor To make a vendor relationship work, timely periodic reviews are a must. Typically IT managers have been known to do due diligence while selecting vendors at the beginning and then at the time of renewing the arrangement. However, reviewing contracts in between at regular intervals and monitoring the performance is essential.

Solving the Licensing Puzzle

Stringent SLAs

Licensing is another important piece of the puzzle. It is one thing to drive a hard bargain with potential vendors at the negotiation table, quite another to determine complexities involved in the licensing process, particularly in case of software purchases. IT managers need to get absolute clarity when talking to vendors to avoid instances of under-licensing, overlicensing or compliance which may arise in

Put penalty clauses wherever possible in the SLAs in writing and get them to agree to incur fines if the vendors aren’t able to meet a service request within a stipulated time frame, up to your satisfaction. The focus should be to make it more of a partnership, an alliance of sorts. IT managers can also explore possibilities of developing products and innovations around intellectual property with the vendors.

A Good RFP Document Contains well-defined scope of work in clear terms Aligns well with defined use cases Focuses on exception based requirements Considers the technology ownership lifecycle Asks for vendor credentials and the roadmap of its product/service Contains details related to service levels and uptime requirements, and related penalties/bonuses Insists on delivery/implementation timeline with detailed breakups Articulates financial and technical parameters which will be used while evaluating bids Features general terms and condition of the buyer

inconsistencies can not only result in strained relations with certain vendors over time, but can also lead to relationships which may not necessarily be in the best interest of the IT organisation. Manish Bahl, Vice President & Country Manager (India) at Forrester Research therefore recommends a more iterative approach that “begins and ends with business”. More specifically, he advocates a continuous vendor framework approach which can help organisations ensure that they extract maximum business value from their strategic partners.

So how does one actually accomplish this? Well, the ideal solution can be setting up a formal IT vendor management office (VMO) which can be tasked with the responsibility of ensuring a standardised approach to interacting with vendors. However, seeing as how not all organisations would

f e b r u a r y 2 0 1 3 | itnext

cover story | vendor management strategy

“IT managers need to ensure that the man-hours spent in the RFP process do not go to waste once a contract is sealed” Nilesh Sangoi, Senior Vice President & Chief Technology Officer, Meru Cabs

“Involving business stakeholders such as finance and legal helps in structuring the conversations better” Ranjeev Tiwari, Senior Manager-IT, at Max Hypermarket India

itnext | f e b r u a r y 2 0 1 3

have the necessary resources to set up a VMO, those entrusted with leading IT ops can put in place certain processes to be followed in every interaction with a vendor, service provider or a third party. Perhaps, the single most important piece in this puzzle is ensuring a standardised RFP process and putting together a template which ensures a ‘good’ RFP document. Nilesh Sangoi, Senior Vice President & Chief Technology Officer, Meru Cabs says that as unappealing a process as it might be because of the complexities involved, a good RFP can often be the difference between a long-tern, mutually beneficial relationship and a short term, unyielding contract between IT and a service provider” A good RFP doesn’t necessarily have to be extremely long and exhaustive. Basically it should lay down, in clear terms, IT’s expectations from the vendor. Also, IT managers need to ensure that the man-hours spent in the RFP process do not go to waste once a contract is signed and sealed. The next key element for institutionalising vendor management is in having a transparent comparison metrics for choosing a product or a service from a certain vendor. Says Ranjeev Tiwari, Senior Manager-IT, at Max Hypermarket India, “It is important that transparency is maintained when qualifying vendors and selecting a product or service offering. This can be done by involving business stakeholders and taking their inputs during evaluation stage. One should also do the required amount of industry research so as to identify competitive candidates to zero-in on the best options.” Involving non-IT stakeholders and business functions such as finance and legal also helps the cause in that it structures the conversations better. Collaborating with people from across such business functions will not only help IT garner the support it needs to formalise the process but also put together a more balanced set of deliverables, metrics and SLAs for the vendors in question, adds Tiwari. A holistic approach to vendor management also mandates a good governance process in place. The scope of this governance shouldn’t be restricted to a specific aspect of vendor management rather it should encompass everything starting from assessing internal requirements, drafting RFPs, evaluating and negotiating with vendors, contract signing, to service fulfillment and even performance reviews. In the absence of a formal VMO, individuals can be identified and tasked with the responsibility of reviewing different aspects at different stages of vendor interactions. In essence, institutionalising vendor management requires increased collaboration and a set of repeatable processes among various stakeholders.

vendor management strategy | cover story

â&#x20AC;&#x153;Generally, RFPs are prepared with unclear end-goal in mindâ&#x20AC;? While IT vendor management has graduated to become an important concern, IT departments are often short-sighted in their approach when dealing with vendors, says Manish Bahl, Vice President & Country Manager (India) at Forrester Research Is vendor management an important concern for those heading IT functions? The CIOâ&#x20AC;&#x2122;s role is clearly evolving to become less technical and more business-oriented. Indian CIOs have started looking beyond IT when engaging systems integrators with the objective of driving business results through innovative business solutions. Forrester recently published a report on system integrators readiness to support the changing CIO role in India. Our survey identified a large gap between what CIOs expect from their SI partners and their actual experiences. It also found a pervasive CIO perception that SIs in India focus too much on technology.

f e b r u a r y 2 0 1 3 | itnext

cover story | vendor management strategy

“RFP is such a critical document for CIO teams to ensure vendors understand company’s objective well and come up with innovative solutions to meet business objectives” Manish Bahl, Vice President & Country Manager (India), Forrester Research

Where do most organisations tend to get it wrong when dealing with IT vendor management? I believe most CIOs try to address today’s problem than ensuring that their current set of investments are future ready. For instance, with the rapid rise of social media, cloud computing, and mobility, CIOs are finding increasingly difficult to ensure maximum utilisation of current IT investments and thus justify total cost of ownership (TCO) of IT infrastructure. CIOs need to adopt a dynamic TCO model which is iterative to address changing business requirements.

itnext | f e b r u a r y 2 0 1 3

What do you think constitutes a good RFP document? Generally, RFPs are prepared with unclear end-goal in mind and because of that there are unrealistic expectations from vendors at times. I believe brainstorming with LOB teams to define the project scope and end-goals clearly is the key. Also, at times RFPs are created with ‘copy and paste’ formula with freely available content on the Internet— without doing any real value addition. RFP is such a critical document for CIO teams to ensure vendors understand company’s objective well and come up with innovative solutions to meet business objectives. What according to you are the basic tenets of a good vendor management strategy? Instead of waiting for partners to change their technology-driven strategy, CIOs should develop their own methods to extract greater business value from their partners. I would like to highlight some key takeaways from our latest India CIO-SI report here: Identify strategic vs. non-strategic partners. The first step is to shortlist vendors that demonstrate strong knowledge of the organization, business, and industry issues and interest in securing the business with a CIO. Spend more time and budget with strategic partners. CIOs should spend more time and budget with a strategic partner and actively explore vendors that are willing and able to align their objectives with the CIO’s success in substantial, not superficial, ways. Push vendors to think and act like a partner. Adopt innovative approaches such as aligning partner’s financial compensation with organisational goals among others..

vendor management strategy | cover story

Steer Clear of the Pitfalls

Pitfalls such as getting swayed by vendor promises or going with the lowest bidder must be avoided at all costs

et’s face it. No CIO or IT manager would like to spend his entire day doing only IT vendor management. There is other perhaps more important matters that he must attend to in a typical day. However, lack of adequate attention to vendor evaluation, contracting and performance monitoring at appropriate times can make the daily grind all the more unbearable for the IT leader and therefore it is critical that IT managers make time for this not so flashy part of their job. As there are a number of best practices for dealing with the issue, there exist a number of pitfalls that if not avoided can lead to unpleasant consequences for the user organisation. One of the more common pitfalls that IT managers must look to avoid when dealing with vendors is

choosing a vendor largely on the basis of all that it promises to do. According to Rajat Sharma, President-IT, Atul Limited, vendors in their bid to ‘get in’ tend to promise the world and whatever capability that an organization might ask for and many a times IT managers get swayed by such grand promises without even a through examination of vendor’s actual capabilities and whether it can deliver on those promises. A vendor tactic that particularly irks Sharma is how certain vendors tend to—at the time of signing up—demonstrate a keen interest into the project but lose interest after a project gets underway or orders start coming through. “Also one must be wary of vendors who judge a customer relationship purely on the basis of its transactional value,” he adds.

“One must be wary of vendors who judge a customer relationship purely on the basis of its transactional value” Rajat Sharma, President – IT, Atul Limited

f e b r u a r y 2 0 1 3 | itnext

cover story | vendor management strategy

“IT manager’s risk mitigation strategy could be either based on cost optimisation or transferring the risks altogether onto the vendor side” Kamlesh Jain, Dy. GM -IT, K Raheja Corp Going with vendors who offer the lowest bids is another trap that IT leaders should be wary of. According to Ray Wang, Principal Analyst and CEO at Constellation Research, given the cost pressures, it can be awfully tempting to sign up with the lowest bidder. However, as important as it is to be conscious of cost equations, one must be equally concerned, if not more, about the business outcomes of a relationship.

Observe Caution Don’t be swayed by promises made by overzealous vendors Don’t give in to temptation and sign up with the lowest bidder Instead of creating a win-lose equation, focus on a win-win relationship Think through the complete implications of a contractual agreement Bring in external IT vendor management experts if required Don’t get stuck on negotiations and SLAs

itnext | f e b r u a r y 2 0 1 3

Also, buyers need to fight off the natural urge to beat down vendors on the price issue. Wang cautions that in their effort to get the biggest bang for the buck, buyers can often lose sight of the fact that in the longer run only the relationships which offer incentives to both the parties last and deliver results. “Instead of creating win-lose relationships, the focus should be to nurture relationships that are win-win for everyone involved,” opines Wang. Having said this, buyers alone can’t be expected to create a winwin relationship. It’s a two-way streak and vendors need to play their part too. Often times, large vendors can have an edge over buyers, particularly smaller ones, in terms of designing contracts simply because they have more experience. Also, in an increasingly consolidated market which is being dominated by a handful of large enterprise IT vendors, relatively smaller firms can sometimes find it difficult to have a contract which serves them the best. To make sure that they aren’t arm twisted into signing up with a vendor, CIOs and IT managers need to think through the complete implications of a contractual agreement. They can either re-skill people in-house to go over the terms of engagement or bring in external experts who specialise in vendor management. Says Kamlesh Jain, Dy. GM -IT, K Raheja Corp, “The terms of engagement should be communicated clearly to the vendor in the beginning itself. A good IT manager should be able to foresee requirements and risks which may arise in the future and plan accordingly. His risk mitigation strategy could either be based on cost optimisation or transferring the risks altogether onto the vendor side. Also, he can even consider outsourcing vendor management activity to a third party.” Another way to counter this challenge is to select open standards based offerings. Atul’s Rajat Sharma believes that avoiding proprietary products or offerings that have an element of ‘vendor lock-in’ can be a safe bet in such scenarios. “Open, standardsbased offerings makes more options available for selection and especially in case of software, open source products provides a good way to mitigate vendor monopolization.” Lastly, IT leaders must also bear in mind that the scope of vendor management extends beyond just RFPs, contract negotiations or performance evaluation. They must realize that it is as much about building relationships as any of the activities mentioned above and therefore, they need to take due care to manage the relationship following a contract signing. The only caveat here is that the business metrics they use have to look beyond the SLAs and contract fulfillment.

© 2012 Tata Communications Limited. All Rights Reserved. TATA COMMUNICATIONS and TATA are trademarks of Tata Sons Limited in certain countries. The F1 FORMULA 1 logo, F1, FORMULA 1, FIA FORMULA ONE WORLD CHAMPIONSHIP, GRAND PRIX and related marks are trademarks of Formula One Licensing BV, a Formula One group company. All rights reserved.

To know more, you can write to us at business@tatacommunications.com

Tata Communications has built the world’s ?rst, wholly-owned, sub-sea ?bre optic cable ring around the world. It drives an extraordinary 3,200 petabits of video, voice and data to enterprises around the planet every month, at close to the speed of light. And wherever our network goes, it creates in?nite potential for growth. That’s why we’re ?rst choice for Formula 1™. And If we can do it for Formula 1™, why not explore what our truly global connectivity can do for your business at tatacommunications.com/globalring

Only one circuit laps the world.

All Game for a

Cool DC While challenging conventional wisdom, IT teams need to adopt new game changers with a holistic approach to enhance data center efficiency

ata center best practices have always been top priority for most IT teams across industries. In fact, data centers strive to provide customers the most modern and efficient tools, both hardware and software, ensuring that the best practices are deployed within data centers to make them more green and efficient. A testimonial to this effect is APC Schneider

itnext | f e b r u a r y 2 0 1 3

Electric, the data center energy efficient solutions provider, which has associated itself with Lawrence Berkeley National Laboratory to leverage certain best practices in bringing about energy efficiency at data centers and helping customers to deploy the best tools and approach to enhance efficiency. As part of his visit to Schneiderâ&#x20AC;&#x2122;s data center, Dale Sartor, PE, Applications Team, Building Technologies, at Lawrence Berkeley National

I LLUSTRATIO N : Anil T

by N G e e tha

data center | insight Laboratory (LBNL), Berkeley, caught up with ITNext along with APC Schneider’s senior executives in a freewheeling chat. The discussion focused on the best practices that IT teams could follow to enhance data center efficiency, cut down power cost, lower TCO and optimise design elements.

Data Centre Criticalities and Challenges Sartor recommends that the first charter for any IT manager or data center operator is to challenge the conventional wisdom or approach to the data center. According to him, the conventional approach says: Data centers need to be cool and controlled to tight humidity ranges; they need raised floors for cold air distribution; they require highly redundant building infrastructure; and IT and facilities partnership are key. “But there have been new game changers to enhance the efficiency of data centers, and the traditional philosophy of having high tech buildings no longer serves any purpose as they are energy hogs,” says Sartor. Dr Satish Kumar, Energy Efficiency Ambassador, Vice President, Schneider Electric India, affirms that the increased redundancy built in data centers seem to have increased the cost of maintenance as the loads of economies are different. Aniket Patange, Director, Datacenter Lifecycle Services, Schneider Electric, finds the most challenging aspect to be delivering value while taking account of the people, process and technological framework of the data center lifecycle, even as there is no standard operating procedure to reduce cost. The common challenge that these executives experience is that data centers are energy intensive facilities as the demand for storage surges; server

Data Center Energy Efficiency = 15% (or less) (Energy Efficiency = Useful computation / Total Source Energy)

Typical Data Center Energy End Use Power Conversions & Distribution

100 Units Source Energy Cooling Equipment 35 Units Power Generation

33 Units Delivered

Server Load /Computing Operations

Source: LBNL

rack designs require more power, and there are power and cooling constraints in existing facilities. Dr Satish says, “As the cost of power and power required for infrastructure increases, even surpassing the capital cost of IT equipment, the rise in total cost of ownership is alarming.” Create Differentiators The key to addressing these challenges is creating differentiators which can help organisations see the power cost lowered, energy saved and efficiency enhanced. A logical calculation to data center energy efficiency according to Sartor is: Data center energy efficiency =15% (or less). (In other terms, Energy Efficiency = Useful Computation/Total Source Energy). The task of defining the energy efficiency mechanism throws up an immense opportunity

“There have been new game changers to enhance the efficiency of data centres, and the traditional philosophy of having high tech buildings no longer serves any purpose as they are energy hogs” Dale Sartor, PE Applications Team, Lawrence Berkeley National Laboratory

f e b r u a r y 2 0 1 3 | itnext

insight | data center

for IT teams and data center solutions providers. Patange says the solution lies in evolving strategy around power conversion and distribution, server load/computing operations using server innovation, virtualisation, high efficiency, power supplies and load management strategy, and deploying cooling equipment among various other things. Dr Satish recommends that IT teams can create value by engaging with multiple levels of teams and also bringing about certain policy regulations and standards to enhance energy efficiency. “It is critical to associate with industry associations, be part of the consortium of thought leaders and bring in ISO 50001 standards to create required differentiators,” avers Dr Satish.

“IT teams can create value by engaging with multiple levels of teams and bring about certain policy regulations & standards” Dr Satish Kumar, Energy Efficiency Ambassador, VP, Schneider Electric India

“The most challenging aspect is to deliver value while taking account of the people, process & technological framework” Aniket Patange, Director-Datacenter Lifecycle Services, APC by Schneider Electric

itnext | f e b r u a r y 2 0 1 3

Best Practices for Benchmarking The most important feature in the data center efficiency mechanism is to spot the data center maturity model based on industry standards. According to Sartor, it is critical to benchmark for energy performance improvement and pick up a few learnings from peer comparison to identify best practices. Sartor advocates that it is difficult to manage that which cannot be measured; and hence every initiative needs to be measured. The key energy metrics, according to Patange, is calculating PUE and partial PUEs, utilisation and energy reuse, while the future revolves around computational metrics, such as peak flops per watt, and transactions per watt. The ideal way is to go by Moore’s Law of providing miniaturisation: smaller, more energy-efficient transistors resulting in 1 million times reduction in energy/transistor size over 30+ years. * It is important to go for a refresh of IT equipment for performance, as old servers consume 60 per cent of energy, but deliver only 4 per cent of performance capability * Performing IT system energy assessments is compelling to evolve IT energy usage patterns * Decommissioning of unused servers is mandatory * Virtualising and consolidating server and storage * Cloud computing most ideal, as it can help in dynamically scaling resources over the Internet, balance different application peak loads and typically achieve high utilisation rates. Besides, using the IT team effectively to manage IT energy saves energy and sets the goals to provide the same level of monitoring and visualisation of the physical space that exists for monitoring the IT environment.

FUJIFILM | ADVERTORIAL

Fujifilm LTO-6 incorporates Bafe technology in a LTO generation J Solomon Sukumar, National Sales Manager, DSM â&#x20AC;&#x201D; Products, Patel India

Storage Simplified

There is a great need to understand the practical requirements / demands of storage, considering the data accessing frequency Q: How can technology leaders manage exponential data growth in a reliable, cost effective and environmentally safe manner? A: Combination of storage solution by shifting / designing the maximum storage load on tape storage will be the best way to handle the exponential data growth. As tape storage is and will be alive with a strong road map forecasted by the tape drive manufactures and also as study show that the total cost of ownership of LTO-5 tape systems is 15 times lesser than disk for long term storage, where the disk consumes 238 times more power

to store same amount of data (TSR report), which makes tape storage be the economical and environmentally safe due to less power consumption and lesser emission of CO2. Q: What are the advantages of using tape as compared to disk when it comes to storage? A: There is a great need to understand the practical requirements / demands of storage, considering the data accessing frequency. As studies show that the frequency of data access decreases with passage of time as 70 to 80 percent of data is seldom accessed

again, so one has to give its attention on the importance of data storage and risks applied on a disk keeping up with practicalities in mind. Also tape storage is cost effective, scalable and environmentally safe solution as against the major challenges that IT managers encounter in light of dwindling IT budgets. Talking about advantages of tape storage, it has better scalability, portability and archivabilty. It supports encryptions and WORM features with a benefit of cost per TB and power consumption/Space (area) being far lesser than on disk. Q: Why should a technology decision maker choose FujiFilmâ&#x20AC;&#x2122;s LTO Ultrium 6? A: Fujifilm being known has technology leader in media manufacturing has proved itself with several path breaking media manufacturing technologies like ATOMM, Nanocubic & with the latest being Barium Ferrite(Bafe) which is incorporated in Fujifilm LTO-6. So, by launching LTO-6 Fujifilm becomes the first and only manufacturer to incorporate Bafe technology in a LTO generation and the milestone achieved in 2010 jointly by Fujifilm & IBM upon successfully recording 35TB (native) on one single tape itself stands as a witness of this technology strength. Hence Fujifilm LTO-6 have better edge over others. Q: Please throw more light on some of the features of LTO Ultrium 6 Data Cartridge. A: Highest capacity among the entire LTO generation launched - Native capacity of 2.5 TB / 6.25 TB Compressed Highest Transfer speed - Native 160mb/sec & Compressed 400mb/sec Longest estimated Archival Life - 30 years Encryption feature retained(LTO-4 was first the generation to have this feature).

F E B R U A R Y 2 0 1 3 | ITNEXT

itnext | F E B R U A R Y 2 0 1 3

Baz Khuti | interview

Aerial Glimpse of the DC Baz Khuti, CTO, VP-Engineering, Avocent Products and Services, Emerson Network Power, finds customers demanding higher availability, greater performance and cost efficiency. In conversation with N Geetha, Khuti emphasises the need to offer a unified, scalable solution to address complex, heterogeneous and geographically dispersed data centresÂ As a CTO, what kind of business challenges do you frequently hear about from enterprises? The key challenges that CTOs or senior IT executives managing huge data centres face are the fundamental pressure of continuing operational efficiency, with increased emphasis on both labour cost and power reduction. Enterprises require highperformance data centres to ensure that critical business applications are available round the clock and with the right levels of cooling. Even as data centres have increased in their complexity and density so as to absorb all business requirements, the visibility into the data centre workloads is lacking. Also, the existing tools

do not provide real-time data, nor make clear the relationships and dependencies between devices. IT and facilities team are forced to rely on time-consuming manual calculations or cumbersome integrations between monitoring systems to determine the health of the data centre. This results in higher costs, wasted capacity and inefficient operations. To address these challenges, I would think Data Centr Infrastructure Management solutions (DCIM), a comprehensive approach to managing the physical aspects of the data centre can be recommended. Forrester Research Group endorses the fact that DCIM has been the foundation for successful operations of data centres.

What kind of innovations in the DCIM space can address these challenges? At the first outset, it is critical to examine what DCIM is and we, along with the research group, reiterate that DCIM is a convergence of previous generations of purely facilitiesâ&#x20AC;&#x201D;oriented power management, physical asset management, network management, and financial management and planning solutions for data centres. If used appropriately, DCIM solutions can help I&O professionals address steadily soaring pressures to meet business SLAs, lower costs, and improve resource and energy efficiency and long-term facilities planning. The new vocabulary DCIM has several innovations to its credit. IT acts as a multi-

F E B R U A R Y 2 0 1 3 | itnext

interview | Baz Khuti functional single integration tool which incorporates entire enterprise management frameworks and takes a 360 degree approach. The essentials of DCIM are to give an integrated view of facilities and operations and its ability to allow views and control of multiple levels of the data centre. The functionality of DCIM solutions is rapidly changing as offerings mature and user requirements drive vendors to fine-tune their offerings. What differentiates DCIM from other legacy tools are its eight core functions. They include: n Inventory and discovery: It is an asset management function, which helps in capturing the inventory and import from existing configuration management databases and, in some cases, from spreadsheets. Once the inventory is detected, the DCIM solution must be able to construct the necessary relationships and dependencies between them, such as the relationship between circuits and power distribution units (PDUs) and the relationship between PDUs and racks and connected equipment. n Maintenance and change control: DCIM enables them to perform change control, but at a minimum, they need to be able to a) update their own configurations based on operator actions, b) create a list of change actions as a result of any what-if scenarios they generate, and c) allow the generation of work orders in existing ticketing systems. n Data collection: Once the DCIM software is installed, it needs to collect data from the environment. It collects real-time physical infrastructure data, including physical rack and equipment location, circuit capacities, CRAC and cooling data, and thermal data from the equipment of multiple, and, in many cases, competing vendors, along with data from other sources. n Consolidated monitoring and display dashboard: This function

itnext | F E B R U A R Y 2 0 1 3

bridges the worlds of facilities and IT operations, which is a USP for most players. n Alerts: It helps in the processing and interpretation of data to be presented in an easily consumable format. n Control: DCIM has the ability to reach out directly and control infrastructure elements. n Trend Analysis: The ability to display trends for power and cooling as well as predict and diagnose conditions that have exceeded preset limits. The ability to model future solutions for implementation: While still nascent, the ability to model potential solutions for power and workload problems is one of the

â&#x20AC;&#x153;IT and facilities team are forced to rely on time-consuming manual calculations or cumbersome integrations between monitoring systems to determine the health of the data centreâ&#x20AC;? areas where systems vendors and infrastructure equipment suppliers intersect.

What is the value proposition that DCIM has brought to your customers? The DCIM solution has helped IT heads in orchestrating the entire data centre model in bringing visibility to the operations. It has helped senior IT teams in build-

Baz Khuti | interview

ing a modular design where they can integrate all applications, databases to a single framework to drive better visibility of its maintenance and power consumption ratio. It is critical to build a structured and sustenance data centre model for better consolidation. Our customers have witnessed real-time data collection using our key DCIM functionalities such as unified infrastructure monitoring, access and control systems and real-time infrastructure optimisation platform. One of our customers, Infosys, has witnessed significant benefits and has successfully integrated Oracle data bases, its Fusion Middleware, security solutions, along

Find other interviews online on the website www.itnext. in/resources/ interviews

with legacy applications using the DCIM platform; it has been able to drive complete visibility into the entire operations. Our Universal Management Gateway appliance has helped customers in consolidating management of IT and facilities equipment, making it possible—and easy—to securely execute a unified approach. Infrastructure management technologies can be classified into two different categories: 1) access and control and 2) monitoring. Today, IT infrastructure is managed with access and control technologies such as KVM, serial console and embedded server technology. Facilities infrastructure is managed through real-time data collection and monitoring of those physical assets. Because the Universal Management Gateway appliance integrates access, control and monitoring in a single chassis, data centres no longer need multiple infrastructure management tools. However, the tools can reduce and recover capital expenses, so that data centres need not purchase and maintain multiple tools for monitoring the infrastructure. Data centres can save as much as 75 per cent of rack space. It can support green initiatives and dramatically cut power consumption; with fewer devices, power usage can decrease as much as 30 per cent. It would reduce operating expenses including time and costs for managing, maintaining, securing and training users. Another advantage is enhanced deployment flexibility and efficiency, auto sensing enabling rack re-configuration with virtually no manual intervention, allowing devices to be monitored dynamically as they are connected. Another strong advantage is to improve disaster recovery at lower cost to secure, while enabling remote access for easy

maintenance and lowered travel expenses. It is also future proof infrastructure investments, the built-in flexibility and heterogeneous vendor support for efficiently managing current and future assets, such as enabling convenient transition from legacy KVM into embedded access technologies. Another function is that the real-time infrastructure optimisation platform as a DCIM solution mirrors how data centres actually work, rather than merely forcing change to compensate for the gaps created by managing with multiple point products. The platform provides a single solution for unified management of IT and facilities infrastructure, combines both hardware and software in order to gather data from every infrastructure device including Windows, Linux and UNIX server, storage and serial devices, service processors, rack/environmental sensors, data centre power units, cooling units and power distribution units (PDUs).

What is the most preferred\ ideal data centre design which is transforming the IT manager’s environment? Most IT teams are trying to revamp the existing data centre and going in for the colo model. IT teams need to look at aesthetically designed centres and also take into account their workloads that are running, using innovative tools. The design should have allocation for the circulation of hot and cold air and have platforms that can integrate with other facilities. It is always recommended to have utility based planning with effective monitoring tools. It’s most important, for IT managers to align initiatives with business goals, exert greater control over operations and maintain uptime. IT teams need greater ability to understand the impact of change and how to optimise space usage.

F E B R U A R Y 2 0 1 3 | itnext

15minute manager

training Education workplace compensation workforce trends skills development personal development

uses of Vitamin D

Strategy: Data held to Ransom THIS page Health Tips: Causes for Vitamin- D Deficiency page 32

Page 32

By Uday Mittal &

Sunil Varkey

he cyber world is enveloped by ransomware, giving sleepless nights to security heads and literally holding enterprises and users to ransom, in addition to threatening the basic security framework. Security heads are compelled to deploy stringent security tools, create a hygiene factor and prevent fraud.

Ransomware on a Roll Ransom, as defined by the Websterâ&#x20AC;&#x2122;s dictionary, is the practice of holding a prisoner or item to extort money or property to secure their release. This has been a menace in the physical world for many centuries. In the virtual world, it

itnext | f e b r u a r y 2 0 1 3

security threats

data held to ransom Technological advancements have provoked fraudsters to find new ways of holding critical data to ransom

15-MINUTE MANAGER was a stray occurrence till very recently. As enterprises get more exposed to the digital world and with valuable critical information being stored in the digital form, fraudsters are finding innovative ways to exploit the situation using malware. Ransomware malware limits and blocks access to the computer system, holds valuable or critical data by compromising it, and demands a ransom to be paid to the malware planter for the release of the hostage data. The mode of infection and propagation can be similar to any malware; but following infection, it could use various methods to trap the data owner to hostile situations.

How can it affect users? Some of the worst scenarios which customers can encounter could be that those who use pirated software become the first victims. In such a case, the malware initiates the infection path

Frequent

BREAKDOWNS

in Instrumentation Labs?

Malware claims to be an enforcement authority and force the user to pay a penalty to realease lock and claims that the user has violated the software licensing policy and locks the system. For releasing it, the user must call an overseas number to get the activation code, a call charged at premium rates. Or when accessing objectionable content, malware may claim to be an enforcement authority and force the user to pay a penalty to release the system lock.

Ransomware Payment Mode The payment mode varies from malware to malware, but those most commonly used are prepaid electronic money schemes like Ukash, MoneyPak etc. Most ransomware may avoid any mode of payment that may be tracked, such as credit cards, debit cards, net banking or PayPal. The challenge is that if the ransom is not paid, it would be tough to get the system reformatted. And even when paid, it could only be a temporary solution since the malware is still active in the system and could come back to life at any instant.

These could be due to microscopic corrosion caused by excess moisture ®

DEHUMIDIFIERS

Remove moisture most efﬁciently Backed by

Service

Ransomware’s Origin Meet us at

Booth No. C 20

ACREX India 2013

Bombay Exhibition Centre, Mumbai

Write to us today for cost effective solutions ISO 9001:2008 & 14001:2004 CERTIFIED

Phone: +91 11 23906777 • E-Mail: bryairmarketing@pahwa.com

www.bryair.com f e b r u a r y 2 0 1 3 | itnext

14.09.12

IT Next

7– 9 March 2013

RB/BA/1220HVCA5R1

As per Michael Kassner, the first ransomware, PC Cyborg, appeared in 1989. It was a Trojan developed by Joseph Popp and carried a payload which claimed that a licence of certain software on a user’s PC had expired and that the user must pay a sum of USD 189 to PC Cyborg Corporation to unlock his PC. By 2006, the attacks got more sophisticated as writers ofransomware started using 660-bit (Gpcode.

15-MINUTE MANAGER

Health Tips

Causes for Vitamin - D Deficiency

Photo graphy: photo s. co m

• There are several reasons which could result in Vitamin D deficiency in a human body, which could be fatal if ignored. Some of causes could be: * If one’s intake of milk is insufficient * In case of one being a strict vegetarian * Insufficient exposure to sunlight * In case of excessive dieting * If one has a dark skin If the digestive tract cannot adequately absorb vitamin D * Obesity

Vitamin D deficiency could lead to quick degeneration of bones, resulting in chronic joint pain.

Vitamin D ‘may reduce the risk of Alzheimer’s disease’ As per a new research, to reduce the risk of Alzheimer’s disease, women should take Vitamin D supplements. Two new studies show that women who don’t have enough Vitamin D as they hit middle age are at greater risk of going into mental decline and developing Alzheimer’s. The first study found that women who developed Alzheimer’s disease had lower Vitamin D intake than those who did not develop the illness. Dr Cedric Annweiler, of Angers University Hospital in France, looked at data from nearly 500 women who participated in the Toulouse cohort of the Epidemiology of Osteoporosis study. It was observed that women who developed Alzheimer’s had an average vitamin D intake of 50.3 micrograms a week, whereas those who developed other forms of dementia had an average of 63.6 micrograms per week, and those who didn’t develop dementia at all averaged 59 micrograms.The study highlighted the role vitamin D plays in Alzheimer’s, a severe form of dementia which causes the patient to become disorientated, aggressive, forgetful and find even quite basic tasks difficult to carry out. So far, there is no cure for the illness, which affects around 400,000 people in England - a figure which is steadily rising as people live for longer. Source: CFO India

AG) and 1024-bit (Gpcode.AK) RSA Key. In the last few years, there are reports of the presence of ransomware in enterprises where hackers obtained access to critical databases, encrypted them and negotiated a ransom for the decryption key. But most of the time, this is not an easy task. This is because of the enterprise security controls being in place, effective negotiation and the entire process being carried on without the attacker’s identity being disclosed. But it still remains a big threat if the hacker manages to plant ransomware in an enterprise server where critical applications or the database are hosted. Now with SMBs and individual home users on the rise, it is easier to target and trap the user’s data because of less security controls and user level awareness. According to a report from the Symantec Security Response team, early this year, ransomware worms were found prominent in Germany, France and the UK; and by the end of the year, the US also showed a significant rise in the number of infections. In the last two months, we have seen the presence of multiple dormant ransomware in India waiting to get initiated. Currently, there exist at least sixteen different types of ransomware families. These are sixteen different malware families and not mere versions. According to reports, although a very small percentage of people actually pay for system release, it is currently a USD 5 million industry.

The Next Best Steps for CISOs With technology available to build exploits and hackers finding this an easy way of extracting money, the chances of multi-variants of ransomware in the wild getting initiated any time (rather than waiting to initiate when users access objectionable content or use pirated software) would change the threat perspective in a big way. While Antivirus companies consider this a serious security concern and release multiple security control signatures for combating ransomware,

15-MINUTE MANAGER what is needed is a strong URL content filtering, periodic security patching, the use of trusted applications and end user awareness to prevent the threat. Cyber criminals are bridging the gap between the physical world and cyber world rapidly. With advancement in technology, these attacks will only get more and more sophisticated and perilous. The only way to safeguard against them is to increase awareness about cybercrime among users. The dangers are real, the threats are real, the repercussions are unimaginable and the rise of ransomware confirms the

Data Processing Centres need

Clean

Processed Air to prevent breakdowns due to corrosion

“With advancement in technology, these attacks will only get more and more sophisticated and perilous” — Sunil Varkey, Head-IS, Idea Cellular Ltd

validity of this statement. Most vendors are coming up with recommendations on how to deal with advanced encryption algorithms in addressing the ransomware menace. The idea is to be alert about fake messages and websites and educate business users and end users periodically about new security threats and recommend ways to prevent them.

Gas Phase Filtration Removes corrosive gases efficiently

New High Capacity Honeycomb CHEMICAL FILTERS • Impregnated with choice of chemicals • Very compact size • Face velocity 400 to 600 FPM with low pressure drop • Longer mean time between replacement (MTBR)

Service

ISO 9001:2008 & 14001:2004 CERTIFIED

Phone: +91 11 23906777 • E-Mail: bryairmarketing@pahwa.com

www.bryairﬁltration.com 33

RB/BA/1227HVCA4

Write to us today for cost effective solutions

Sunil Varkey, Head-Information Security, Idea Cellular Ltd, and Uday Mittal, Management Trainee, Security Team, Idea Cellular Ltd.

f e b r u a r y 2 0 1 3 | itnext

Backed by

28 cm x 10.3 cm

cloud security

the big

Cloud Audit Critical EXPERT PANEL

Parag Deodhar, Chief Risk Officer , CISO & VP-Process Excellence, Bharti Axa General Insura nce Co. Ltd

The Situation...

Cut it from here

“How will Manoj Sahani ensure data security on the Cloud in his organisation?,” Every CIO or IT head is in a dilemma, thanks to the all pervasive Cloud. Manoj Sahani, Senior IT Manager of a large manufacturing firm, is no exception. However, Sahani’s company’s top management has already given him the green signal to go ahead with the Cloud model, and migration of applications related to CRM, ERP, Mailing Solutions, communication server, document collaboration, designing applications, besides the data to the Cloud. Against this backdrop, Sahani’s biggest challenge is to choose the right service provider, evaluate the provider’s expertise in cloud deployment, analyse the redundancy plan, besides working out a cost benefit analysis as part of the uninterrupted service agreement. Everything finally boils down to security with regard to the Cloud. Sahani’s task is to comprehend to size the exact Cloud configuration required for his applications and how he can make sure the Your responses count. Log on to www.itnext.in/bigQ to submit your replies. The best entry will be published in the next print edition.

Dr Harsha, Head ITConsultant, HK IT Group

Yagnesh Parikh, Senior VP-Head IT (Trading), ICICI Securities Ltd

performance and end user experience is not compromised. Above all, the grave concern is to safeguard the organisation’s data, in terms of devising the best guidelines and security certificates. Besides finding ways of converting local IT infrastructure based applications into Cloud based as also the bandwidth sizing for each application, he must justify the ROI for Cloud based service compared with local IT Infrastructure. Also, he may be expected to manage with servers already invested in with the co-locating concept. Will all the service providers enable the co-locating server concept? Will his super administrators get data centre access round the clock if there are emergency reviews required? He must also devise strategies to understand the defaults and more secured IT security policies. The concern is to ensure that the cloud service provider provides clients a periodic upgrade and update on security and performance upgrade and update. Amid such ambiguities, Sahani’s primary focus is security and to evolve an effective security framework in a Cloud model. He seeks suggestions from the expert panel to address his concerns.

f e b r u a r y 2 0 1 3 | itnext

the big q

the big questions... What kind of security tools or frameworks must Sahani evaluate

? ?

or deploy to make his data secure on the Cloud?

What are the security best practices in a Cloud framework for his enterprise that his service provider needs to work on?

Here are the answers... Have the Right to Audit FIRST ANSWER Sahani’s primary task is to evaluate the private Cloud, public Cloud and co-location scenarios and check for security certifications (ISO27000, 22301, etc). He should also do a due diligence / audit on the service provider to ensure the level of security provided. He must ensure he has a NDA and legal agreement in place with the provider including the right to audit. SLAs should also be put in place as required. The service provider must implement the following frameworks/tools: n Data Privacy Frameworks--ISO27001, PCI-DSS, HIPAA etc n Availability-ISO22301, high availability & DR n Confidentiality--IDAM, Strong Authentication, DLP suite n Event and Log monitoring--SIEM n Malware controls--AV, IDS/IPS, and WAF etc.

Parag Deodhar Chief Risk Officer, CISO & VP-Process Excellence, Bharti Axa General Insurance Co. Ltd About me: A CA, Certified Information Systems Auditor from ISACA, US and Certified Fraud Examiner from ACFE, US and board member on the Bangalore Chapter of ACFE, with over 15 years of experience .

itnext | f e b r u a r y 2 0 1 3

SECOND ANSWER As part of the Cloud initiative, and even before leaping on to the Cloud, Sahani needs to know a few security best practices in the Cloud framework and those that his service provider needs to work on. Sahani can strictly follow an “information risk management” framework and must undertake these tasks: a)Do a data classification and analyse what data will be stored in the Cloud. Depending on the sensitivity of data, the service provider should to provide adequate security levels and certifications (for example, if credit card data is to be stored, PCI-DSS certification would be required). b)It is important to understand whether the regulations allow data storage on the Cloud especially when the service provider may be hosting the infrastructure outside the country c)Strong authentication tools need to be implemented--ideally, dual factor d) How access controls will be managed--will users be able to access data from outside the office network? If yes, what are the Data Leakage Prevention measures? e)Data Storage--segregated from other tenants, encrypted f)Data Availability--what are the requirements and how will it be managed, SLAs for incident resolution, etc; Disaster Recovery capabilities g)Ensure that user ids and access rights granting / revocation and reconciliation process is followed diligently h)Conduct regular audits on the service provider.

the big q

Data location is critical FIRST ANSWER With regard to data security, it is a must for Sahani, particularly if it is a large enterprise, to understand if the data is residing in India or outside. In most cases, the Cloud service provider has a wide spread and the data centre is located in a different geography. Gauge the performance of the service provider in safeguarding the data on the Cloud, irrespective of whether private or public. Sahani should make sure that the partner has structured the data based on SAN boxes to protect them. The key criterion is to see if the service provider enables the team to conduct audits, understand his access control mechanism and if he has appropriate security tools in place..

Yagnesh Parikh Senior VP-Head IT (Trading), ICICI Securities Ltd About me: Possess a keen understanding of technology, an expert in addressing the IT needs of the banking and financial services sector.

SECOND ANSWER As a best practice, Sahani needs to factor in the service providerâ&#x20AC;&#x2122;s communication policy to ensure if he keeps the IT team informed about the tasks periodically. It is important to get insights into his readiness to address any untoward incidents; itâ&#x20AC;&#x2122;s critical to see his proven track record. The best security practices would be to ensure that the partner has good governance in place, the contracts are well defined and legal and compliance needs are addressed appropriately. The service providerâ&#x20AC;&#x2122;s inter-operability efficiencies need to be understood where a data migration process is involved.

f e b r u a r y 2 0 1 3 | itnext

the big q

Understand Access Control FIRST ANSWER The pre-requisite is to have security encryptions in place to safeguard data. Most often, enterprises outsource cloud computing activities, so Sahani needs to have a service provider. Before that, he should check their security application and its features. He must do a complete analysis on the service provider’s access and privileges to the company’s data and application; this should be made transparent to the management. A periodic external audit must check what security tools are being provided. It is important to check the port opened and its availability for web access, and to ensure that other ports opened need to blocked. To ensure greater security, end user access should be provided with SSL VPN and print screen and copy files to the local system should be avoided; login fails should be restricted to 3 attempts; beyond this, the account should get locked. As in a data centre, on a cloud too, strict group policies should be implemented for accessing resources like changing time, changing IPs , accessing system files, etc. Notification to super administration should be enabled if there are suspicious activities or access, while DLP policies can be implemented to monitor logs and restrict content on the Cloud.

Dr Harsha Head IT-Consultant, HK IT Group About me: A Ph.D in Information Security, I spearhead the entire IT operations of the group across the globe and address end-to-end solutions.

SECOND ANSWER As a best practice, Sahani should choose for only 5-star rating applications if there are requirements on web server, they should be completely blocked. RUN, SHUTDOWN, EXPLORER, FILES ACCESS should be blocked to end users to understand how periodically the web server is scheduled for security and application patches. Other mandatory parameters from a security standpoint are: * The redundancy plans scheduled and how much time it will take for restoration in case of a crash or when the server is down * Analyse the exact bandwidth required for application; it should be availed with a 30 to 40 per cent buffer * Need to check physical access and web access periodically and review (Biometric access, video surveillance, etc) them. The service provider must have power, cooling, site redundancy etc.

State of Cloud Security

A Survey by Alert Logic states that the percentage of customers experiencing security incidents was lower across the board in all categories for service providers than it was for their on premises enterprise customers.

Web Appli cati on Attack

71 44

Brute Force

83 42

Reconnai ssance

51 37

V ulnerabi li t y Scan

Appli cati on Attack

Malware/ Botnet

Mi sconf i gurati on

itnext | f e b r u a r y 2 0 1 3

On Premise

43 1 12 0%

Service Provider

So urce: Gart ner

Cloud

100%

IT MAY BE TIME TO TAKE YOUR HEAD OUT OF THE GROUND.

photo credit: getty images

inbox

2012 - INDIA IS STILL HOME TO 41% OF THE WORLD'S POOREST. For India to truly change, we need to address this issue. PRADAN is powered by the belief that the best minds in the country need to work at the grassroots to change the face of poverty in India. Their teams have been working with endemically poor communities for 30 years with some amazing results. Their focus is to work with women and tribal communities across the poorest districts of India. They have introduced models, which have helped entire communities find livelihoods and emerge from poverty. They have touched over 1 million people, changing their lives in a range of ways â&#x20AC;&#x201C; from ensuring food and livelihood, to creating choice and dignity. They pictured the change. And changed the picture. It may be time to take your head out of the ground. Donate now to help change the picture. For any further information on how you can help, please visit 30.pradan.net or send an email to campaign@pradan.net. You could choose to either make a personal donation or join hands with PRADAN as part of your CSR initiatives.

PROFESSIONAL ASSISTANCE FOR DEVELOPMENT ACTION

picture the change | change the picture 9.9 Media supports f e b r u a r yPRADAN. 2 0 1 3 | itnext

cube chat | Manuhaar Agrawalla

Playing With IT

“Thanks to my passion for technology, I started reading the definitions every week and that’s how I developed a basic knowledge of computers,” says Manuhaar Agrawalla, Senior Manager IT, The Oberoi Group

By Manu Sha r ma

U My sucess

mantra “Aim to Excel for Success

itnext | J a n u a r y 2 0 1 3

nlike other kids, he was always fascinated by electronic devices and was keen to know how they worked. So, from early childhood, he loved to take electronic toys and devices apart and put them back together. “And I developed a knack for technology; this has continued ever since,” says Agrawalla. He belongs to a business family and grew up in Calcutta (since renamed Kolkata). He pursued a B.Com to step into the shoes of his father. However, fate had other plans. “When I was in primary school, IT was just arriving in India, and a local newspaper started a weekly half-page section on IT definitions. Thanks to my passion for technology, I started reading the definitions every week and developed a basic knowledge of computers,” he brags. Shortly after a B Com from the University of

Calcutta, he did a Diploma in Communication & Networking Technology from Asset International, followed by a Diploma in Hardware Technology from Aptech Ltd. “It gave me the much required knowledge in networking as well as hardware,” he adds. However, he felt that a Novell certified course was required for a job in those days, so he became a Certified Novell Engineer (CNE) in 1998. “The diplomas and the CNE programme gave me the solid foundation needed for a job in IT,” he feels. Soon after, Agrawalla was absorbed by CMC Limited, an end-to-end IT solutions provider with capabilities straddling the entire information technology spectrum: IT architecture; hardware; software, etc. He was deputed at Philips India Limited as Network Administrator. Some of his major projects implemented included:

cube chat

Fact File Nam e Manuhaar Agrawa l l a C urrent d es ignatio n Senior Manager IT C urrent role Infrastructure, Appli cations , IT Policy Experti s e Net works , Intern et, Finance, Procure m en t Work experi ence 13 + years EDUC ATION Senior Managem e n t Program m e (IIM, C alcutta) – Long Durati on Progra m m e ( 1 Year) - 2011 Strategy, C orporate Finance, Marketi n g, M& A, Operati ons & R is k Managem ent

“I owe my success to hard work and my interest to learn new things and less to luck” SMTP, DHCP, FTP, DNS & File/Print services on many WinNT/2000, Linux & Netware servers. Besides, he also set up Lotus Notes Email on all the clients’ desktop. After a two-year stint at CMC, Agrawalla joined Apeejay-Surrendra Park Hotels Ltd as Director – Corporate IT. Here, he was responsible for the IT infrastructure and application revamp, Accounting & Materials System Installation and also the Centralised Email system. In 2004, Agrawalla, with an eye on future growth, decided to leave ‘The City of Joy’ and move to greener pastures. He joined as Systems Manager at The Oberoi, Bangalore. Some of his major achievements here were setting up the AD 2003 & Exchange 2003. In fact, it was a pilot site implementation of

centralised AD & Exchange. And what does he attribute his success to? “I owe my success to hard work, and less to luck,” believes Agrawalla. He then moved to Corporate IT at The Oberoi Group as Senior Manager-IT in Delhi and successfully implemented the Business Process Optimisation project (Finance, Procurement, HR & IT functions); BaaN ERP re-deployment and rolled out IT policy across the organisation. Having put in about 13 years in this line, he plans to become a CIO in the near term and hopefully, CEO in the long term. Agarwalla admires people like A P J Abdul Kalam and Amitabh Bachchan for their humility despite their achievements. He also likes Narendra Modi, CM of Gujarat, for the state’s development.

Grad uate B. C om . acc ountancy, (Uni vers it y of C alcutta) 1997 PROFESSIONAL TRAINI NG & C ERTIFIC ATIONS * Gartner ALD for as pi ri ng C IOs traini ng 2012 * C is co C erti fied Net work As s oci ate (C C NA) certi ficatio n 2002 * C erti fied Novel l Engineer (CNE) Net Ware 4.11 certi ficatio n 1 998 * Diplom a i n C om m uni cation & Net worki ng Technology (As s e t Internati onal) 1998 Favouri te Quote Knowled ge i ncreas es wi th Shari ng Favouri te Desti n atio n Egypt Favouri te Book Angels & Dem ons

J a n u a r y 2 0 1 3 | itnext

update

off the shelf

A sneak preview of enterprise products, solutions and services

Acer Launches ICONIA B1 Tablets in India Unveiled at the CES 2013 earlier this month, the 7-inch tablet at INR 7,999/-

Swipe Intros F1 Fablet in India California, USA headquartered technology firm Swipe Telecom announced its foray into the Fablet segment of the smartphone market in India with the launch of its F1 Fablet.

tablet pC | Acer recently launched its 7” bud-

Key Specifications

get tablet ICONIA B1, in the Indian market. * Google Android 4.1 OS (Jelly Launched internationally at CES earlier in Bean) January, the tablet has been made available to * Dual-core MediaTek processor consumers in the Indian market almost simul(MTK 8317T) taneously. Designed to suit the varying needs * 7-inch display with a 1024x600 of today’s consumers, the tablet is targeted pixel resolution towards the youth, new users and families * 512MB of RAM looking for a user-friendly, portable, perfor* Wi-Fi 802.11 b/g/n mance packed tablet. * Bluetooth 4.0 The Google Android 4.1 OS (Jelly Bean), based ICONIA B1 is powered by 1.2GHz dual-core processor ensuring enhanced performance and a superior gaming experience. The 7” capacitive multi-touch screen with an exceptional industry leading resolution of 1024 x 600, provides for an enriching visual experience. The resolution is at least 60% better than the peer offerings, hence, enhancing user experience while watching videos, e-reading, web browsing and playing games on the move. At 7”, the tablet weighs as less as 320 gms making it ultra-portable for consumers to stay connected on the move.

itnext | f e b r u a r y 2 0 1 3

The F1 Fablet works on the Android 4.0 (ICS) operating system and has a 5 inch capacitive touch screen with 5-point HD WVGA Multi- Touch display. The tab also has dual shooters with 5.0MP Camera with flash complimented by a 0.3MP front camera for support good quality video calls. There is ample space for all requirements for applications movies etc. with a 4 GB in-built memory, which is expandable through a 32 GB T-flash card. It supports dual SIM and boasts of a powerful 1 GHz, MTK 6575 processor and 512 MB RAM which enhances & smoothens multitasking, supports heavy applications and provides the user with HD gaming capability. Priced at INR 9490/- the F1 Fablet is set to add a new dimension. Key Features Dual SIM Fablet Android 4.0 (ICS) GHz MTK 6575 processor 5.0” WVGA Capacitive Multi-Touch display 4 GB – expandable up to 32 GB Wi-Fi 802.11 b/g/n Dual Camera- 5.0MP Rear/ 0.3MP Front Camera 2500mAh Battery Weight-120gms GPS- Voice Based Navigation

update

open Debate

book For you A platform to air your views on the latest developments and issues that impact you

Do you think women in IT add more value?

Jijy Oommen Group Head-IT, Bajaj Capital Ltd Women in IT definitely add value given the fact that new trends like outsourcing cloud computing etc., have opened up opportunities for women. However, at the top, women score higher in terms of knowledge, leadership and management skills. Having the right organisational culture is most important, and the female work-force needs more flexibility in terms of working from home on a needs basis. Women can add value by demonstrating right attitude, flexibility and creating a support system both at home and at work place even at the cost of small sacrifices.

Shailesh Joshi VP& Head-IT, Godrej Industries Ltd IT is all about the perception held by male counterparts who think women are less knowledgeable, which may not be the case. Women are very good at handling applications, both deployment and implementation and consulting related job and outsmart their male counterparts, while it is a challenge handling infrastructure related activities. It is important to consciously evolve a different policy for the women IT-force, with their career growth in mind and these policies should enable them to build a good team around themselves.

Daya Prakash Head-IT, LG Electronics Women can add great value if the enterprises consciously encourage them to play a strategic role and equip them with necessary skills. Devising specific strategies to involve them in critical roles such as supply chain management would definitely help. Women have expertise in handling collaboration and the application side of the technology. Thinking and meaning business to address business problems will help women in contributing significantly to the company’s growth as they are good at communication skills. They could the catalyst between vendors and CIO or CFO which is the need of the hour.

Decoding India TITLE:India means businessHow the elephant earned its stripes AUTHOR: Kshama V kaushik & kaushik dutta Publisher: Oup india reviewed by: sangita thakur

Most with an interest in economics are rather put off by the thought of reading economic history. Given the 15-page bibliography, a casual reader intrigued by the title may well feel tempted to put India Means Business How the Elephant Earned its Stripes back on the bookshelf. Chartered accountant-researchers-authors Kshama V Kaushik and Kaushik Dutta have done an exemplary job as economic historians setting the context of Indian business. It takes on a cultural-commercial journey of discovery of India down the ages and in the process unravels the way Indian business ethos was formed. What we learn in the process is that India has always meant business and no pun intended. The story starts at the beginning of the 18th century when the Indian subcontinent had a flourishing overseas trade. The painstaking research of the authors is obvious but nowhere does it interfere in the narrative to make it a dull and drab piece of history. India’s business has its roots in its histroy. IT NEXT Verdict It is important to understand the authors’ mind as they question if India’s IT the pana-

Your views and opinion matter to us. Send us your feedback on stories and the magazine to the Editor at editor@itnext.in

cea for its economic ills or is it a mere bubble? Star Value:

f e b r u a r y 2 0 1 3 | itnext

update

indulge

NEW

The hottest, the coolest and the funkiest next generation gadgets and devices for you

HIGH-TECH GIFTS Geek? No way â&#x20AC;&#x201D; these gifts are totally chic, and will impress even the most savvy of digital divas. A great gift for your loved ones in the new year 2013.

Bluetooth enabled watch Casio has started shipping a wristwatch with built-in Bluetooth connectivity. G-Shock GB6900, is capable of connecting to Bluetooth 4.0 smartphones. Price: $180.

Striiv Smart Pedometer Between work and family, itâ&#x20AC;&#x2122;s hard to fit exercise into a busy schedule. Striiv is a Smart Pedometer that helps to walk more on the busiest days. Price: $199.95.

HOT Wearable Video CAM Heading out on a road trip? Going to the game, out for a run, a round of golf, ? It sees what you see, and effortlessly records your life.

Acoustic Wave music system II The advanced Bose speaker and audio technologies deliver sound with clarity and consistency, even at loud volume levels. Price: $949.95.

Price: $149.

Like something? Want to share your objects of desire? Send us your wish-list or feedback to editor@itnext.in

itnext | f e b r u a r y 2 0 1 3

GET THE RECOGNITION YOUR TEAM DESERVES

WIN 1,00,000 RUPEES The CLOUD LEADERSHIP AWARDS are dedicated to promote and recognize the efforts by IT teams in enabling cloud based enterprise projects. If you are part of a team that has successfully implemented a cloud based project. APPLY TODAY at www.inflexionconvex.in

Inflexion Convex 2013: Cloud… the easy next step The Inflexion Conference/Expo will help you: • Determine the next steps needed to leverage the capabilities of cloud computing • Choose and implement the most effective cloud solutions • Mitigate the risks associated with the implementation of ‘Cloud’

Inflexion will include buyers' meets, workshops and an innovative immersive cloud café

Benefits of Participation • Prize of 1,00,000 rupees in cash for the

winning team, 75,000 for first runner up and 25,000 for second runner-up • Cloud Leadership Award Trophy • Special mention of top 10 winning teams

Who will be there: Over 700 of India’s enterprise CIO/IT community, CXOs, LoB Heads, Government officials, over two days. Date: February 18 - 19, 2013 Venue: India Habitat Centre, Lodhi Rd, New Delhi

in ITNEXT magazine & websites • Participation certificates to all

participating teams

APPLY NOW www.inflexionconvex.in

Partners

Knowledge Partner

Organised by

my log

Sangita thakur varma Managing Editor, India Now

Be the Changemaker Instead of being sucked in the system or cribbing against it, let’s be bold and make that little positive difference Illustration: Raj Verma

itnext | F e b r u a r y 2 0 1 3

3 Essential Reads Data Center | INSIGHT Laboratory (LBNL), Berkeley, caught up with ITNext along with APC Schneider’s senior executives in a freewheeling chat. The discussion focused on the best practices that IT teams could follow to enhance data center efficiency, cut down power cost, lower TCO and optimise design elements.

Data Center Energy Efficiency = 15% (or less) (Energy Efficiency = Useful computation / Total Source Energy)

Typical Data Center Energy End Use

Sartor recommends that the first charter for any IT manager or data center operator is to challenge the conventional wisdom or approach to the data center. According to him, the conventional approach says: Data centers need to be cool and controlled to tight humidity ranges; they need raised floors for cold air distribution; they require highly redundant building infrastructure; and IT and facilities partnership are key. “But there have been new game changers to enhance the efficiency of data centers, and the traditional philosophy of having high tech buildings no longer serves any purpose as they are energy hogs,” says Sartor. Dr Satish Kumar, Energy Efficiency Ambassador, Vice President, Schneider Electric India, affirms that the increased redundancy built in data centers seem to have increased the cost of maintenance as the loads of economies are different. Aniket Patange, Director, Datacenter Lifecycle Services, Schneider Electric, finds the most challenging aspect to be delivering value while taking account of the people, process and technological framework of the data center lifecycle, even as there is no standard operating procedure to reduce cost. The common challenge that these executives experience is that data centers are energy intensive facilities as the demand for storage surges; server

All Game for a

Cool DC While challenging conventional wisdom, IT teams need to adopt new game changers with a holistic approach to enhance data center efficiency

Electric, the data center energy efficient solutions provider, which has associated itself with Lawrence Berkeley National Laboratory to leverage certain best practices in bringing about energy efficiency at data centers and helping customers to deploy the best tools and approach to enhance efficiency. As part of his visit to Schneider’s data center, Dale Sartor, PE, Applications Team, Building Technologies, at Lawrence Berkeley National

Cooling Equipment 35 Units Power Generation

33 Units Delivered

Server Load /Computing Operations

s ourCe: l Bn l

“there have been new game changers to enhance the efﬁciency of data centres, and the traditional philosophy of having high tech buildings no longer serves any purpose as they are energy hogs”

BY N GEET H A

Power Conversions & Distribution

100 Units Source Energy

Data Centre Criticalities and Challenges

I l lu str atI o n : a n I l t

to hold on to, for they are the change that an organisation needs, the dose of fresh blood to rejuvenate stagnating systems and break the code to raise the bar. I was a bit aghast as to why you would want these potential revolutionaries to foment trouble in your peaceful systems. It was only much later that I realised the truth, after having to struggle against systems that stifled innovative thinking and breakthrough ideas; labeled potential change-makers as rebels and ganged up against them to stifle that lone voice of creative dissent. The herd mentality ruled—always. Recently, while working on an article I again came across the terminology of change-makers. There is still a raging debate regarding the semantics, but slowly the world is agreeing on one thing—that within each one of us resides a change-maker. As managers with the responsibility of a team, and tomorrow perhaps a company, our role as changemakers is all the more important. It is our duty to bring in all those changes that would make our workplace better. It may be something as mundane as raising concerns regarding water conservation in washrooms to something more sublime like ethical corporate governance, gender sensitivity and client management. The time to Change is Now!

Dale sartor, Pe applications team, lawrence Berkeley national laboratory

itnext | F e b r u a r y 2 0 1 3 F e b r u a r y 2 0 1 3 | itnext

Game changers for a cool data centre Pg 22 THE BIG Q

THE BIG QUESTIONS... WHAT KIND OF SECURITY TOOLS OR FRAMEWORKS MUST SAHANI EVALUATE

? ?

CLOUD SECURITY

THE BIG

CLOUD AUDIT CRITICAL

THE SITUATION...

OR DEPLOY TO MAKE HIS DATA SECURE ON THE CLOUD?

WHAT ARE THE SECURITY BEST PRACTICES IN A CLOUD FRAMEWORK FOR HIS ENTERPRISE THAT HIS SERVICE PROVIDER NEEDS TO WORK ON?

HERE ARE THE ANSWERS... HAVE THE RIGHT TO AUDIT FIRST ANSWER Sahani’s primary task is to evaluate the private Cloud, public Cloud and co-location scenarios and check for security certifications (ISO27000, 22301, etc). He should also do a due diligence / audit on the service provider to ensure the level of security provided. He must ensure he has a NDA and legal agreement in place with the provider including the right to audit. SLAs should also be put in place as required. The service provider must implement the following frameworks/tools: n Data Privacy Frameworks--ISO27001, PCI-DSS, HIPAA etc n Availability-ISO22301, high availability & DR n Confidentiality--IDAM, Strong Authentication, DLP suite n Event and Log monitoring--SIEM n Malware controls--AV, IDS/IPS, and WAF etc.

EXPERT PANEL

PA R AG DEODHAR, CHIEF R I S K OF F I C E R , C I S O & V P - P R OC ES S EXC E L L E N C E , B H A RT I AXA GENERAL INSURANCE C O. LT D

I had the fortune to start my career under one of the most visionary corporate leaders. A man of vast experience, the first task he assigned me was to read the Company Manual. Now mind you, this was no ordinary novella. A thick, fat document, dry and uninteresting, there was nothing in there to hold the interest of a bubbly youngster with big dreams of a glamorous corporate communication career. After the first few pages and few loud yawns, I was ready to retire. But my boss persisted. He was after all the managing director. You could not refuse him. It sunk in much later that even being allowed to read the sacred book was a huge honour for a rookie. But the bigger prize was the assignment that followed. I was asked to redraft a few sections. While on the sections dealing with administration, personnel, human resources and communications, I came across a piece that has stuck indelibly. It concerned new joinees and the section ran something like this: New managers will generally be of two kinds—the first will either try to change the system, failing which, will become a part of it. The second type will, on failing to change the system, prefer to quit rather than become a part of it. My first boss who was also my first bona fide mentor, cautioned me then. He said, it is the second type that you need

DR H A R S H A , HEAD ITC ON S U LTA N T, H K I T G R OU P

YAG N ES H PA R I K H , S E N I OR V P - H E A D I T ( T R A DI N G ) , I C I C I S EC U R I T I ES LT D

PARAG DEODHAR

Your responses count. Log on to www.itnext.in/bigQ to submit your replies. The best entry will be published in the next print edition.

Chief Risk Officer, CISO & VP-Process Excellence, Bharti Axa General Insurance Co. Ltd About me: A CA, Certified Information Systems Auditor from ISACA, US and Certified Fraud Examiner from ACFE, US and board member on the Bangalore Chapter of

F E B R U A R Y 2 0 1 3 | ITNEXT

THE BIG Q.indd 35

1/31/2013 7:59:43 PM

ITNEXT | F E B R U A R Y 2 0 1 3

THE BIG Q.indd 36

1/31/2013 8:00:41 PM

BigQ: Cloud audits are critical to any enterprise that plans to migrate to cloud Pg 35

CUBE CHAT | MANUHAAR AGRAWALLA

CUBE CHAT

FAC T FI LE N AME MAN UHAAR AGRAWAL L A CURREN T DESIGN ATION SEN IOR MAN AGER IT

Playing With IT

CURREN T ROL E IN FRASTRUCTURE, APPL ICATION S, IT POL ICY EXPERTISE N ET WORKS, IN TERN ET, FIN AN CE, PROCUREMEN T WORK EXPERIEN CE 1 3 + YEARS EDUCATION SEN IOR MAN AGEMEN T PROGRAMME (IIM, CALCUTTA) – LON G DURATION PROGRAMME (1 YEAR) - 201 1

STRATEGY, CORPORATE FIN AN CE, MARKETIN G, M&A, OPERATION S & RISK MAN AGEMEN T

“I owe my success to hard work and my interest to learn new things and less to luck”

BY M A N U S H A R M A

MY SUCESS

MANTRA “Aim to Excel for Success

SMTP, DHCP, FTP, DNS & File/Print services on many WinNT/2000, Linux & Netware servers. Besides, he also set up Lotus Notes Email on all the clients’ desktop. After a two-year stint at CMC, Agrawalla joined Apeejay-Surrendra Park Hotels Ltd as Director – Corporate IT. Here, he was responsible for the IT infrastructure and application revamp, Accounting & Materials System Installation and also the Centralised Email system. In 2004, Agrawalla, with an eye on future growth, decided to leave ‘The City of Joy’ and move to greener pastures. He joined as Systems Manager at The Oberoi, Bangalore. Some of his major achievements here were setting up the AD 2003 & Exchange 2003. In fact, it was a pilot site implementation of

ITNEXT | J A N U A R Y 2 0 1 3

CUBE CHAT.indd 42

GRADUATE B. COM. ACCOUN TAN CY, (UN IVERSIT Y OF CALCUTTA) 1 997 PROFESSION AL TRAIN IN G & CERTIFICATION S * GARTN ER AL D FOR ASPIRIN G CIOS TRAIN IN G 201 2 * CISCO CERTIFIED N ET WORK ASSOCIATE ( CCN A) CERT IF ICATI ON 2002 * CERTIFIED N OVEL L ENGINEER (CNE) NET WARE 4.1 1 CERTIFICATION 1 998 * DIPLOMA IN COMMUN ICATION & N ET WORKIN G TECHN OLOGY (ASSET IN TERN ATION AL ) 1 998 FAVOURITE QUOTE KN OWL EDGE IN CREASES WITH SHARIN G FAVOURITE DESTIN ATION EGYPT FAVOURITE B OOK AN GELS & DEMON S

J A N U A R Y 2 0 1 3 | ITNEXT

1/31/2013 6:27:16 PM

CUBE CHAT.indd 43

Aiming to excel is Manuhaar's success mantra Pg 42

1/31/2013 6:28:01 PM