Those are some of the key takeaways from Telework Week 2012, co-sponsored by Cisco and the Telework Exchange, a public-private partnership focused on demonstrating the tangible value of telework and serving the educational and communication requirements of the Federal teleworker community.  This was the second year of the weeklong event and participation was up fairly dramatically, with an 80% increase in the number of workers pledging to participate – more than 70,000 of them in all, the vast majority (94%) being federal government workers.

Telework Delivers Big Savings

The results they report are nothing short of astounding. Consider these stats from the benchmark report on the event:

• Telework Week 2012 saved pledges a total of 6,413,006 miles; 251,774 hours; 3,453 tons of pollutants; and $5,651,890 on commuting
• Telework Revolution: If all Telework Week 2012 pledges teleworked two days a week for one year, they would collectively save: $282,594,515 or $3,962 individually
• Growing Benefits: 71% of Telework Week 2012’s participating organizations saw improved productivity (up from 60% in 2011), and 71% saw increased continuity of operations (up from 52% in 2011)
• Telework Gets Smoother: Just one in five organizations encountered challenges – such as technical issues – during Telework Week 2012, versus nearly one in three during Telework Week 2011

Asked whether their management team was more open to and encouraging of telework this year than last year, 62% said they were, up a bit from last year’s 60%. The report says that may be because companies are getting better at proving the ROI of telework efforts, using metrics such as employee productivity, reduction in commuting time and costs, real estate cost savings, employee satisfaction, employee retention and energy savings.

For years Carousel has been helping our clients realize the benefits of teleworking through data networking solutions, VoIP infrastructure and Unified Communications solutions.  So it came as no surprise to us that organizations are truly beginning to realize the tremendous upside that teleworking can provide in the right situations.

GSA Proves Value of Telework

The report includes case studies on a few of the event participants, most of which were government agencies. The GSA, for example, had almost 8,000 staffers participating, about 65% of the agency – pretty impressive. Of those, 93% said they and their teams were as productive or more productive than normal and 97% said the experience was positive overall. In total, GSA saved 273,000 miles in commuting during the week.

The report doesn’t say how much time those commuting figures translate to. Just for kicks, let’s say it comes out to one minute per mile, a conservative estimate. That translates to 4,550 hours.  That means each of the employees effectively got more than 30 minutes of extra free time for the week, and many of them probably a lot more.

Creating an Effective Telework Plan

Asked what they believe is most important to a successful telework effort, the participants gave responses such as:

• “Good communication infrastructure and good IT support.”
• “A definitive plan, two-way communications, and management involvement in the planning process.”
• “Collaborative tools like workgroup chat rooms, desktop video meetings, and online presence indicators.”
• “Transparency and accountability.”
• “Ensuring connectivity to our Intranet and other internal networks.”
• “A good working relationship with staff, clear expectations, and measurable work.”
• “Leadership support.”

Only 21% of the participants reported having any challenges during the week, down from 32% last year. Most of those challenges (61%) were technical in nature while others were trust issues (11%) and communication issues (10%).  That’s an indicator that, for the most part, IT is doing a good job in delivering the kinds of technology that makes telecommuting possible, most notably VPNs.

Increasingly, though, other technologies are going to enter the telecommuting mix, such as desktop virtualization, which can give workers access to the exact same desktop remotely as they have in the office. Unified communications technology will also play a role – and will help address those communication issues by ensuring workers can keep in touch with one another no matter where they may be. (Check out our previous post for how to achieve a successful UC implementation.)  And, as we’ve reported previously, it’s also important to keep in mind not all remote workers have the same requirements, so you’ve got to classify each type of worker and give them the support they need.

If you need additional help getting your telework plan together, contact Carousel. Clearly there’s a movement afoot here – don’t miss out on it.

Outlining the PCI-DSS Requirements

First let’s take a quick look at what the PCI-DSS requirements are. The standard outlines six general goals and a total of 12 requirements, as noted in a white paper from Carousel’s partner Aruba Neworks:

Meeting the Wireless Requirements Manually

With respect to wireless, meeting those requirements means you have to assemble a report each quarter that shows you’re taking steps such as monitoring for rogue wireless access points, which gets at requirements 10 and 11.

Doing that manually means taking a laptop or some sort wireless sniffer and walking around all of your locations to scan for rogue APs, Williams says. “If you find any, you have to determine whether they are allowed. If not, you have to find them, unplug them or somehow kick them off the network,” he says. “If it’s someone with an ad hoc rogue AP sitting in the parking lot, trying to pretend they’re part of the store network, you have to remediate that.”

Clearly, that’s a time-consuming, manual process. “I’m working on a project with a retail customer now that has about 200 sites,” Williams says. “The projected cost was $250,000 per quarter to have someone physically scan each store.”

Streamlining with Automated, Centralized Management Tools

The alternative is to put in place a centralized management tool to automate the process. Most wireless APs today have rogue containment systems, he says. When the AP’s aren’t busy serving clients, they can go off-channel and scan for rogue APs.

The trick lies in collecting data from all those APs to prove they found and remediated any rogue APs. That’s where a tool like the Aruba Networks AirWave Wireless Management Suite comes in. The suite features a centralized console that customers can use to collect all the relevant data from the remote APs that they need to prove PCI compliance. “You can set it up to run a quarterly report and you’re done,” Williams says. “You don’t have to worry about it ever again, at least until PCI requirements change.”

That’s the solution that the Carousel customer with 200 sites wound up going with. “A wireless solution for every store with AirWave was an entry cost of $800,000,” he said. Given it would have cost the customer $1 million per year to scan the stores manually, the ROI was less than a year.

To learn more about wireless PCI requirements and how your company can more easily get and stay in compliance, contact Carousel.

SIP, as we’ve covered before, is a signaling protocol that handles call setup, tear down andsession management for a variety of call types, including voice and video but also extending to applications that may play into a call center environment, such as interactive voice response and recording systems. SIP also provides the basis for many other useful features, including some innovative trunking capabilities and presence technology. In the contact center, SIP plays at least three important roles, says Zach Shankle, Director of Call Center Services for Carousel Industries.

SIP Trunking Saves Contact Centers Money, Eases Disaster Recovery

“The thing we see most is people going to SIP trunks,” Shankle says. SIP trunks are an alternative to the T-1s or PRI links that companies traditionally used to connect their call centers to the carrier network, and they provide some important benefits. First, SIP trunks can be used to terminate direct inward dial (DID) lines from anywhere, so all calls can be treated as local calls. And the trunks are essentially delivered as a single pool of capacity that you can divide up among different applications as you see fit, rather than dedicating separate channels of a T-1 to various resources.

In a disaster scenario, SIP also gives companies the ability to quickly redirect their inbound numbers to an alternate site. With traditional trunks, it may take hours to redirect your inbound numbers, Shankle says. “In the SIP model, you just flip a switch and can redirect your numbers, including the local DID numbers,” he says.

What’s more, unlike T-1s or PRI trunks, with SIP trunks companies can “burst” above their normally assigned amount of bandwidth as needed. This is great for companies with seasonal demands, such as retailers, Shankle says. Instead of having to pay for lots of bandwidth that they rarely use, they can pay for what they normally use and burst above it during periods of peak demands, paying only for actual additional usage.

Improve Contact Center Call Control with SIP

SIP can also play an important behind the scenes role in helping to make sure contact center applications can seamlessly communicate with one another and that calls are never dropped. Typically, when a call comes in the phone switch handles it initially. If the caller wants to use the IVR, the call is handed off and call control gets passed to the IVR. Or perhaps it’s passed to a computer-telephony integration (CTI) app to gather some information. Again, call control is passed to the CTI app. At some point, the call likely has to go back to the phone switch, such as to pass the call to an agent; again call control gets handed off. All that creates a lot of traffic back and forth across the network and if anything goes wrong at any step – such as the IVR or CTI app being unavailable – the call gets dropped.

Dig Deeper: Download the free whitepaper: Moving to an SIP-enabled architecture

With SIP, call control remains with the VOIP call control manager, let’s say the Avaya Communication Manager. When it needs an additional resource, SIP essentially sends an invitation to that resource to join the call; but call control remains with Communication Manager. “That’s a much smoother process and we never lose call control or risk disconnecting,” Shankle says. “If the IVR doesn’t respond, we move on to the next step and we never lose the call.”

SIP Enables Presence Capabilities in Contact Centers

Another feature that is becoming increasingly important in contact centers is presence, which enables agents to see the status of other agents at a glance – on the phone, available, at lunch and so on. That capability is driven using the SIP protocol, he says, noting it works whether the agents are in the same room or in their own homes, unable to see each other. The capability helps agents get questions answered quickly, such as by sending an instant message to an appropriate expert and reporting the answer back to the caller – without having to transfer the call. For more complex matters that do require a transfer, the original agent can find another that is available and perhaps even conference the new agent in before transferring, so the caller isn’t put on hold. “It makes for faster customer service,” Shankle says.

To learn more about SIP, download our FREE whitepaper – Moving to an SIP-Enabled Architecture, or contact Carousel today to speak with one of our contact center experts.

At Carousel we get a lot of questions from customers about the BYOD (bring your own device) trend.  One topic that comes up over and over is how to securely enable employees to interact with the corporate network from any device while allowing them to be as productive as possible.  In this regard, Virtual Desktop, or VDI, is a powerful solution – albeit one that is part of a  comprehensive, holistic solution and does not exist in a vacuum.  We had a chance to catch up with Phil Magnuszewski, the Director of Cloud and Virtualization Solutions at Carousel, to discuss how VDI empowers mobile workers that now utilize multiple devices, and how VDI relates to other components of a comprehensive BYOD and mobility strategy.

Enabling Multiple Virtual Desktop Endpoints Per User

As we’ve discussed on this blog in the past, deploying VDI for users is a project that must be well planned for and effectively executed.  We won’t go into too much detail here, but defining “desktop use cases” for employees is a critical first step in order to determine which users will be transitioned to Virtual Desktops and in what order.  It is also important to define and deploy the necessary enhancements to the network infrastructure required to support the increased load generated by VDI.

++++++++++++++++++++++++++++++++++

Dig Deeper:  Download the Free Whitepaper – 3 Keys to a Successful Virtual Desktop Deployment

++++++++++++++++++++++++++++++++++

Once this is completed and your virtual desktop infrastructure is in place, you will be ready to capitalize on one of the great benefits of VDI – extending it to mobile BYOD devices like tablets and smartphones.   Magnuszewski says, “This is the easy part.  Users can download a VMware or Citrix app from the Apple App Store or the Android Marketplace and install it in minutes.  Configuring the back end with server details is straightforward and when complete the apps will connect with a secure SSL connection and users are up and running.”  According to Magnuszewski, “Upon accessing the network with their mobile device, users will be presented with the exact work environment they would see on their desktop computer in the office.  No need to learn new navigation, install apps, or get up to speed on new operating environments.  There is no more effective way to get users up and productive on their mobile devices.”

Virtual Desktops:  A Key Component of a Holistic Solution for BYOD

While VDI is an ideal solution for enabling employees to effectively utilize their mobile device on the network, a BYOD and mobility strategy should be thought of in a holistic manner in which VDI is one important piece.  In order to plan effectively from a wider, systems perspective, other components of a holistic solution include:

Mobile Device Management (MDM)

In order to maximize network security, especially in a BYOD environment, smartphones and tablets should be configured with software and settings (independent of VDI) to reflect the corporate security policy and that’s where Mobile Device Management comes into play.

Modern smartphones and tablets come with the capacity to remotely deploy security layers and connections on employee devices without having to possess or own the technology.  This provides companies with a unique opportunity to on-board their employees, install all necessary technology and authentication and integrate corporate policy directly onto the device remotely and confidently.

++++++++++++++++++++++++++++++++++

Best Practices for Smartphone and Tablet Security.  Read the Free Whitepaper Now!

++++++++++++++++++++++++++++++++++

When a network user attempts to connect a new smartphone or tablet to the network for the first time, the system will recognize the device and user and redirect the device to download and install all necessary security protocols and applications the corporation has defined.  This includes things like mandatory passwords, sleep settings, unsuccessful login protocols, mobile VPNs, VDI apps, etc.  Another benefit of this on-boarding process is it allows the company to push training and policy information to the end user as their devices are configured.  This security layer is independent of the VDI solution that allows the user to access their work environment and be as productive as possible while ensuring that their mobile devices are adhering to corporate security and access policies.

Mobile Device Access Control

The next layer of network control related to consumer devices allows for more refined, centralized administrative and content-related management of all network users and devices.  Referred to as Mobile Device Access Control, these solutions provide insight into which user, using which device at what location is accessing what applications on the network.  This technology allows the IT team to define rules and access control around each of these potential variables.  For example, “User A accessing the network from Branch office X on his tablet is provided with Internet access and these five network resources and applications, but these websites are restricted, and these three applications cannot be accessed by a tablet.”

This level of granularity provides the IT team with the control necessary to minimize exposure and the capability to manage consumer devices with the same level of confidence they were used to when every device was owned by the company and connecting via ethernet.

Wireless Network Infrastructure

The BYOD trend continues to stress wireless networks in businesses.  With the additional burden of multiple devices per user, VDI support for those devices, VoIP, Video and streaming media, it is important to take the time to assess the capacity of your wireless network infrastructure and plan for growth.

By thinking about a mobility and BYOD strategy in a holistic, systems-wide manner businesses can not only enable employees to be as productive as possible on multiple devices via Virtual Desktop Infrastructure, but ensure the security of the network and provide for business continuity with Mobile Device Management and Mobile Device Access Controls.  To discuss your mobility and BYOD plans in more detail with our experts, contact Carousel today.

This month we’ve got four stories that neatly sum up the challenges IT security professionals face in their attempts to protect corporate data. They include a mix of breaches caused by human error, a lack of encryption, and some cleverly disguised malware.

Two States Suffer Medicaid-related Security Breaches

This headline from an InformationWeek story pretty much says it all: “2 Medicaid Data Breaches, 1 Weak Link: Employees.” Here’s the story of the latest Medicaid-related breach:

The South Carolina Department of Health and Human Services (SCDHHS) discovered on April 10 that an employee of the state’s Medicaid program had transferred personal information of 228,435 Medicaid beneficiaries to his personal email account.

After the department detected the transfers, it contacted the state law enforcement agency. The employee was terminated, and the affected individuals were notified of the security breach.

This occurred shortly after a similar breach in Utah:

A new tally of files stored on a server that contained Medicaid information at the Utah Department of Technology Services (DTS) reveals that 780,000 individuals have been affected by the theft of sensitive information. That’s far worse than initial estimates.

The data breach occurred on March 30, when a configuration error occurred at the password authentication level, allowing the hacker, located in Eastern Europe, to circumvent DTS’s security system.

In the Utah case, the problem was a test server with a weak password was put into production with no change to the password, which was a violation of policy. Probably that was simply an error, not a malicious act, as in the South Carolina case. But both stories point to the hard truth that humans are indeed the weakest link when it comes to security.

Nearly Half of all Mass. Residents had Personal Info Lost or Stolen

Massachusetts was also in the news in April, after the state’s Office of Consumer Affairs and Business Regulation issued a report stating that nearly half of the state’s residents had personal information lost or stolen over the past four years during one of about 1,800 data breaches. As The Boston Globe reports:

The report, the first of its kind in Massachusetts, found the financial services industry reported the greatest number of breaches over the last four years, with 955 incidents that exposed the data of 901,156 people. The vast majority of these breaches, however, involved credit card transactions that occurred at retail establishments. The financial services institutions then reported the incidents to state officials. The health care industry, meanwhile, had 214 breaches, but they exposed more people – about 983,746. That included the loss of more than 800,000 patient records at South Shore Hospital in Weymouth in 2010.

That one strikes close to home, as one of our Carousel Connect editors was born at South Shore Hospital, although probably long enough ago that he doesn’t have much to worry about.

One of the big reasons for all this data loss is a lack of encryption. As the Globe reports:

Of the 365 devices reported lost or stolen over the past four years, only 13 were encrypted, the state said.

“It’s taking businesses and institutions longer than we’d hope to encrypt these devices. That would certainly cut back enormously on the number of breaches where consumers data is more vulnerable,’’ said Barbara Anthony, the state’s consumer affairs and business regulation undersecretary. “Businesses, institutions, and others need to do a better job protecting the information of individuals. There is still a lot of work to be done.’’

Hard to argue with that.

Upstate NY Hotel Suffers Prolonged Breach from Foreign Hackers

This story, from the Desmond Hotel and Conference Center in upstate New York, has all the elements of the worst kind of security breach: a well-hidden piece of malware collects credit card data over a long period of time, and sends it to a perpetrator in another country.. As the Albany Times Union reports:

In an online letter to customers, operators of the 323-room hotel said the names, credit and debit card numbers and expiration dates, and other data been exposed between May 21, 2011 and March 10 of this year in what the hotel called a “serious data security breach.”

Debit card PIN numbers are not believed to have been affected, the hotel said.

While the U.S. Secret Service and a private firm continue to probe how the breach occurred, hotel General Manager John D’Adamo said the hack — like many cyber attacks — is believed to have come from a foreign country.

D’Adamo said The Desmond was tipped to the problem when Secret Service agents showed up in early March saying they were receiving fraud complaints from banks on accounts that seemed to trace back to the prominent hotel.

It’s likely not going to be a good day when the Secret Service shows up at your door talking about fraud. But in this case the hotel was warned months earlier by a customer who reported a charge from China on the card he had used shortly before at the Desmond – a card he rarely used. He got word back from a hotel official denying any culpability.

While there’s no telling how thoroughly the hotel investigated the customer’s complaint, it is true that such malware can be tough to find. As Professor Bulent Yener, director of Rensselaer Polytechnic Institute‘s Data Science Research Center, tells the Times Union:

Some of the attacks are so insidious, using what are known as rootkits, Yener said, that they take complete control of a computer and make it appear as though the security systems are working when they have long since been co-opted.

This story, and the Chinese connection, harkens back to last month’s Security Breach Report, which quoted Richard Clarke, a former terrorism, cybersecurity and cyberterrorism advisor for the White House, as saying, “Every major company in the United States has already been penetrated by China.”

And perhaps some not-so-major companies.

Carousel Industries partner Riverbed Technology has changed that equation, as we cover in this information packed podcast with Joe Ghory, senior product manager at Riverbed. His company recently partnered with Akamai, the Web acceleration company, to offer an acceleration solution targeted at companies that use SaaS providers.

WAN Optimization – an Overview

WAN optimization technology improves performance in a number of different ways, Ghory says. First, it gets rid of lots of duplicate data. Riverbed’s Steelhead appliances, for example, can recognize patterns that it has seen before, such as a company logo. Instead of transmitting the logo across the wide-area, it sends only a 16-byte reference to it and the logo is then taken out of a local cache at the destination end. The technology also performs protocol manipulation to reduce the number of handshakes that a protocol such as TCP/IP typically requires, which can hinder performance over long distances. Taken together, these techniques enable LAN-like performance over wide-area networks, improving application performance from 5 times to 100 times while reducing bandwidth requirements by as much as 99%.

The SaaS and Hybrid Cloud WAN Optimization Challenge

To do all that, customers need to have a Steelhead appliance at each of their locations. That’s where companies often run into a stumbling block when they employ SaaS applications or other forms of hybrid cloud offerings. “As you move to a third party vendor, what you trade for costs savings is they may offer a little less control,” Ghory says. “One thing that’ll be most immediately noticeable is control on a performance level. You have to think of end user performance. It it’s not as good as what they’re experiencing currently, your entire project is at risk of failure.”

The distance between the SaaS provider and the end user will “absolutely” affect performance, he notes. But the opportunity to put in something like a Steelhead appliance is probably going to be limited. “They want to offer a turnkey solution,” Ghory says. “So you’re limited by both geography and accessibility and both can wreak havoc on performance.”

A WAN Optimization Solution for the Cloud

To address the issue, Riverbed has partnered with Akamai to offer Steelhead Cloud Accelerator, an optimization solution that works to improve the performance of three big SaaS providers: Salesforce.com, Microsoft Office 365 and Google Apps. Customers order the service online, priced on a per-user basis like most SaaS applications. They then upgrade the code on their existing Steelhead appliances and enter the URL of the SaaS provider. At that point, “we install a Steelhead Cloud Accelerator right at the edge, in the Akamai network, mere milliseconds away from the SaaS provider so that from that point you can offer end-to-end optimization that would otherwise be impossible,” Ghory says.

For most people, access to SaaS providers means connecting via the public Internet. With the Riverbed offering, you’re instead connecting via the Akamai network, which provides far greater availability, security and performance. And customers will also realize all the usual Steelhead benefits, including LAN-like performance and up to 99% bandwidth savings.

To learn more about Steelhead Cloud Accelerator, check out our full conversation with Joe Ghory. For details on how to make this solution a reality inside your company, contact Carousel today.

Server Virtualization Rolls On

Then as now, server virtualization is still a big one. But as we noted in a recent post based on a conversation with Phil Magnuszewski, director of data center technologies at Carousel Industries, it’s not just big companies virtualizing their servers any more. Now small and medium size businesses are getting in on the savings virtualization brings. What’s more, big companies are diving deeper into the technology, virtualizing even mission critical applications, Magnuszewski says. It all adds up to a net decrease in the number of physical servers, which means less demand for power to operate and cool them.  For example, download this free Server Virtualization White Paper to learn how Carousel went from 100 servers down to 5 via server virtualization.

Increase Energy Efficiency with the Cloud

Virtualization, of course, is a key underpinning of cloud technology, which is another driver for increased IT energy efficiency. As we reported in a post last fall:

A report released this week by Pike Research, “Cloud Computing Energy Efficiency,” predicts that because of the shift to cloud computing, data center power consumption will decrease by 31 percent between 2010 and 2020.

There are a number of reasons for that savings, one being that cloud environments generally have a higher utilization rate than traditional data centers.  Here’s another reason from our previous post:

Cloud service providers are closely focused on energy efficiency as a matter of operating sustainability, not just because it happens to be a green thing to do. Increasingly, the largest of those providers including Google and Facebook, are sharing their tips and best practices for power reduction in the data center.

CFD Modeling Increases Cooling Efficiency

As we noted in that original post on Green IT tips, air conditioning generally accounts for a third to a half of the power demands of a data center. Given that, anything you can do to reduce the demand for air conditioning will result in a greener IT profile, not to mention real savings. As we covered in a previous post, one way companies are doing that today is using computational fluid dynamics to map air flows in their data centers. The idea is to learn how the air is flowing throughout the data center and change variables to see if you can come up with a more efficient flow. Typically, CFD experts can find ways to increase efficiency, sometimes dramatically so and often at relatively low cost, such as by adding blanking panels in racks to close up spaces where cool air escapes.

++++++++++++++++++++++++++++++++++++++++++

Dig Deeper: Download the Free Whitepaper- 6 Keys to Energy Savings in Your Data Center

++++++++++++++++++++++++++++++++++++++++++

Update Equipment for Energy Savings

IT equipment makers are also on the green bandwagon, of course, and are continually coming out with more energy efficient gear. The folks at Gartner offered a number of areas where IT can save money by updating equipment, as we reported previously. They include new servers that use more flash memory, which not only perform better but put out less heat – so they require less power to cool. And as we reported in that previous post:

There’s also a trend emerging toward “extreme low-energy servers” that use the collective power of thousands of tiny processors, the kind found in mobile devices. David Clearly, a Gartner VP and Fellow, put these sorts of servers on his list of top 10 strategic technology trends for 2012, saying they’ll be useful for fairly static processing loads, such as serving web pages, while using far less energy than traditional servers.

Likewise, newer UPSs are far more energy efficient than their predecessors, with a 99% energy efficiency rating as compared to older models that are often in the 80% to 92% range. Another idea: instead of installing KVMs on each server rack, each drawing electricity, set one up on a rolling cart so you can just push it to wherever you need it – and unplug it when you don’t.

Those are some of our latest ideas for a greener IT environment, but we’d love to hear yours. Feel free to offer some up in the comments below.  Seriously, we’re getting lonely here!

These definitions are known as “use cases,” meaning a common set of functional requirements for a given set of users. Whether it’s contact center agents or sales people, each group within a company has certain software that they use, including operating systems and applications, along with hardware requirements, from desktops and laptops to tablets, printers and input devices such as smart card readers.

The idea is to capture what these folks do on a routine basis and make sure all the features and functions they need are encapsulated in the virtual desktop infrastructure environment. Common uses cases include contact center, sales, field reps, marketing, executives, offshore contractors, administrative and finance. Each will require a different set of applications and, in some cases, hardware.

When defining the use case, you need to consider not only the user’s role in the organization but the location in which they work, which could be in an office, at home, on the road or some combination. You’ll need to ensure that all users are able to access the VDI environment with sound performance from wherever they may be.

Also consider the types of applications they use and how often they use them, which will help determine how much bandwidth and processing power you need and may also affect software licensing. If some groups use custom applications, that has to be accounted for.

This exercise should help you determine which applications are candidates for desktop or application virtualization and which are not. At the same time, you’ll have a head start on an inventory of required end user equipment, storage, bandwidth and high-level architectural requirements.

To learn more about how to plan for a VDI deployment, contact Carousel to have one our experts help out.

Carousel has long been a partner with Polycom, implementing its audio and videoconferencing systems for our customers. So it was gratifying to be recognized as System Integrator of the Year in North America at Polycom’s TEAM Polycom Partner Awards in Orlando earlier this month.   Carousel has also been named a Platinum Level Polycom Choice Partner, a designation that shows we’ve made the investments in technical expertise and go-to-market capabilities required to address the complex needs of today’s UC customers.

Dan Hofferty, Carousel’s national sales director for visual communications, is at the front lines of some of the most exciting work we’re doing with Polycom – meaning enterprise video solutions. Fresh from the TEAM Polycom event and the new partner designation, we thought this would be a good time to catch up with Hofferty to get his thoughts on the most important trends he’s seeing in the video communications space.

Video is Coming to a Tablet Near You

“Mobility is still a big piece of the video puzzle,” Hofferty says, and in one area in particular: tablets. He calls it the “bring your own tablet” movement, with more and more end users looking to do video on their tablets. Video system makers like Polycom are planning for it but it requires more than simply a client for the tablet, Hofferty says.

“If users are outside the corporate network, how does that affect their ability to call into the conference room inside the corporate network?” he says. “There’s some planning involved there.”

Specifically, you need some sort of gatekeeper registration system, like the Polycom Converged Management Application (CMA), which provides a simple dialing plan, among other features. You also need firewall traversals built in, so users can dial in from wherever they may be so long as they’re registered with the gatekeeper.

Adding Video to Unified Communications

Another big trend Hofferty sees is integrating video with unified communications implementations, which is a topic we’ve touched on previously.

“You’ve got users on Microsoft Lync, IBM Sametime and the like so you need the ability to integrate those and be able to do video calls from different platforms,” he says. “And you need to provide a consistent user experience among all the platforms, so you don’t have to worry about what device the user is on, which presence system they’re using and so on.”

Managed Services Offer Help for Integrating Video

Given all the rapid change taking place, managed services are playing a large role in helping customers keep up, Hofferty says. “It’s something companies are looking for, having integrators help them manage and monitor their equipment, and provide them metrics on uptime, packet loss, latency and jitter,” he says. “More and more companies are relying on experts to monitor the equipment so if the settings on a device change or a projector has a lamp light that’s starting to fade, it never becomes an issue that negatively impacts the business.”

Such managed services provide a proactive approach to maintenance, he says. Integrators can also offer some hand-holding if required. If someone walks into a video conferencing room but doesn’t know how to use the equipment, there’s a number to call for help, like a video concierge service.

“Video is expanding so rapidly, and it has finally reached a tipping point in the enterprise. Business people literally want video at their fingertips,” Hofferty says, noting Polycom recently released a client for the iPhone 4S. “And it has to be as easy as making a cell phone call.”

If you need help getting your video house in order, you can’t do much better than contacting http://www.carouselindustries.com/contact”>Polycom’s System Integrator of the Year: Carousel.

To properly protect themselves in this environment, companies have to adjust their thinking when it comes to security. Listen to the whole discussion in this information packed podcast.

Mind Your Apps – Application-Layer Security Becoming Critical

“The main shift, and the place where people have to pay the most attention, is this issue ofapplication layer security,” Flynn says. Bad guys know that most companies have the bases covered when it comes to the basics like firewalls, VPNs, antivirus and antispam, intrusion detection. So they’re going after the application layer, where far fewer companies are putting up a good defense.

When it comes to application layer security, control is critical, he says. You have to look at what applications and behaviors you do want to allow, and which you don’t. “The question really becomes one of developing a good policy and having the tools to enforce that policy,” Flynn says.

Those tools include good analytics, so you can benchmark what constitutes appropriate behavior for a given user or set of users, or a given type of information flow, and then recognize traffic or behavior that is outside the norm. For example, it may be perfectly normal to see lots of traffic coming out of your accounts receivable server between 9 a.m. and 5 p.m. on a weekday, but highly unusual at 3 a.m. on a Saturday.

Providing Security for the Mobile User

Another challenge with respect to security today is the increase in number of mobile users and the whole bring your own device movement. With respect to BYOD, Flynn says to focus on a couple of areas, one being strong authentication, so you know who is connecting no matter what device they may be using. Another is to provide encryption for data in transit, such as by using VPNs.

It’s also critical that security functions such as application control be utilized in BYOD environments as mobile users will be accessing applications from multiple types of devices and potentially in unique ways depending on the type of device.

Finally, it is important to provide such protection right at the network border, he notes and that these types of controls (along with other UTM functionality such as web filtering, spam control and data leak protection, etc.) be utilized at the wireless access point.

Protecting What’s Inside the Perimeter

Enterprises have long been characterized as having a hard outer shell and a soft, squishy middle when it comes to security, like an M&M. That is a dangerous position to be in today, when so many security professionals say you have to pretty much assume your perimeter will eventually be compromised.

“So you have to look at the priorities of your internal information. What is the thing that needs to be most protected?” Flynn says. “And in the LAN, what kind of traffic needs to be inspected, what kind of controls need to be placed on it.”

Companies need tools such as data leak prevention that can identify when certain predefined types of information – perhaps credit card numbers – are leaving the enterprise then they shouldn’t be.

Analytics again come into play when it comes to protecting the corporate crown jewels, so you can identify activity that is outside the norm.

To learn more about the top security challenges companies are facing, and how the concept of unified threat management helps address them, listen to our podcast with Kevin Flynn.