Archive | January 2016

Security 2016 – Time to act as the stage is set – but tackle the “elephants” first (part 2)

I started 2016 in bullish form with predictions for security based on the lows and highs of 2015. I touched on two on the many market catalysts set to transform both today and tomorrow’s worlds, enterprise mobility and the Internet of Things but highlighted I would mention three more. Part two of my security outline kicks off with my final three security focus areas for the first half of 2016, journey to the “cloud”, security for the SDDC and the need for intelligent people to “act smart”.

The enterprise journey to the cloud continues to be hindered by concerns robust enough to offset the unquestionable benefits. If enterprises are already challenged to secure local environments that benefit from additional levels of physical control and proximity, why would the need to secure information flowing through an external often multi tenanted service provider not highlight similar (and different) challenges. Pre 2016, it was straightforward for enterprises to deliver a blanket response “we don’t use the cloud” often citing security concerns and with no need for further explanation, but with shadow IT research validating authorised and unauthorised cloud usage exists whatever the policy, neither authority or ignorance seems to matter.

It’s therefore time to go “back to basics” and remove years of accumulated assumption of business functions and application flows and replace it with rigorous understanding. With a revisited / restated view of people, process, application flows controls and compliance expectations, “what” can be delivered via the cloud becomes clearer (“how is a whole different ball game”). Whether via internal or external assessment or audits, enterprises must obtain a robust and realistic “current state” view to calibrate the cloud trajectory and thus maximise the business benefits of cloud service delivery. This common sense view is my consistent response to mute the many often unfounded concerns of cloud service delivery or published negative cloud consequences. And I frequently pose the question “Can you really tell me now restated for now, the who, what, how of your business IT operations & applications calibrated by relevant controls”? If the answer is no, effective security for the cloud journey may have no effect at all. Time for change to make cloud service delivery a consistent, secure reality.

Following on from the cloud is the software defined datacenter (SDDC) snowball that continues to gather pace. SDDC ideals are no longer if or when for enterprise organisations with substantial workloads or IT services already delivered primarily via software elements. It’s the dynamic, frictionless, highly agile operational persona offered by a predominantly automated software driven environment that holds so much promise. But common to every “must have”, “must do”, “next big thing”, IT trend is the “what about security” question?

First off, will be a straightforward perspective – “avoid the security retrofit”, time for a security reset. Security must be the core deliverable of the SDDC outcome therefore can never be deemed an add-on or optional extra. When application dependencies and process workflows are in early draft mode (potentially in the earlier stages of the development cycle) the security expectations must be identified, qualified and externalised. Deferring security to later phases or accommodated via an assumption of inherent safety delivered by default is fundamentally flawed as applications and workloads become increasingly fluid in location and state.

A silver bullet of the SDDC ideology is the potential and proven reality of security moving always from a perimeter based ideal to an intelligent functional state as close to the workload as possible (in fact the workload is no longer a workload to be secured, but instead a “secure workload”).  This new attitude to application and workload delivery must drive a “blank sheet of paper” review of security to ensure one of the most compelling benefits of the SDDC journey can be fully realised. An enterprise journey to the cloud presents the long overdue opportunity (and investment) to “get security right” – use it, don’t lose it.

And lastly its “people time”. The rise and rise and continued rise of the digital enterprise will fundamentally shift the way business services are operated, consumed and ultimately secured. We are venturing into the unknown and therefore wrestling to find answers to an endless stream of security questions. But is this state really unknown, I suggest not. The “enterprise” digital enterprise may be no more than the digital DNA already the vital fluid of the modern social network driven arena spilling over to and thus redefining the enterprise. Create and destroy data information instantaneously, join and graft multiple and previously unconnected data sources together to create new insight / new opportunities, always on, always now – isn’t this the digitisation defined “social world” already our norm.

And possibly with that Eureka moment appears an equivalent reality check, we still haven’t solved the security problem (s) in the digital social network world, in fact we at times we are not even close. And the main reason – “people”. As technology improves (both systems and security) people reduce their level of vigilance & diligence and increase their expectation that the “system will deliver protection”. Nothing could be further from the truth. I fear we may arrive at a state where there is little more that can be done from a security systems based neural or autonomic perspective. In other words, we have put as much logic and decision making in the system to determine and remediate as much as it can from a security perceptive in an acceptable timeframe. And then what or who is left in the chain as the primary attack vector, the same primary attack vector that has always existed – “people”.

Which drives me to highlight that 2016 may be the year enterprises revisit and reinforce the level of individual accountability that all system users are vigilant, diligent and aware of the security implications of their actions. Or sadly those same users may be affected by the double edged sword of compliance and personal liability. This is a step change forward from the never read acceptable use and security policies. Tough talking and a disappointing road to traverse, but the enterprise may no longer have a choice – systems cannot secure the organisation alone. With flexible working, dynamic workplaces, fluid workloads set to be a normal business state, every corporate endpoint whether human or system has the same responsibility to evaluate and maintain a company desired security state.

And this closes the security predictions overview for the first part of 2016. Whether it’s the increasingly mobile user or interaction with intelligent devices or “things” or dynamic services delivered by highly innovative new market entrants, optimum security will ensure the unquestioned benefits of this increasingly “digital” world arrive with minimal sting in the tail. I am not inferring optimum security has never been important before or isn’t delivered today by highly effective practitioners, it is and that fact it is, minimizes the negative consequences only a mouse click away. But everything we have delivered before is now under attack in a manner beyond our traditional level of understanding with the result it’s time to “deliver now” but with tomorrow’s expectations in mind. Time to change (ps, I am not advocating “patch management” for people – or am I?).

Until next time

Colin W

Twitter: @colinwccuk

Chief Technologist Computacenter UK, Networking, Security and Digital Collaboration.

 

An update from our 2015 Associates

The Channel Challenge

Welcome to the New Year and a new associate’s blog to get 2016 off and running.  In our last blog of 2015 we heard James Cruickshank waxing lyrically about why he chose a career in IT and how he relishes the thrill of keeping apace with the relentless speed of technological change.  I thought I’d take this theme further and hone in on Computacenter’s partners – our vendors and the wider eco-system within which we operate.  The immersion in our partners of choice has formed a big part of my year at Computacenter and will continue to form the bedrock of my career, so I thought I would take this chance to muse on the stormy sea we swim in.  How do we work with our major partners?  Which technologies do we back to thrive?  And most importantly, how do we help our clients navigate their way through a complex web of technologies and emerge from the vendor maze with a solution that best fits them?

At Computacenter we offer our customers services and solutions that are best of breed and best of need.  However, this presents us with the perpetual challenge of staying on top of emerging technology and keeping abreast with how our key strategic partners are evolving.  Large organisations are in a constant state of change and some of our biggest partners: Microsoft, HP (recently separated) and IBM are 3 of the biggest players on a global scale. Therefore, as IT professionals we have it as our raison d’être to work closely with our partners to ensure their prime products (that are a result of millions of pounds of investment coupled with some of the brightest minds in IT!) are projected into the market space.  We also have to continually deliver value to our customers by keeping them up to speed with how the latest technological advances can assist their business, drive competitive advantage for them and enable their users to work more effectively. Consequently, a large part of our job, and one that can be both fascinating and frightening, is keeping our finger firmly on the pulse of technological change.

Vendors, IT manufacturers to laymen, are a particularly favourable topic at this time of year as January sees our annual celebration of another successful year at Computacenter driven in large by great harmony with our strategic partners.  HP, now split into two entities to better divide and conquer, are the chief sponsors of the event and consequently their latest offerings will take centre stage. As such, we will all seize the opportunity to learn about the technologies HP have developed that will enable our customers to move through 2016 armed with the best equipped Enterprise infrastructure and End-user devices.  Nevertheless,  at our Kick Off we have a two day vendor village that provides Computacenter the opportunity to host all the key players in the IT world educating us on how their products can best enable our customers.  To offer a valuable service we must both be an expert in our customers and our partners.

As you can imagine, the wealth of knowledge can sometimes be overwhelming, especially when many of the vendors overlap in the same space and all have nuanced competitive messages to drive home.  This therefore, is our chief purpose: to sift through the noise and make a professional decision on what is the optimum technology for our customer’s use case.  Best of breed is not always the right answer, the latest and greatest is not always the most sensible choice and instead it is our job to cast a critical eye over our customer’s business needs and construct a solution that is proven to help them on their IT journey.  For whilst investors take a position on emerging IT companies all the time, it is not something that we and our customers can afford to do.

Computacenter can boast a long existence, which is an accolade in itself in such a volatile industry, and it has achieved this longevity by constantly delivering long term customer value. This long term customer value has been accomplished by remaining ‘un-dazzled’ by the bright lights of flashy tech and staying committed to long term proven results.  So this weekend in Barcelona I’m sure we will all have our sunglasses on!

Have a great year, keep a weather eye on the technological horizon and bear in mind that the latest does not always mean the greatest!

Harry Jenkins

SBC, VDI, SHD, VHD…Or shall we just say Desktop Virtualisation?

Usually the blog title would give an indication as to the subject matter, yet the title of this blog is largely made up of acronyms that you may or may not understand.  You are not alone – this confusion has reigned in the Desktop Virtualisation market, and  has perplexed many who  have attempted to buy those solutions for many years.

There’s no denying Desktop Virtualisation is a complex technology area.  It is one for which there are many use cases that spring to mind – Call Centres, offshore locations, mobile/remote users and security conscious environments.  The issue with Desktop Virtualisation technologies historically has been cost- that of the IT infrastructure used to deliver it, disadvantageous licensing models, and the costs of transition from legacy desktop environments.  This is what led to the myriad of Desktop Virtualisation solutions that we now talk about, summarised very briefly:

  • SBC –              Server Based Computing
  • VDI –              Virtual Desktop Infrastructure
  • SHD –              Shared Hosted Desktop
  • VHD –              Virtual Hosted Desktop

Rather than get into the details of these, the “choice” has been whether to provide users with access to part of what is ultimately a shared resource (SBC, SHD), or provide users a dedicated experience and the flexibility they are used to with a classic device (VDI/VHD).  Yes, the former is lower cost option, but there are many other considerations to be taken into account, too.

At Computacenter, we’ve undertaken many deployments across both technology types and support many thousands of users within a Desktop Managed Services – typically in relation to one of the use cases listed earlier. Many organisations have had aspirations to exploit the technology – but have been deterred by cost and complexity.

The market has been changing.  Where once there was only one real option (Citrix), there are now several, particularly with VMWare’s Horizon solution which has evolved significantly in the past few years.  Then there is the infrastructure, the original dependence on expensive compute and storage is being replaced with more commodity solutions and developments in the Hyperconverged area, offering a fundamentally different platform to turn the price/performance challenges on their head. Application layering technologies are becoming more prominent, and of course there is the topic of Desktop as a Service (DaaS – yet more letters).

On top of this we need to add the business drivers – the rapid growth of mobility and flexible working, the changes in the security landscape and the launch of Windows 10 all are driving organisations to reconsider their end user services and to explore new options.

All of these factors have led Computacenter to instigate some work, in our Global Solution Centres, to re-evaluate the market for this solution area, and as a result to redefine our propositions for Desktop Virtualisation.  Over recent months we have deployed a number of these infrastructure platforms into our Solution Centre, and undertaken a comprehensive suite of tests aiming to benchmark the performance, commercial viability, ease of deployment, ease of management and other key solution factors.  And we are doing this across both VMware and Citrix virtualisation solutions and an accompanying ecosystem of supporting tools (user and profile management, application delivery) – as you can imagine it’s a complex myriad of solution options.  Our objective, very simply, is to provide the most optimal desktop experience, but do so in a cost efficient and flexible way that meets all the needs of the modern user, and satisfies the business and IT department – reducing risk and optimising deployment and management processes. We’ve been getting some great experience of the latest technologies, and assisting numerous clients who are already looking into this topic with some early engagement into the process.

As it stands today we’re just completing the final tests and reviewing our findings from the first phase of the testing, and I’m personally looking forward to reviewing the team’s finding.  You can be sure we’ll keep you up to date with our research over the coming weeks.

That said, if you would like further details on the work we are doing, please don’t hesitate to get in touch.

Cheers

Paul

2016 Predictions – “You see UC”, I see “Digital Collaboration”

My first blog of 2016 discussed Security, but the second will tackle a topic close to my heart, UC (Unified Communications) or to describe it via a new remixed term “Digital Collaboration”.

UC has suffered in recent years from nothing more than being pretty boring. The functional elements continue to work well and the UC solution most commonly experienced by users, IPT, delivers high value but with little applause. And that state signposts the age old challenge with UC, it continues to be viewed and described by users as a number of discrete technology based solutions, some working well together, others still a challenge and others still confusing. Sadly UC for the enterprise has failed to become part of the soul of an enterprise user in the manner UC in the social and personal world has managed to do. Consider just how ubiquitous platforms including Whatsapp have become and the real emotion and passion users have for the solution. No similar state or outcome is mirrored in the enterprise. With the immense potential for “Digital Collaboration” in the enterprise still very much apparent, this blog will focus on the 2016 “hot topics” that I think will start to make UC (Digital Collaboration), exciting and essential through 2016. First off UC for the mobile user.

  • UC for the mobile:UC for the mobile user has continued to deliver a somewhat “inconsistent” experience. Different screens to access, credential issues, endless software updates, compatibility issues have resulted in users deeming this valuable experience often too challenging. I expect 2016 to become a real vendor battleground to deliver the best digital collaboration mobile user experience with the leading vendors striving to make UC seamless, invisible and ultimately essential. Microsoft, Cisco and even more innovative start-ups (remember Whatsapp) will step up to the plate with the Cisco and Apple alignment very promising for mobile user collaboration in the future.
  • Video from the cloud:My colleagues and I have discussed video in the cloud for many years. Whether it’s bridging services or person to person video, the always on, everywhere nature of the cloud signposts it as the best destination for the service. Common to other components of UC , cloud based video has proved too complex, with too many choices, via confusing cost structures. No more in 2016 – the vendor that becomes synonymous with connecting and delivering video via the cloud has the potential to win the UC war so expect this to be an area of high vendor focus. And the benefit, a better user / enterprise experience and potentially right sized pricing. Cisco, Vidyo, Polycom, BlueJeans and the ever increasing collection of managed video service providers will deliver numerous opportunities for enterprises to finally unlock the benefits of such an essential service.
  • Imbedded Digital collaboration:2016 will see a rise in an area I will call invisible ‎or imbedded digital collaboration. Whether it’s a remote advice kiosks in a bank branch, a “contact an agent” option in a web store front or a “help me” customer service option on a smart device, UC elements will be integrated into a wider portfolio of applications and business services in a manner invisible to the user. There will be no switch on or off, it will be part of and core to the experience. This area has the potential for hyper growth with the current crop of smartphone equipped consumers happy to interact digitally via whatever communications channel their device is capable of. This is a real area where tangible customer and business value can be delivered.
  • Browser based UC: I am risking my predictions going up in flames with this one. WebRTC is an open source initiative to deliver rich communications services (including video) via a web browser. It was the next big thing a few years ago and stalled somewhat due to browser compatibility issues, poor user experience and lack of integration. Expect it to reappear in a big way through 2016 as the drive to deliver an increased number of browser centric end user applications increases thus reopening the door to video or rich media collaboration via that same browser. The browser vendors need to do more / faster, ISVs need to push harder but the benefits to all in time if WebRTC delivers to its promise will be unparalleled.
  • Digital team collaboration:For my last 2016 prediction I will take a bit of a long position but remain convinced it will come good in time. A key obstacle to team collaboration through previous generations has been the cultural challenge of using IT based sharing platforms within enterprise organisations. With a vast amount of legacy processes often mental or paper based, feeding them consistently into a digital platform proved a challenging cultural shift for the user. However the social / personal digital experience realized via the Facebook generation has softened the challenge and validated the user benefits of person to person sharing or interaction via digital collaboration platforms. 2016 will be the year platforms that including Cisco Spark, Microsoft Skype for Business & SharePoint or emerging solutions that include Slack will permeate the enterprise as essential collaboration platforms rather than UC technology upgrades.

And that’s the first pass of 2016 “hot tips”. As the digitisation of the enterprise continues at warp speed platforms and systems that store, share, integrate and transact digital data will prove invaluable to user and business productivity. UC of old is dead, but the legacy it delivered is the foundation of today and tomorrows “Digital collaboration” experience. If technical functionality drove the IPT & UC dawn, user experience and viable business outcomes will drive the “Digital collaboration” reality.  That time is now.

Until next time.

Colin W

Twitter: @colinwccuk

Chief Technologist Computacenter UK: Networking, Security and Digital Collaboration (UC)

 

2016 – Time to act as the stage is set – but tackle the “elephants” first.

Happy New Year and may 2016 be your most successful and effective yet. It’s the time of year where every analyst, strategist and technologist delivers a number of market or technology based predictions for the year. In reality they are educated guesses because no one really knows what will happen, but the activity is essential (and one you should personally undertake) because it ensures you have an outward focus (external focus) that is as fundamental to your business success (or at least viable) as your internal view. And best of all with market predictions, they are not guarantees of change as they are based on all of the indicators, assumptions, dependencies or guesses remaining consistent. Over the coming months I will share three 2016 perspectives for the Security, Networking and Digital collaboration (UC in old school terms) marketplaces. The views are my own but leverage extensive market and customer research most notably based on real world customer dialogue and challenges through 2015.

The Security challenge in 2016 could be the back breaker the industry is currently dreading. There are numerous forces and events that will ensure 2016 requires so much business change (positive change) that the door will be widened to any party focused on attacks and breaching defences.  There are numerous (too many to actually affect or process) security related impacts that any forward thinking enterprise must consider through 2016 – many are documented heavily within industry white papers and vendor solutions updates. However I will concentrate on six, a few common, others not that are currently giving me most food for thought as I work on strategies for 2016.

The relentless rise of the mobile enterprise (Mobility):  Mobility delivers one of the most acute security challenges today. The mobile worker, enterprise, user is no longer a fad or a secondary persona – it is the norm for many enterprises and will ultimately become the norm for all. Driven via the smart device (most commonly a phone) bonded permanently to the hand of many a user and an almost infinite pool of “relevant” applications, the need (not desire) for every digital activity to be available, everywhere, all of the time will deliver a security challenge second to none.

The connectivity issue that previously stalled the mobility drive is somewhat alleviated with fast wireless connectivity available in the home and enterprise and pretty fast connectively (sometimes) outside and on the move. That has moved any business obstacles to launch a mobility drive away from networking and connectivity and pushed it straight into the hands of the security team to ensure where a connection is made it is sure, and where data is accessed it is controlled. Some say it is an impossible task but that is conceding defeat too easily. It is a challenging but not an impossible task and an enterprise serious about affecting security change could start with:

  1. A top down perspective on the attitude towards risk for the enterprise (what really are “business breaking events”)
  2. A rigorous understanding of the regulatory framework that governs the enterprise (compliance)
  3. Comprehensive visibility of data assets within (where are they, what are they, how important are they, do they need to be protected, and to what level)
  4. Full understanding of how can someone get to them (connectivity and access)
  5. A real time, dynamic view of the secure persona or posture of the users.

I have simplified the workflow and challenge greatly (and many other perspectives must be considered and the order could change) but tools, processes, services and systems exist today that will really make a dent in the “secure mobile enterprise” challenge. It’s too easy to blend a “mobile enterprise” persona into existing and potentially legacy approaches to mobilising users and delivering business services – resist the temptation and use the time for change to undertake a “back to basics” information security review. Do nothing or do slowly because only a small group are mobile is a flawed theory – now is the time to act.

The next big thing – IOT:   The Internet of Things (and or the internet of everything) has captured the imagination of analysts and marketers alike. The connected world of “things” sending and receiving data, commonly over IP protocols but others are emerging, opens the door to a 21st century world previously impossible to imagine. Picture the world of connected cites, healthcare devices talking directly to medical professionals, smart homes exchanging data with utility companies – in fact forget the picture those services, solutions and “outcomes” are already here today. And there lies the problem, the IOT use cases are currently very fluid, personalised and often driven by imaginative use of existing and sometimes emerging technology. With IOT implementations and ideas so cutting edge, the challenge of securing the outcome becomes even greater.

At the risk of becoming an innovation “kill joy” only one recommendation exists of real validity, design any IOT / IOE solution with security acting as the core design frame to minimise the unthinkable challenge of a security retro fit to a solution beyond go live. This sounds like a simple and obvious recommendation (obvious yes, simple no) but is often bypassed due to the enthusiasm, complexity and excitement surrounding the implementation or benefit of the “things” solution. It is fundamental to success to challenge all vendors, integrators and consultancies on secure IOT principles as soon as the “drawing board” solution development phase begins. I fear the IOT security challenge with so many current and future unknowns will be one of the ticking time bombs of the greatest impact over the coming years.

It’s too early in the year for extra long blogs (you have barely cleared your Christmas inbox) so part two of this blog will be next week. I hope the richness of the outline above adds colour to your strategy and planning activities through Q1 to allow you to identify security topics that really require top priority focus through 2016. Two more topics next week and before January concludes the complete story will be told.

Until next week

Happy New Year

Colin W

Twitter @colinwccuk

Chief Technologist Computacenter UK, Networking, Security and Digital Collaboration (UC)