Home > Blogs > VMware Accelerate Advisory Services > Monthly Archives: March 2013

Monthly Archives: March 2013

EUC Technology Investments—Is Your Vendor Worthy?

by Christopher Janoch

When I logged in to my iPad this morning, I was greeted with the alert that several of my applications had available updates for me to download and apply. As many of you know, this is not unusual—rarely a day goes by without a new version, update or patch being made available.

Software development cycles have been rapidly increasing in the end-user environment, as vendors race to release smaller, incremental enhancements to their products and services. The fact is, the pace of this progress is expected—even demanded—as users clamor for the newest functionality, greatest advantage, and hottest technology. I even have some clients that have deployed beta ware into their production environment; eager to embrace a product’s newest features at the risk of stability and supportability.

This fervor has caused me to reflect however, upon how my choices of software acquisitions have changed over the past decade. Previously, the decision to purchase an application (personal or enterprise) was a comparative process of static, point solutions. Did the application or service have all of the functionality I required? Were all of the integration points in place? Line by line, feature by feature, how did it compare to the leading competitors’ products?

Increasingly I realize that my purchases resemble investments in a strategic direction rather than a simple product purchase. The app in question may not have everything I desire, but with update releases following so rapidly is the product developing the way I wish? Were the previous releases acceptable? Based upon reviews and comments, has the vendor shown a trend of successful products that were well-supported? I believe very seriously in “voting with my feet,” a strategy where good behavior is rewarded with my patronage, and unacceptable service prompts me to seek elsewhere. My application purchases (or vendor investments) have the power to shape the development strategy of future products and services.

The next time you prepare to purchase an application or enterprise service, first ask yourself if you have considered the proven history of the vendor, supplier or developer. If your purchase can be considered an investment, is the vendor worthy of your investment? And is the vendor embracing the same future vision as you are?

VMware Accelerate Advisory Services can help you define your end-user computing strategy through balanced transformation plans across people, process and technology. Visit our Web site to learn more about our offerings, or reach out to us today at: accelerate@vmware.com for more information.

——-

Christopher Janoch is a business solutions architect for VMware Accelerate Advisory Services. Follow him on Twitter @cjanoch

Would you like to continue this conversation with your C-level executive peers? Join our exclusive CxO Corner Facebook page for access to hundreds of verified CxOs sharing ideas around IT Transformation right now by going to CxO Corner and clicking “ask to join group.”

Data, Data Everywhere…Except Where I Can Access and Use It

by Christoper Janoch

I sat next to a senior sales executive from a large cellular reseller on the plane today, who was bitterly complaining about how mobile devices were complicating his life. He was carrying two cell phones, an iPad and a laptop—all with different applications and services—and he was struggling to access and email a document from one device that he had created on another. His struggle is not unique; studies show that over 52 percent of information workers use three or more devices for work.[1]

In another example from a recent client engagement, I was interviewing a remote office manager who was required by her office to carry two separate laptops—one for use in her client’s network environment (which she used for meetings, presentations and project scheduling), and one for her company’s native environment (which she used for resource management, corporate email and secure document access).

Both of these scenarios are a result of relying on single point solutions for application services and security. In the first example, the gentleman next to me had gone rogue—he was relying upon applications not supported by his company to be more productive. With the widespread availability of powerful mobile devices, it has become very easy to find, purchase and download software to enable flexibility for your personal user-computing environment. For every conceivable need it seems, “there is an app for that.” A survey of U.S. employees indicated that 27 percent of employees use do-it-yourself technology to increase capabilities and become more efficient.[2] And in response to the demand, the mobile applications market is expected to reach USD$ 33B by 2015.[3] And, a market that relies upon a patchwork system of different mobile device providers, software vendors, non-standard access methods and multiple storage points that makes data management troublesome and exasperating for the end user—to say nothing of the security challenges involved. Files become increasing scattered across multiple areas, yet they never seem to be where and when users need them.

In my second example, the office manager is sincerely attempting to comply with her firm’s security requirements, but multiple security access requirements have added to the complexity of her personal compute environment. Her email is available via the Internet, but corporate files can only be accessed through VPN. Her team collaborates through a cloud-based storage provider, but several of the applications she relies upon are SaaS-based, requiring different credentials and secure protocols. To make matters even more challenging, the client sites she frequents, restrict access to cloud providers and will not set up point-to-point VPN access for her occasional use. Her only options are to use separate on/off premise computer systems, and to rely upon a cellular card for remote VPN access (requiring yet another set of access credentials.)

Both working condition examples speak to the need for a platform-based solution—a holistic environment that offers enterprise-level services equivalent to popular point solutions and integrated security architecture to allow consistent access from anywhere.

VMware offers a comprehensive solution, VMware Horizon Workspace, that answers this challenge by offering a universal broker of services, extending two-factor identity authentication and single sign-on access to enterprise applications, corporate data storage and SaaS services. Horizon Workspace also works through common security protocols, so it can be accessed by any device type in any location. As an enterprise-class, aggregated workspace, it is also a comprehensive solution for IT management—by turning disparate operating systems, applications and data into centralized services that can be easily provisioned, managed, backed up, updated and secured with policy-driven access and delivery safeguards.

VMware Accelerate Advisory Services can help you define your end-user computing strategy through balanced transformation plans across people, process and technology. Visit our Web site to learn more about our offerings, or reach out to us today at: accelerate@vmware.com for more information.

[1] Info Workers Using Mobile And Personal Devices For Work Will Transform Personal Tech Markets – A BT Futures Report (Forrester, 2012) by Frank E. Gillette
[2] Mobile Workers Use Personal Apps to Solve Customer Problems. Is IT Ready, Willing and Able to Assist? (Forrester commissioned report, 2012)
[3] Mobile App Internet Recasts The Software And Services Landscape – A BT Futures Report (Forrester, 2011) by John C. McCarthy

——–

Christopher Janoch is a business solutions architect for VMware Accelerate Advisory Services. Follow him on Twitter @cjanoch

Would you like to continue this conversation with your C-level executive peers? Join our exclusive CxO Corner Facebook page for access to hundreds of verified CxOs sharing ideas around IT Transformation right now by going to CxO Corner and clicking “ask to join group.”

The Mobile Enterprise

With the recent announcement of VMware Horizon Suite, it’s clear that IT is moving forward in response to the workforce adopting more and more devices and platforms that provide mobility and productivity anywhere. Greater productivity is a touted benefit of the BYOD revolution, but it leaves CIOs cautious of potential pitfalls such as defining a security and governance policy that does not expose the organization to undue risks. The following infographic outlines the usage rates of preferred technology and sheds light on how BYOD is affecting the perception, support and deployment of mobile devices.

Cloud Computing – Build IT and They Will Come?

by Derek Lacks

In a meeting with a Fortune 100 CIO last week, the well-known line from the baseball classic Field of Dreams came to mind: “If you build it, he will come.” In the movie, the main character was compelled to plow under highly lucrative cornfields to build a baseball diamond in the middle of nowhere. The only thing that kept him going was the voice in his head that reinforced the promise that lie ahead.

So, why was I reminded of the classic movie line? The CIO had just told me that his organization had recently stood up its tenth private cloud in the past 24 months. The problem was, there were no users. I know what you’re thinking—why 10 clouds? That’s a story for another day. I want to focus on the same blind faith that led this organization to commit the time and resources to build its collection of clouds.

The CIO was not looking for my validation that what he built was right, he was sharing his unfortunate realization that his organization didn’t have the necessary skills to make his cloud initiatives successful. The core competencies that had contributed to his past success were no longer enough, and to evolve his organization to the strategic service broker required to meet the needs of his end users, he required core IT competencies from his team that previously were non-existent. These included individuals focused on managing the lifecycle of the service catalog; to the internal IT sales teams who were going to effectively position the value and drive user adoption; to finance teams focused on ensuring that services were achieving their pre-defined financial goals around cost and impact (see Figure 1).

Figure 1:  Business of the Cloud – Shifting IT Competencies

Why the sudden shift? With the advent of competition for internal stakeholders, IT shops no longer have a monopolistic hold on their internal customers. Public cloud services such as EC2 and Rackspace have infiltrated the safe haven of core IT and are providing disenfranchised IT users something that they have never had since the inception of the IT department— an alternative. All they need is an Internet browser and valid credit card.

As a result, IT organizations, understanding that they have to up their game and become more responsive to internal customers, have turned to cloud-enabled services, such as infrastructure as a service (IaaS) and platform as a service (PaaS ) to slow down the exodus. This was recently the case with another client of mine who wanted to build out PaaS in direct response to a sizeable percentage of his company’s development teams going directly to an external provider for their infrastructure requirements.

Which leads me back to my “if you build it, he will come” analogy—the CIO now realizes that building and standing up the technology was just the ante. To be successful and drive adoption, he has to approach the services that he extends as would a product company. His team’s traditional IT functions need to parallel the engineering teams within a product company that are manically focused on building a product that meets specific customer requirements. And the job doesn’t end once that product is built. The CIO needs to continue deliver the IT services demanded as the new teams engage—product managers, sales, marketing and finance —to take that product and exploit its commercial goodness going forward.

To do this, IT must transform from being a cost center to a service broker—a “business within the business.” The mission of the CIO needs to shift from being a supplier of technology to a strategic service provider that anticipates the needs of the business. An organization once charged with keeping the lights on is now expected to drive competitive advantage by providing business users with the optimal mix of services at the most competitive price points.

Based on these requirements, a new business management toolset needs to be leveraged to provide the requisite level of visibility, transparency and clarity into the business. In addition to traditional measures—such as system availability, application performance and utilization levels—IT executives will also need access to business-oriented metrics such as compliance to service-level agreements (SLAs), forecasted demand, profitability and customer satisfaction. CIOs will require insights into their business in order to execute with a service broker mentality, such as:

• What are the services that I provide and how do they compare to available alternatives?
• What are the costs of those services so I have the ability to make strategic decisions in terms of whether I will source that service internally or explore a better external option to leverage?
• Are my pricing strategies that I have deployed driving versus stunting adoption?
• Who are my power users, and am I meeting their specific requirements?
• Can I provide a value add to externally sourced IT suppliers that results in greater stakeholder satisfaction?

IT business management solutions, which up to this point have been a “nice to haves” driven by IT finance, are now a prerequisite for IT executives looking to execute on the service broker opportunity. The ability to articulate cost structures, track business unit consumption and adoption, and monitor the quality of services delivered will provide the basis for validating success or failure to your business stakeholders.

The VMware IT Business Management (ITBM) suite provides transparency and control over IT costs, services and quality. By automating previously manual process and providing a business context to what IT does, IT moves from a technology orientation to a service broker orientation with an IT portfolio of services managed to align with business needs. With benchmarks providing objective evidence of where IT is today, where IT could be and illuminating the path to where IT wants to be—ITBM provides the fact-based approach needed to minimize the cost of IT while maximizing competitive advantage so CIOs and IT executives can run IT like a business.

—————–

Derek Lacks is a business strategist for VMware Accelerate Advisory Services.

VMware Accelerate Advisory Services provide high-value enterprise IT strategy consulting to help CIOs and their key stakeholders to accelerate IT and business transformation, and can help your organization maximize and even accelerate its evolution into this new role as service broker. Visit our Web site to learn more about our offerings, or reach out to us today at: accelerate@vmware.com for more information.

Would you like to continue this conversation with your C-level executive peers? Join our exclusive CxO Corner Facebook page for access to hundreds of verified CxOs sharing ideas around IT Transformation right now by going to CxO Corner and clicking “ask to join group.”

Understanding Information Security In the Era of the Software-Defined Data Center

by Alex Salicrup

A few weeks ago I participated in VMWare’s first vCloud Network and Security Workshop in Palo Alto. The top 50 VMware experts in networking and security from around the globe were there to discuss all things software-defined network (SDN). Topics ranged from upcoming releases of VMware’s SDN platforms to deep-dive discussions on challenges that all SDN solutions face.

With this much talent in the room, I was not surprised when information security emerged as the top concern within the software-defined data center (SDDC) suite. Arguably, the latest and most disruptive change within the SDDC, if not virtualization itself, is the SDN. The software-defined network forces today’s networking and security administrators to shift from thinking and working in a two-layer paradigm to monitoring and securing at all layers of the service stack.

Software-defined networking not only represents a big shift from how traditional physical-based network and security has been managed, it also includes a hefty risk if we think about the fact that the “eighth layer”— human beings —has the most impact on the SDDC right at the security level. Every year the security threat varies in its complexity, depending on many variables like the economy, domestic/ international affairs, or simply the competitive landscape of an industry. A few years ago a large number of data breaches were initiated from within the organization. Last year, the vast majority of breaches were from external sources, often made possible by malware. “Hacktivism” is at its peak with groups like Anonymous targeting governments and private sector companies such as Sony’s PlayStation Network. Almost all of these breaches targeted the infrastructure layer.

As often happens with the emergence of new concepts, one of the major challenges for information security is education and understanding of the SDN evolution and what it represents. Security today is horizontal, crossing all application and infrastructure layers. Because attacks target every layer of the service stack, security requires defense in-depth measures more than ever and with tools that physical-based security alone can’t achieve efficiently. As a result, security teams have to relearn the entire service stack while also maintaining their legacy knowledge.

So what are the top three challenges facing an information security administrator? The first challenge is to achieve the breadth of learning necessary to develop effective security solutions. Second, is to be resilient against the inherent delay in evolution of security tools to adapt to disruptive change. And finally, cope with the limited engagement at the outset to drive understanding in the enterprise.

Correspondingly, these challenges translate into three key operational issues—the first is the increased and often unknown threat landscapes in an environment composed of disruptive technology. The second challenge is the cross-organizational friction as IT and information security are increasingly isolated due to lack of mutual understanding of objectives. And the last challenge, albeit a tactical one, is the shutting down of the physical network as a default security enforcement mechanism—that is, when there is no longer a physical highway that can be severed if an environment is compromised.

The majority of our customers have great security risk portfolios, and my job is to help them understand how they can navigate through these operational challenges utilizing the significant data protection benefits of a software-defined data center. Security organizations can leverage the same operational advantages of any other business unit—increased efficiency and increased flexibility—enabling them to gain more advantage with the same amount of resources. They also have the ability to expand their resources as the enterprise recognizes the business advantage of rapid security engagement and security adoption of these disruptive technologies. By providing the opportunity for security organizations to learn new techniques and capabilities within the SDDC, the enterprise can reduce employee turnover by offering career progression, which translates to real cost savings. All these opportunities help change security viewpoints within the physical data center as well, evolving new approaches to traditional security.

Looking to the future, enterprises will have the ability to automate anomaly detection and quarantine entire virtual environments while still leaving a copy to conduct business operations, thus allowing for parallel tracks, incident investigation and standard operations. By reducing perceived compromises in operations to support security, the sometimes antagonistic relationship between security organizations, IT and the businesses will improve.

The software-defined network is here, the enabling technology is ready, and the benefits and efficiencies are significant for those enterprises that decide to adopt it as part of their software-defined data center solution. There are challenges, but how many of those challenges are really about the human element rather than the technology itself? To do nothing and continue to rely on the limited reach of traditional security practices in this era of increased virtualization at all levels of IT will not be an option. My recommendation to IT organizations is to begin investigating the SDN. The challenges are there, but the benefits are potentially enormous.

Alex Salicrup is a business solution architect for VMware Accelerate Advisory Services.

VMware Accelerate Advisory Services can help you and your key stakeholders understand the software-defined data center value proposition—our consultants quantify the potential benefits, develop architectural designs, recommend organizational and process changes, create a migration plan and advise during implementation. Visit our Web site to learn more about our offerings, or reach out to us today at accelerate@vmware.com for more information.

Would you like to continue this conversation with your C-level executive peers? Join our exclusive CxO Corner Facebook page for access to hundreds of verified CxOs sharing ideas around IT Transformation right now by going to CxO Corner and clicking “ask to join group.”