In this podcast we discuss the impact that mobile is having on the retail industry and how retailers are managing to keep up with the pace of change.

Matt Wilkins is the ex- Google Global Integration Lead. Matt was responsible for the full integration of new global mergers and acquisitions in EMEA, APAC and the Americas (he held this role for seven years).

His current role is Senior Vice President of Product and Engineering, for RetailMeNot (the world's largest marketplace for digital coupon offers) and its UK subsidiary Vouchercodes.co.uk(the UK’s largest online coupon site).

VoucherCodes.co.uk is the largest voucher code marketplace in the industry, operating with a team of specialised retail and leisure partner managers who act as advisors on best practice, managing marketing spend and consumer trends. More than 7.5 million consumers subscribe to VoucherCodes.co.uk, enabling retailers to access new consumer segments, which in turn ensures consumers receive the best, exclusive offers.

Before we got onto the subject of mobile technologies in retail, I first asked Matt about what it was like working for a Tech Giant like Google. 

For more podcasts visit: http://www.itproportal.com/podcasts

For more podcasts visit: http://www.itproportal.com/podcasts

For more podcasts visit: http://www.itproportal.com/podcasts

To tell us more about the outcomes of Project Sunblock research and discuss the challenges facing the online advertising industry is Duncan Trigg, CEO of Project Sunblock.

There are significant dangers, not to mention costs to brands who wake up to find their brand sitting next to something wholly inappropriate. In this podcast we outline, the scale of the problem, the implications and what the online advertising industry needs to do to adddress them.

Duncan gives his view based on Project Sunblock research on how the online advertising industry can get through the current growing pains to offer marketers a safe, regulated and transparent solution. This all comes of course on the back of the recent announcement that Google and Microsoft agreed measures to block explicit content online.

Considering using online advertising for your brand? Nervous about where your campaign might show up online? Duncan Trigg, CEO of Project Sunblock talks you through the things to watch out for.

For more related podcasts visit: http://www.itproportal.com/podcasts

Christopher Stancombe has succeeded Hubert Giraud as CEO of the BPO – the Business Process Outsourcing Strategic Business Unit at Capgemini. So what does it take to step into a role like this within such a large organisation and how do you go about setting out your own vision when taking over the top role in a company with some interesting challenges.

Christopher Stancombe, the new CEO of the BPO Unit in Capgemini gives us an insightful talk on what he thinks makes a good CEO, the challenges of a mulit-national company and advice for anyone wishing to make similar career moves including tips on what to do when you get there!

For more related podcasts visit: http://www.itproportal.com/podcasts

On the podcast to discuss the significance of this is Gilad Meiri, CEO of Neura.  He recently released a whitepaper entitled “The Internet of Things – Where is the Inflection point” Gilad believes that this latest acquisition is an indication that big players in the industry are all ready to jump onto the Internet of Things bandwagon and release it's potential.

His words come with a warning however as you'll hear him inferring that Google’s move to acquire Nest is more about data gathering than anything else and that we should all be concerned about how this data is to be used in the future.

He finished by giving us an insight into Neura, a company also creating "Internet of Things" products and explains how their offerings fit into the current marketplace.

For more podcasts and related articles visit: http://www.itproportal.com/podcasts

Greg Day, VP and CTO of FireEye explains the background behind the FireEye Inc. company, their operating system and the security concerns their latest release hopes to address.

In this insightful conversation Greg explains how they go about integrating their systems into those of their clients.

Knowing where attacks are coming from and how they are involving is a key part of providing security solutions and Greg Day explains their understanding of threat sources and the methods they emply to stay ahead of the game to provide their clients with the adequate protection.

Traditional signature based defence systems are old and have their drawbacks, here we find out how systems like FireEye get around this problem and how the impact of the huge raft of changes in the security industry has formed their current offerings.

 For more related podcasts visit http://www.itproportal.com/podcasts

For more related podcasts visit http://www.itproportal.com/podcast

Let’s go back in time first Darren to 75 years ago and a guy called Chester Carlson.

This year marks the 75th anniversary of Chester Carlson founding Xerox. Chester Carlson began with what at the time, was a ground-breaking piece of innovation called the photocopier. Xerox today though is a global organisation working across a vast range of products and innovations.

Obviously that changed the face of how businesses could work, they then had the ability to duplicate information on paper without the need for costly printing presses. What the equivalent is in 2014? What has been just as important to businesses over recent times as the photocopier was then?

{MPU Placeholder

Chester Carlson's aim 75 years ago was to create innovations that “make office work a little more productive and a little less tedious.” It is interesting to note that although there has been dramatic change over those 75 years, the developments of the last 5 years to the way we work have been quite profound. I think the most exciting change is the one that we are about to go into now, the age of mobility. Agility driven by innovations and technologies are fundamentally changing the way people think about work at its core.

What IT trends do you think organizations should be most concerned about as we head through 2014?

Well "Bring your Own Device" is just one dimension of it, but actually if you get up a little level from there the type of conversation that we have been having with our clients for a while now is actually around the nature of work. They are asking questions like: "What is the office of the future going to look like?" "How would we define the office of the future?" Very quickly you start to change that conversation into how is work going to get done. 

"Work is not a place any more it is a thing we do," are the sort of quotes that we are starting to hear now so the nature of work is changing. Having the physical location of an office as a fixed place that you come to every day to do your work is changing and now we are driving the four main topics that organizations have been talking to us about.

The first is that we need to be more mobile. That is not just about allowing people to work at home but about being a mobile organisation that can be at our clients office, it can be on the road, it can be in a central place where they operate or it could be at home. We need to be more mobile as an organisation within our systems, processes and infrastructure. Likewise, there is a recognition now that change is happening at such a pace that we are having to rebuild our systems to be agile. Breaking those systems down into components and rebuilding them with that agile mindset at the core as opposed to creating the legacy that we know in 5 years time might not be fit for purpose. 

If you want to be more mobile and agile, security becomes a much more important thing. Mobility and agility create potentially more risks to the information that we have in your business. Therefore security is becoming higher up on the agenda in the conversations that we have had. We have gone from a world where we have been striving and grappling with getting information and data to where honestly, now we have got more information than we know what to do with. The challenge of the future is how we inject the right information but get it at the right time and place to enable our people to do their job. Mobility, agility, security and information at the right time and place are the four huge drivers as we go forward and build the businesses of the future.

Obviously over the recent years we have had huge changes within the way that organizations manage their IT, the use of Cloud, Internet of Things and BYOD of course. Do you see that the change in recent years has actually taught us a lot about how we are developing technology going into the future and has that changed how people like Xerox design technology?

Yes definitely, we have been focused on innovation for a long time ever since Chester Carlson 75 years ago and we pride ourselves in being a company that really has innovated and created some great things.

We spend a lot of time in sessions with clients running client advisory councils  to understand what it is that we need to be innovating to make, and I go back to Chester Carlson’s quote; “ife a little bit easier in the world of the future.”

Cloud allows you to now deploy things in a completely different way with an agility that just wasn’t there five years ago. But probably the biggest thing in the last 24 months I think has been the acceptance of Cloud and actually the tablet to drive a more mobile workplace to look at how work is getting done.

If I am honest many IT systems are behind now and we need to catch up in the creation of the infrastructure that allows the workers of today to do their job in a different way. We have done a lot of work in Xerox on some of things that we think need our attention if we want to unlock this world of the future.

There are a lot companies looking into the future but we believe there is an area that people have not paid enough attention to and actually that is the role of paper. It sounds a bit simplistic I know but if we had considered paper or print as an IT asset for the last 10 years we would be seeing our world very differently now. If you think about paper, what it does very effectively is move information around your organisation. It advances processes, it actually works in the same way that other IT assets have except that it has now been thought of as an IT asset and therefore it has been separated and kept on the side. Our view is actually forensically understanding the role that paper has in our business as one of the keys to unlocking the mobile, agile, secure and information rich organization of the future.

We clearly from the world that Xerox has been operating in, think that there is not another organization in the world that knows more about the role of paper in business than our organization. We have been developing and innovating for at least the last 10 – 12 years in the digital document area and in the digital space to look at how we can help organizations to understand and then manage paper out of their business.

If you want to be mobile, but your processes are run by paper then it will require you to come into the office to sign documents. That is simply not going to work. If you really want to get the right information, at the right time, to the right place it is impossible to lift up that filing cabinet full of that wonderful information that is on paper and get it to go to work for you. There is a lot of opportunity in business now to change the way work gets done and part of that is going to be around understanding and then changing the role of paper in your processes.

You raise an interesting point because probably for the last 20 years organizations have been talking about the paperless office but in fact a lot of reports seem to suggest that actually more paper is being used now in organizations than ever before, mainly due to concerns around security. Can we ever see a paperless office do you think?

That is a good point paperless, no paper I doubt, paper less less paper yes. There have been some recent disruptive innovations in the world of mobility as I talked about the tablet but it is changing the way people are seeing things. Cloud and our understanding of Cloud and its security credentials is also changing but we will not get to paperless or even less paper, again unless we get to grips with the role paper is playing and I say it again because I think we have got a pretty good job in business in taking structured data and automated process the other sats and the oracles of this world are doing a great job across enterprises big and small around doing that the key though is our businesses are fundamentally run on unstructured data and there is more of it coming because of the information access that we have today. That unstructured data is typically moved around a process or used via paper so unless we get to grips with that and understand it truly we will not realize the opportunity there is by digitalizing that process or the communications strategies that we have and the price is a big one because the opportunity that it presents in improving he way that processes work to drive the mobile, agile, secure work of the future and the ability to get the right information to people when they need it is a big prize worth going for and it is something that we as an organization have actually recreated our offers to organize our self to go and deliver for our clients especially in the enterprise space.

It must be an ongoing conundrum to solve the issues around interfacing paper held data with digital data and managing the resource required sometimes to get one into the other domain is that a big challenge still within businesses at the moment?

It is a huge challenge but with huge opportunities. It is a big challenge because it is difficult to do both. You tend to have to run both processes parallel for a while. The good news though, is that we do for our customers. One of the opportunities that we have is that to be able to change the way that we take our offerings to market so that we can actually make this easier for organizations to do. It is our area of expertise but it’s most likely not theirs, so they should run their business and we should be able to come and add our expertise and value by engaging with them to do that type of thing.  We have now created an approach that has got three pretty defined steps process, assess and optimize the current environment.

We have got some brand new innovation coming in all those areas some that we have launched over the last 6 months and quite a lot coming in the next 6 months which demonstrate how committed we are to be a company that historically people will know as making our money out of print to being now an organization that does systematically drive to bridge the paper and digital world.

Looking at Xerox, your offices and employees and the way that you work within Xerox what are the things that you put in place to make your company run smoother that perhaps some other businesses might be able to learn from?

It is very interesting that you say that because we have had conversations about upping our game and utilizing more and more of the innovation that we are about to bring to market ahead of time partly to showcase it but partly to get our people to really understand its value. In terms of some of the basic things that we have done we have replaced paper in a number of our processes such as our expense process. Now through our technology we put our receipts into device, push an expense button on our piece of technology and it automatically routes that through into the expense work frame avoiding the need to have to physically sign bits of paper to advance the process.

We put controls over the use of paper in the process by monitoring its use and providing data intelligence to show us what has been printed and where. Also which process and application, so that we can provide hot spots of activity where we can get our team together to go and look at what it is that is causing that part of the business or that application to consume so much print of paper.

Would I say that we are using it to its fullest? No. We need to push harder in that area but there are lots and lots of examples of fundamentally changing how processes work and the way and how now we use digital formats to replace what we were doing on paper including most of our demand generation campaigns to our client base where we tend to communicate in a digital format now as opposed to a paper one.

What effect has this had on the employees at Xerox are they generally happier workers because they have the help they get from technology?

Yes, I think they are, one is it has allowed us to redesign our physical place of work so we now, like many other organisations have moved away from a physical desk to a hot desk environment where people can come in and out and have the flexibility to work.

It releases people to go and work with their clients and at home and it changes the way that they work. But, the biggest shift is the way that people bring technology into the work place and manage it; you mentioned Bring your own device. It needs to be managed well, it needs to be managed securely but actually being able to allow people to use devices that they are comfortable with at home into the office environment has been received very well.

Two final questions for your Darren - what are business customers asking you for but more importantly what should they be asking you for?

Our customers are very clearly asking us to help them print less, they have been asking us to take cost out of the printing domain forever and they are asking us to help them change their process, change the way their business works and support them to be an organization less reliant on paper to release the benefits of process automation. We are very clearly being asked to print for less but help organisations print less and we are set up to try and do that.  Interestingly in our channel business our channels are asking us to give them technologies and services that help them approach their clients in terms of printing for less.

Serving the small, medium segment of the market they are very much looking forward and asking for innovation that actually helps them work differently, print less but automate process. We need to be the company that helps businesses big and small bridge the gap between the paper and the digital world to help these organizations work in a more mobile agile and secure rich way.

Richard Jackson, Muzicall founder and VP of Sales is here to tell us more.

For related articles and podcasts visit: http://www.itproportal.com

First of all Richard, for those who might not be familiar with the relationship between Muzicall and RealNetworks, give us the background story?

RealNetworks has been around for many years. Basically if you have ever watched a video on a PC you have used one of their products called Realplayer and they were the inventor of streaming video services for the Internet. An entrepreneur called Robert Glaser founded it and he is still our interim CEO based over in Seattle. They have expanded worldwide into music services, streaming services and part of that remit was the mobile entertainment division, which is where you will find me. We are responsible for music mobile service that we offer through mobile operators. They recently purchased my company called Muzicall back in July here in the UK so Muzicall has been amalgamated into RealNetworks. What we were doing is a very strong focus on ring back tones in Europe and Realnetworks also do that so we compliment each other very well.

Starting with the basics then, explain what a ring back tone is and how you’re able to use it?

The ring back tone is the sound you hear in your ear when you call somebody on a telephone before the call is answered. Typically in this country in the UK it is a “burr burr” sound which is called an ITU ring back tone very technical, very boring and it has been around ever since the telephone was invented to basically tell somebody who is making a phone call that something is happening at the other end rather than just dead silences. What a ring back tone service does, is offer the ability for people to change that “burr burr” sound for anything they want it to be. It is just an audio signal; therefore you can change it to music or to messages or greetings or whatever you want.

We’ll talk in detail about the features of the ‘Listen’ app and how they can be applied to business but primarily what is the target market for this sort of technology?

The market is basically anybody with a mobile phone so this is very much a mobile service, not a landline service. Typically a ring back tone is seen as a personalisation service so it is a way of personalising your mobile phone to another level so as people call you, you can share music that you love with your friends and with your colleagues and with your family. It is a personalization service appealing to the teens - late 20’s market for music but we do have users who are outside of those brackets using it as well.

The worldwide market today is about 4 billion dollars for revenue for mobile operators for ring back tone services but I think that is the tip of the iceberg as to where we have got with it so far. The service has been around for about 10 years so some would say why has it not taken off and I think the reason for that is that what makes it work is quite technical behind the scenes and therefore to make it activate and to switch it on and off is quite difficult. Whereas phones in the past were not very user friendly for those types of services, obviously Smartphones’make the user interface very easy, very intuitive with pictures, colour and everything you want. RealNetworks has come up with a product which basically allows the user to control this service much, much more easily than it the past and we have called it “Listen.”

Well of course we have alluded to the fact that there is more to it than simply paying music instead of tones how about some of the more advanced options that this offers?

It is in a sense like a sort of virtual switchboard. It is an App that allows you to manage your mobile phone’s inbound calls so obviously for people that call you a lot and your family and friends it can be doing certain types of music, for example. For your work colleagues it can be play status messages such as “I am in a meeting” etc and there are other abilities to set up like special holidays so you could set up on St Georges’ day you could play the national anthem , on Valentine’s Day you could play a special message to the person that is close to you and for your family you can put in automatic birthdays so even if you forget your mother’s birthday, when she phones you to tick you off she gets the automatic happy birthday message played to her!

Presumably you don’t want to answer your phone too quickly if you’ve added this customisation service?

You are right the service stops the moment you press the button to connect the call but having been offering ring back tone services for many years here in the UK and across Europe typically the average play time is about 10 seconds. Also most calls go to voicemail after 20 seconds so the typical play time for the ring back tone is 10 seconds in the UK. We have got years of historical data to prove that so as much as you may make a phone call and you start hearing the ring back tone there are sometimes very small delays before the mobile phone you are calling starts to vibrate or ring so typically you have heard 4 rings in your ear before the person answers the phone.

Describe then in a little more detail the process I would go through to sign up to this service and how does it work with my phone to achieve the ring back tone customisations?

Basically you download the App from Google play or the Apple store. The App is free to download and the first thing the App does is starts interrogating the call log on your phone to actually understand who the people are that call you the most. Then it suggests through an intuitive screen of pictures and icons whether you want to set something up for those individuals and it also has an ability to look at the type of music you have within your phone and then suggest and take you to the store front to actually purchase additional music to play to your callers based upon the taste in music that is sitting on the phone.

Once you have got that, there is a widget within that as people call you, their picture pops up on the screen and it clearly shows you what you are playing to them and then you answer the call. There are also lots of features to allow people to select what they want to hear from your service. There is a service called let them choose, let them select and you can actually send messages to your contacts to inform them that you have set up X, Y and Z up for them when they call you. So it is an intuitive, easy to use service.  Typically ring back tones over the years are a service you set up and you usually forget you have got it. What listen does is it constantly reminds you that you have this service so it is easy therefore to personalize and change and adjust what you have set up. Therefore this service becomes a sort of front running service that you are aware is running on your phone on a daily basis.

What sort of controls or freedom does the user have over the audio they can use on those ring back tones?

These pieces of audio are not stored on your phone they are actually stored on the mobile operators network. From a music perspective there are no digital rights that can be infringed because people cannot cannibalise it or re-use it because it is never delivered to the phone. The other angle is that the mobile operators are actually having a serious amount of control over this service as a value added service they can market and sell to their clients. This prevents users from side lining the mobile operators for ring tone revenue. Ring back time revenue has got to go through the mobile operator so therefore it is great opportunity for a mobile operator to partner with RealNetworks to gain revenue for a service that is very much mobile focused.

Obviously this has real appeal has a fashionable gadget for consumer mobile phone users. But how about business applications, is this being used for commercial messaging promotions and those kind of messages and how can business potentially use this as an income stream?

Yes and over the past we have done some trials with not just only commercial messages whereby commercial organizations personalize their mobile phones for promotional activities we have also run some advertising trials where people endorse brands based upon a revenue share with a brand to endorse brands and use a promotional tool. When you look at the numbers if you take worldwide there are about 18 billion inbound mobile calls every single day. If you take that average of 10 seconds what you have got there is about 2 billion minutes every single day that today is uncapped audio inventory and if you think of commercial radio you think of internet radio and how they have a monetizing revenue model and look at 2 billion minutes which somebody told me the other day was 388 years. You have 388 years of time every single day going to waste therefore yes it can be used for commercial usage and it can be used to brand endorse, advertise and it can be used to play music and it can be used to play ring tones the ring back tone that you hear today. It is the choices as subscribers as to what they want to do with it.

On the face of it this looks like a bit of fun but underneath lurks some quite powerful business uses as well. Is it difficult to get an app noticed in such a saturated market? How do you get people to understand and buy in to an App given the huge range of choice available?

It is difficult because today how do people sell let apps usually it is through word of mouth, people say oh have you seen this latest app so therefore obviously one thing this does is when you call somebody and somebody hears music they say how did you get that that’s cool and therefore itself promotes itself and I suppose it is an overused term getting it to go viral like a video on Utube is usually what you want it to do but what we do is we do advertising through mobile channels whether they be in centre channels or a thousand channels to basically to market and promote the service with special pieces of music , people click on the banners , they can download the app for free and they can use it on a free trial for 30 days to see if they like it and if they don’t like it then they pay nothing but if they want to keep the service then they pay £2.49 per month to have the ability to play as many messages as they like to their inbound callers. As much as you go back to the ring tone market where £2.40 per month was certainly not the revenue model that the ring tone market had but that is the revenue for the ring back tone market.

Jason Thompson, Director of Global Marketing from SSH Security is here to talk about the need for SSH key management to close security holes and control system administrators access to critical systems and data.

For related articles and podcasts visit: http://www.itproportal.com

Jason, you’ve been doing some research recently into how organisations can address these problems, give us the background of how this study came about and what the actual depth of the problem is here?

We have been working on this secure shell environment since we invented the protocol back in 1995/96 The secure shell protocol has been around for quite some time and it has been a trusted workhorse for encrypted data and transit communications and from that standpoint we have deploying our product across the Linux / Unix platform as well as main frame and windows. In addition to that SSH is an open source protocol so it is widely used and is distributed with every version of Linux and Unix and is sold other machines as well. There are millions of deployments of SSH throughout the world.

Over time SSH has done its job to definitely secure the pathways to information assets to make sure that there is a secure encrypted channel between two machines or to allow remote access to a server to do work on that server and in an encrypted fashion. What has happened over a period of time is that the access controls to these millions of deployments by the server in the organizations and how you gain access to those encrypted channels and in many cases a key. In many cases there could be one key or there could be many keys and in some organizations we found that there were millions of keys to the high levels of administrative access to various servers throughout the environment. What that was creating as wells as a compliance issue was obviously a security issue where if anyone were to get hold of one of those keys then they would be able to gain access a wide swab of the organizations servers and potentially do a lot of damage to the organization. So we went back into our customer base and others using open SSH looking initially at the economic costs and challenges of managing these keys.  This was substantial into millions of dollars and really there was no ability to rotate and remove the keys so that was a provisioning cost of several million a year. Out of that was a significant security risk that was created by a lack of identity of the access management control inside of the organizations. In one instance an organization that we went into we asked them how many keys you have in your environment and how many do you think you have and they estimated maybe 500,000 but they had 1.5 million. We asked them how many of those 500,000 do you consider should have high level of privilege access and they said that they didn’t think that any of them should and it ended up that about 10% of them did. So what we learnt from our customer base is that this is a widespread problem that really has become a real risk and now the compliance organizations are all coming to us and asking us to help them write updates to their current guidelines to help address this. Also to come with best practices so that we can help organizations better secure their encrypted channels so that people can’t get control of those really vital networks and do damage to the organization or steal critical information assets.

The numbers quoted of unidentified people with access are huge and this much represent a really difficult situation to manage if organisations are realizing this now for the first time?

It really is an uncontrolled environment and this is the challenge because when SSH was developed and deployed especially because of its open source setup, individual groups and administrators used it mostly as a plumbing layer type solution. So over time you have these silos in organizations who were all managing deploying keys to gain access to servers on their own and there was no centralized control or management so the proliferation of this kind of attack happened over a decade. Now because of the existence of advanced persistent threats and the idea that the perimeter is not going to be 100% secure we know we need to implement a zero trust model inside the environment. We know that we need to make sure that inside of our organizations for security and also for compliance purposes that we are able to restrict and control who has access to what information and also who can provision, remove and rotate the keys and those types of things are really critical.

You mention the recent ‘Edward Snowden’ case as an example of how administrators can pose a risk to security in this way. Given that understanding how the threat is deployed helps to find solutions, how do administrators compromise security in this way and how can understanding that method help identify what is missing and how to deal with it?

I don’t actually know what happening with that particular case, the details will come out in the course of the ongoing criminal investigation. But I can tell you about a potential way an attack can occur though and that would be to effectively go into and environment and use a key that had a broad range and level to it and then once you have access to that you can then use that key to access an encrypted channel and move throughout the environment. You then have privileges that enable you to take information out. Because it is an encrypted channel you are basically able to pull that information out and you are going to blind any sort of security operation or forensics teams as to what you have done. So that is one way that someone could pull a tremendous amount of information out of an organization like the Department of State without being noticed because they are going to be using an encrypted channel. Part of our platform in addition to the key management is a solution that is in the middle, which actually utilizes the key so that an authentication error drops into what we call a ‘crypto monitor.’ We can actually then inspect the traffic and provide contacts to the identity inside the network.

The key here in the Snowden case is that yes that person is probably authenticated with the strong authentication but the organization in this case, the Department of State was not able to understand what the identity was doing inside the environment and they were not able to provide context and because it was an IT administrator using an encrypted channel they were blinded.

So really there needs to be solution in place that allows the organization to strip back who has access to what, that would be the key access management control side but also would be to actually be able to monitor what that individual is doing while they are transacting with the network. We call that security intelligence and the IT world where we provide that intelligence in real time. So if a guy is pulling out files at 2am until 5am this is the kind of activity we need to shut down in order to do an investigation.  In this case that was not possible so the person who put that information on to a computer and flies to Hong Kong at that point it is outside the grasp of who did what and to whom and when. Those are the critical things that are missing.

What is awareness like in industry about this, is it a case of educating IT departments around the risks that this problem presents?

It depends who you are talking to in the organization, in some cases they don’t know but if you talk to a Unix / Linux admin they would tell you that yes they had known about the problem for a long time but no one has said anything about it on the upper levels so we are not really concerned about it until someone says something.

As you get into the compliance side you see people a little bit more concerned because of the compliance issues and the risk as well   As you get higher up in the organization you get the feeling that they are almost unaware of this problem largely because it doesn’t appear broken. There is no compliance mandate that is required there will be compliance mandates coming out towards the end of this year which will give these organizations about 9-18 months to comply with it. Those are really the triggers that build awareness of the things that are going to happen to you. I think if we talk to some customers who tend to be the financial institutions and they are really worried about credit cards being stolen and anything that can pose a threat to even a part of their business, these early adopters are looking at it from a stand point of we have a security issue which we need to resolve and that is happening in the financial institutions these problems are coming in the top 10 – 15 projects for organizations, which if you are huge bank it is pretty high up there.

So for the early adopters who see themselves to be at the greatest risk for the most severe attacks they are aware of it and it is really getting harder talking to the broader group of users out there is the world and getting them to recognize that you need to control access to your privileged users and internal users in the same manner you control access to your office administrators who have very limited access to your organization and the message is now getting out there.

Tim Groen, Strategic Account Manager at Silicon Mechanics joins us to tell us more.

For related articles and podcasts visit: http://www.itproportal.com

Give us an overview of what Knome is and what lead you to develop it?

Knome is a clever play on “Genome” of course and their goal was to build a complete solution not for performing the G nome sequencing but once you have that G nome sequencing managing what you do with it. They developed an application that actually updates the entire Genome with the known research to date on a given set of genes in that sequence. So, for example it will automatically sort through your Genome data and say this person has blue eyes and then it will link that to academic research that confirms that yes this gene does indicate blue eyes - for example.

Genome research is a key aspect of the future of the healthcare industry and pharmaceutical research and so Knome came to Silicon Mechanics to develop a black box solution that would turn a Genome sequence into this useable information. One of their market advantages with this product is to address the privacy and security concerns that are prevalent in medical lab environments because obviously the human Genome is confidential data and so you can’t upload that to the cloud in a situation where you would risk exposing any of that private consumer data. There are also logistical issues associated with possibly moving this type of data outside of the lab environment in which it begins.

It can take weeks to upload a given Genome sequence because these could be multiple terabits of data so it is actually faster and cheaper to send a truck full of hard drives all the way from New York to LA rather than upload a single Genome onto the cloud via gigabit.  So we needed something that was in the lab, to which they could upload the data quickly and they could keep it private and secure and then of course it has to be useable for the customer. The other aspect of our design was to make it quiet and to make it easy. We need to consider that our clients are lab scientists and not necessarily computer science engineers or IT professionals that want to mess with computer hardware so we had to make it an “appliance.”

Give us an idea of the sort of applications Knome will be used for and what sort of organisations arte likely to take advantage of this technology?

This takes a Genome sequence and makes it consumable by a non technical researcher so certainly if you are a PhD in Genome research and Biology you can probably look at a Genome sequence and understand what is going on, but someone like me cannot. So this appliance make it easy to read the sequence if you will. It gives you that annotation and tells you this what part of the Genome relates to which characteristic. Obviously we are talking about a sequence that defines an entire human being so it is very complicated and we don’t understand everything, but it is important to be able to recognize quickly what we know and what we don’t know and by running a sequence through this appliance you can quickly get the real information that you need to continue your research.

The amount of data that this kind of research generates must be one of the main challenges when designing any data handling technology, this solution uses 45 applications all running simultaneously so give us an idea of how you configured the systems to deal with that volume of data and tasks.

This is sort of an eco-system of multiple applications running beneath the surface. So for the user it is an appliance, you have an input of a sequence and you have an output of the annotated data but underneath the hood there are multiple applications performing multiple functions and really the end user doesn’t need to see those. These applications are running on a high performance computer cluster, which we call HPC. Each HPC involves linking heterogeneous servers and storage through different types of hardware into a unified system that is generally managed by software of some kind. In this case Knome selected open source software called Lustre that provides hardware clustering capability to unify multiple hardware components into a unified HPC cluster. This enables all 45 or more applications to run in harmony without the customer or the user even realizing it.  What the customer will see is the Knome software on top that makes it really easy to use.

To design this system we really had to start from the ground up because there were a number of applications and each of them had their own performance criteria and requirements and we had to look at each one and make sure that we were building in enough performance at all levels.

The performance levels can be multi tasking for example one application might use more CPU, one might need more RAM, one might need more storage and so we had to really perform a thorough cost analysis and make sure that we were putting money and resources into the things that mattered to make this appliance perform extremely well.

You have a partnership with Intel, how does that relationship work when developing technology like this?

Intel has been a major partner for Silicon Mechanics. They are clearly a leader in technology generally and certainly in CPU’s. Knome had been a customer of Silicon Mechanics and they had been purchasing servers from us but Silicon Mechanics had really been growing into more of a solutions orientated company. Knome had really decided, from their won independent conversations to use Intel on this next generation. It became clear that Knome needed the complete solution not just CPU vendor and so Intel recommended that Knome work with Silicon Mechanics and so it was a great harmony where all three of the companies were already working together and this project really helped us come together with a common goal and develop this unique product.

Given that there are so many choices of CPU’s even within Intel’s product line we had to achieve a few different goals. We had to create a product that would stay current for years to come and we also had to make sure that it would match the performance criteria, the power usage criteria, and the pricing criteria that we had also previously established. We built it from the ground up with multiple options and we had to approach it with a very broad net and try a lot of different CPU options and run the pricing, power numbers, performance estimates, set up lab environments and test and test until we came out with a really good bundle of options that still gives the customer flexibility but also make it easy to deploy this appliance.

How can the challenges that you have overcome here and the solutions you have employed be applied to other types of industries?

A lot of people talk about clouds and private clouds and a cloud is basically an HPC cluster and when you rent a cloud service you are simply renting a portion of another person’s HPC cluster so it is really a question of scale and if you are on a big enough scale it makes sense to have your own HPC cluster instead of going onto the cloud and once you have the HPC cluster and in this case we have customized a very specific bundle of components into a very specific function but the nature of this technology is that it could be applied for many uses for example in manufacturing you could design moulds and you could design aerodynamics and water dynamics . We have had Wall Street type of customers who have been using HPC to do high frequency training. We are doing a lot more pharmaceutical research .We are doing a lot more with Government. We are selling into Universities and labs around the country doing all kinds of research because this HPC cluster gives you a base framework from which you can really do anything that you could do in the cloud or any kind of product. We can customize it to meet your exact needs so really this type of template can be applied to any industry under the sun.

Ian Ferguson , VP of Segment Marketing at ARM is here to talk us through the findings.

For related articles and podcasts visit: http://www.itproportal.com

Ian, why is the Internet of Things so important for ARM to be considering?

Firstly because we don’t make chips and because we don’t make platforms the decision makers in these vertical markets are quite a lot of steps down the value chain for us and one of the opportunities we had with the economist was to actually to interview C level executives from a vast range of markets like energy space, health care infrastructure, financial services, manufacturing, construction, real estate and so on. A technology company like us we would not without the help of the economist been able to find reasons for natural conversations with some of those verticals.

The economist also reached out to quite a few regions across the world. The split was about 30% from Europe, 30% from North America, 30% from Asia with the remaining 10% Latin America and Africa, so a pretty diverse set of people. Reaching out to real estate and construction for example would be harder for us to reach out to on our own so that was one of the reasons.

Arm is a billion dollar company but we are not well known outside our area of success so this was a great opportunity to communicate on a big scale. Especially given the fact that we are all about providing our technology to our partners who are the primary brands like Samsung to name one. We are sort of behind the scenes trying to put our goodness into chips but maybe if the survey had gone out to some of these other people I don’t think necessarily it would have as much of a response than if it came from someone like the economist.

Why is it that some sectors and industries have been faster to take up the principle of the Internet of Things than others that might well be able to apply the technology just as effectively?

My surprise was that before the survey, I would have said that my own industry with IT techie people like myself would have been the first ones to embrace the Internet of Things.

I view it as connected things to the internet whether that is small sensors or gateways so at some point if we go back to the original definition by Mr Ashton when he was at Proctor & Gamble it should be that any of those sensors can talk to anything else so cars talking to street lights, heart rate monitors talking to schools for example.

Actually what this study showed was that the first places where these connected devices are being deployed in enterprises is in manufacturing and the second was actually in construction and real estate. My sense from talking to a few people in those industries is that there are very obvious benefits to deploying these sensors. We have actually seen in manufacturing the use of sensors to give better ground level control of where resources’ are and managing how to deploy and manage equipment more efficiently such as within food plants for instance.

What the study also showed was although there were about 75% of the C level executives having very detailed discussions about Internet of Things, they were still wrestling with what the ROI would be on that particular investment. But in manufacturing at least we are seeing a very clear benefit for deploying these sensors to actually improve the cost of manufacture. I think some of these other industries are looking at areas where there may not be quite such an obvious return on base costs initially and that is why those people might in a more research kind of mode towards the Internet of Things as opposed to actually starting to deploy systems.

One of the things that this survey showed was actually 1 in 4 of the manufacturers interviewed were already deploying a network of connected things.

Aside from the measurement of ROI, what are the other barriers that are preventing some industries getting to grips with the Internet of Things?

I think there are and the survey threw up a few and then one which we have been wrestling with at ARM also. 

Some enterprises are saying, yes this sounds very good but we just don’t have the right expertise inside the company or can’t find the right people. The other way of saying that is that, this technology for some people is just too challenging to connect up and that really for those wave of adopters to take it in addition to their need for ROI it actually needs to be easier to connect it all together.

We have seen this with some of our trials with the Cambridge Campus that you mentioned earlier at our headquarters. We have started to put in intelligent lighting systems into the car parks and sensors inside our conference rooms to manage temperature and the lighting system so that in periods of inactivity things power down and when people are there the lights are. We are working on the next phase now where you will have real time available to your conference room based on those sensors so even the room might have been booked but if that meeting has not taken place or they have left early there will be more real time use of those resources. It is not just something you plumb together easily right now so I think there is a hesitation about the technology level.

Another barrier that I was surprised to find didn’t really come out as much as I was thought was around security. There are some places where it is an enclosed system. So, if you’re a Formula 1 team for example, you might have a lot of money to invest in technology and you have a lot of people with very high security around that network. If you are in some of these other industries where your speciality is something other than connecting stuff up I think people are going to become more concerned about the security of that network. Obviously it will depend on the types of things on that network and how important that data is but I predict that is going to be looming as a fairly major issue in the future.

The third is really around connectivity. As I have said the Internet of Things is really about connecting to everything. There is a lack of common frameworks, the joke is that the great thing about standards is that there are so many of them and I think in the IoT area there is a lot of work that still needs to go between all of the industries to actually make it easier to plug and play pieces of technology together.  It is probably easy to connect stuff together if it is all from one manufacturer or all from one service. But really for IoT to really get to that massive deployment vision of ‘anything talking to anything’ there is going to need to be some work about reliance on frameworks and how devices communicate, authenticate and send and receive data.

We are currently seeing big debates between governments, energy companies and business on the costs of energy bills within industry. Some of the principles of the Internet of Things could contribute some technology solutions that could lead to some significant savings in the future?

The other thing that came out of the study was that in addition to cost savings a number of the people surveyed saw that there were opportunities to generate new revenue, or improve customer service. One element is within the very high costs in manufacturing like the provision of energy from oil and gas It is very easy to see deployment of technology having a very quick impact on being more efficient with what you have got and we are starting to see the early work where connected things could add new services.

In San Francisco where I sit right now a lot of the parking meters are being connected to a smart network so you can actually book the space if it is available over the phone. That is an efficiency plan so people are saying we can analyze those spaces available, if there are actually less spaces available in a particular area because of an event they might start to put the prices up for instance and there is much more useful analytics you can do on that car parking information to cite one example.

We are also seeing technology being deployed in the insurance industry and you may have heard of in the UK http://www.drivelikeagirl.com where you can have a device put into your car to improve insurance premiums based on your driving patterns. There is a little bit of that in the US coming on now as well, some of the biggest insurance companies over here are doing that and that then throws up the next wave of discussion around who owns that data.

I think in the case of http://www.drivelikeagirl.com where it is their own device but in your car, they are going to say that data is their data and it is probably hard to argue with that. I think that there are going to be other cases where the data that comes out of the connected things like a heart rate monitor for example, where I am probably going to think that it is my data and I would want to control that as opposed to it being aggregated and controlled by others in the cloud.

We talk about a lot here on ITProPortal.com about the use of Big Data and how organisations utilize it and this represents the interface between big data and the customer at the other end. With that link developing how do you see that changing the business landscape into the future?

Our phrase is big data starts with little data. From sensors in forests which send data saying we are on fire come and dowse our flames to data coming out of medical devices, parking meters and street lights. I think the Internet should be about making our lives better and making things more efficient. But it has to be done in a way where that data is being shared in a controlled way from out of those small micro controllers and sensors. At ARM we are wrestling with the technology challenges and we think it is still a massive puzzle and that we are a very small part of the larger overall Internet of Things as our technology and that of our partners integrates more onto platforms and software.

The main area of focus for us is security and building the right products. Also trying to align on frameworks on that communication path and if we can have control of the data from the user as opposed to that data being controlled by the cloud players I think that vision of us having more efficiency around ourselves and being more efficient in terms of saving planet resources through the better use of precious resources like electricity is what we are trying to achieve.

For related articles and podcasts visit: http://www.itproportal.com

Chris, start of then by telling us about the background as to why you felt it necessary to develop this?

Aruba has always had the goal of providing the most flexible architecture options to our customers and this announcement really is continuing with that tradition. Essentially what we have noticed over the past year is that our customers continue to build more flexibility in to how they allow the workplace to take shape. We see almost in some respects disaggregation of the workplace where employees can either be at the headquarters, at a branch office, their home office or they could be on the road. This is how they keep the concept of broader mobility but behind the scenes what is required to enable that is really different types of architecture. On the one hand organizations are looking for flexibility in the types of wireless architecture that they are able to deliver, but on the other hand they are also looking for a more flexible cost models as well. So we saw this trend towards the need for this flexibility in architecture and also at the same time the general readiness I would say of organizations to actually belt and brace the software service model. Aruba looked at these trends and decided it would be in our customer’s best interest to move all of the management functionality into the cloud. The difference that this makes for our customers is they can manage the breadth of their working environment whether it is a home or branch or corporate office. They can manage all of this from a single point but the management is actually housed and maintained in the cloud and they can access that simply through a web browser. This ultimately becomes a service that they pay for as opposed to equipment that they buy and deploy on premise

What sort of businesses and working practices have you aimed this solution at?

We have seen a lot of interest in what I would call the extended branch type of enterprise. I think here of retailers as an example, or even financial services, banking and insurance types of organizations. Anyone who has a large number of small footprint branch offices where it becomes quite costly for them to either deploy solutions in those branches or have professional IT folks located in those branches. This is really a prime solution for them because they can first of all drop ship the access points directly to those branches, they can be plugged in by non IT savvy professionals and the access point will find its way back to the cloud, download its configuration settings and then become completely manageable as part of the broader infrastructure of that organization. So we have seen a lot of interest in that extended branch but we also see a lot of marketing opportunities in the mid size and in some cases the small to medium sized businesses as well. These are really both types of organisations that certainly have demands for wireless connectivity and robust IT communication demands but don’t always have the IT staff in house or flexible options in terms of how they pay and fund these types of infrastructure build outs.

Also within education, we see a lot of initiatives in the UK and across Europe in terms of provisioning schools with more digital learning tools like tablets and Smartphones and all those types of devices obviously require connectivity. Once again, we have the same scenario where the school doesn’t necessarily have the expert IT staff in house so looking for this type of solution is the right size for their type of organization.

We have spoken a lot on this podcast about the trend of IT departments farming out services to third party providers – is that what has driven the demand for this as well?

Yes and in fact it is very much in line with some of the research that Aruba had conducted earlier in the year which definitely points to exactly what you say which is organizations will rely more and more on outsourced and third parties for their IT expertise so there is certainly the human aspect of that where they may look to partners for that skill source but I see that the work that we as a vendor can do is to make the service much easier to consume and that is what this cloud solution does it obviously makes management an ongoing operation of your wireless network that much more simple because you don’t have to deploy on premise equipment and you have an interface such designed really for getting started with the basics but then also can grow with you as you look for more and more deeper knowledge and capabilities within the tool.

Is it purely down to reducing costs why businesses are increasingly going out to third party providers or is it mainly around skills availability within their business?

I think that cost is obviously a factor and obviously if we can build in more flexible cost models shifting away from upfront capital expenditures and moving more into ongoing operational expenditures that is attractive to a lot of organizations because they can budget more effectively for that.

I would also say driving towards just the idea of having consistent wireless connectivity across the broad range of places where the employees would be doing work, the driver for this is enterprises desire to make sure that all of its services and all of its information is as pervasive as possible. So this type of solution allows organizations to meet the demands provision and supply services across any location but in a way that it is far more flexible from a cost perspective and also allows them to manage it more effectively with fewer man hours than what may have been required with previous solutions.

The reliability of businesses connectivity is paramount isn’t it? I know your channel partner PacketLogix ran a lot of beta testing on this for you but talk us through the testing that a product like this goes through before it goes out to market?

The first step is to really understand the needs of our customers and Aruba has an extensive community what we call the ‘airheads’ community and this is really the primary form where all of our customers have access to shared technical experience. They can ask questions and provide feedback and it effectively creates a closed loop process for the company allowing us to engage with the customers and ensure they have the information they need. It also serves as an effective platform to make sure that we are identifying the pay points that our customers are to provide an end solution delivered to market.  That is really the first step of course, once we have determined the initial feature functionality we obviously make sure that it fulfills the needs of the market and that we are ahead of the competition. 

We then take the tools out to beta, in conjunction with partners and a handful of customers to get real world types of experience with the solution. Once that is complete we go to market in full.

Well, we can’t talk about anything to do with connectivity without the big ‘S’ word, Security. What have you built into this product to supply a secure network for your clients?

I am glad that you brought that up, obviously whenever we talk about moving anything into the cloud then security is obviously very important. Aruba is working with leading industry standards like Trustee to ensure that the whole security framework solution is certified so that we can meet the data protection and privacy policies that is obviously our requirement as part of EU law. We take security very seriously Aruba the company has really built its whole heritage and foundation on security and certainly this solution is no exception to that.

What would your advice to IT managers be when they are considering a solution like this, maybe those that might be worried about relinquishing control to a third party?

I would first qualify that there is really very little relinquishing at all that happens here. Ultimately into the cloud is really just a management data and first of all there is no traffic or security details of any sort as part of the cloud it is purely just the management of the access point infrastructure and that management is something they control completely. If anything what the solution is giving them is actual greater efficiency. Instead of going to multiple management consoles or managing different types of networks that may be in different parts of the world, they can actually build a consistent framework for how they monitor, manage and do things like firm updates, configuration changes and reporting.

In fact the biggest requirement from our customers is for recording PCs by compliance for example, especially in retail environments. This type of solution really brings all of that information into a central point which they have sole control over but it allows them to be much more efficient and effective in terms of how they operate and maintain their network environment.

BYOD is a subject that we discuss here a lot on ITProPortal especially around addressing some of the reliability problems around connecting a range of mobile devices that might be switching from one network to another. I understand that you have built a clever solution to that within this product?

What is encompassed here with this solution is the capable client match. First of all it is intelligence that is built into the top range of our access point portfolio. If you think of it this way, when a user walks into a building and they have their device in their pocket or even in their hand that device is going to connect to the first access point that it sees within that facility. As the user makes their way to sit down at the desk they actually could be located on the other side of the building but that device is still holding onto that connection that it made at the first point where it entered the building. Aruba client match allows us to take a system level view and make sure that clients are connected into the access level points that are closest to them making sure that they have the most optimal performance possible. Again it is another example of the work that Aruba has done to really make sure that we understand what occurs in real life deployments in organizations to make sure that we can optimize for some of those challenges.

Technology and working practices are constantly changing and developing and obviously companies are going to want to invest into a system that will cope with those changes, so how scalable is this solution?

This is the beauty of this type of solution is that it is really infinitely scalable. Ultimately organizations have the flexibility to scale up or in essence to buy another access point into their cloud if you will, or even scale down. Both of which may be equally of concern to many customers. The fact that all the management and capability services are hosted in the cloud means that we are obviously building on a very robust network of cloud providers and global data vendors with a presence in all major regions that allow us to either scale up or scale down based on the requirements of the customer. Again flexibility being a key point here for a viable proposition that cloud offers.

For related articles and podcasts visit: http://www.itproportal.com

Tell us then Duncan about the background to this study and why it was important for you to research this subject in such detail?

Flexible working and enabling employees to work in different ways is one of the fundamental things that we hear is an emerging macro trend. What we were wanting to understand is where the industry already was in terms of adoption of that behaviour and what was inhibiting the adoption of this new way of working. We spoke to the 500 UK CIO’s and business leaders, 70% of whom believed that flexible working had absolutely driven productivity benefits not only for the employees but also for their companies. But, only 48% of them today were actually in a position to make that happen and empower their employees to work in that way. So, facts that were interesting to understand as we talk about the broader of context of flexible working.

So what is standing in the way of these businesses offering this flexible working option to their workforces?

One of the main concerns when we spoke to the CIO’s that kept on coming up was the issue of security. 79% of the CIO’s said that security remains their number one worry. It is an understandable concern amongst the CIO’s but actually the way in which the network and the telecoms partners can work with those CIO’s to overcome those issues means that it actually need not be such a worry. There are solutions out there that actually can enable the corporate data networks and the security that is required for them, whilst also enabling the flexibility that their employees and their organizations are looking for as we move forward.

Is it perhaps an issue around awareness around some of the solutions available to businesses to overcome these challenges?

I think that there is a mixture. There is an understanding across the CIO community that things may exist and I think there is some degree to which particularly as you get into the SME segment that perhaps those solutions are perceived not to be fit for purpose for their budgets. I think there are absolutely solutions out there that are fit for purpose for the small organization. But I think it is our job as a telecoms partner to educate businesses and work with them on understanding how they can bring flexible working to life in their organisations. Also to really make them take that step together rather than us just say “we have a box that we can sell you, you go for it.” We need to work with them to bring them on that journey to what they want both their organizations and employees to be able to achieve moving forward.

Could some of the barriers actually be around CIO’s wanting to keep a close eye on what their employees are working on and where and also perhaps the wish of employees to keep their work and home life very separate?

What we found is that CIO’s actually believe that implementing a flexible working policy would reduce absenteeism and engagement would actually go up. It was found that they imagined that their staff would be happier and more productive if they were given the opportunity to work from home. This is in line with another report which came from the Trade Union Congress confirming that the amount of people working from home has increased by 113% over the last 5 years and there has been an increase in productivity from those organizations that have enabled that. So, on the part of CIO’s we are not seeing any reticence around trust in their employee workforce to do the right thing when they are at home. Similarly employees find that the great thing about flexible working can mean being in the office and then going home and switching things off is their preferred way of working. But for some this gives them the flexibility to fit their personal and work life together and to enable them to do what they need to do across their whole life in the most suitable way for them. It can actually be a win win for both employees and employers if it is done in the right way and if it is done with the right contract between the employers and the employee is set out as it is in most cases when flexible working is suited.

What are the things that you advise businesses to start looking at when starting to implement flexible working solutions for workforces?

The critical things are to really make sure that they actually understand what they are trying to achieve. There is a lot of talk at a high level about flexible working but in reality each individual company and organization will have its own requirements based around the type of workforce that it has and the size of the workforce that it has. It will need to consider carefully both its connectivity requirements and how that is best managed and whether it is across mobile, fixed or both and they will need to think about the security elements as we have already discussed. They will need to think about how it creates applications that work across different access technologies that are accessible from anywhere so that the end user or the employee is not hindered by the fact that they are working from home, i.e. they still have exactly the same access they would have if they were sitting in the office. There are lots of things that the CIO would need to consider but the critical thing always to bear in mind is what the outcome they are trying to achieve actually is. It is only useful in so far as it brings benefits to both the employee and the employer and there is no single blueprint for that because each organization is different.

Share with us an example of a business that has been transformed by employing these practices into their working practices?

One of the great successes I would say is Virgin Media Business. A few years ago as Virgin Media were relatively “20^th Century” in a lot of the way things were done in the office and flexible working was not necessarily as instituted as it is now. By bringing applications onto Smartphone’s, Tablets, personal PC’s and giving people that flexibility and giving people access to the corporate network from locations other than from the office. We have moved to an environment where productivity increased and employee engagement has gone up as a result of implementing some of these policies. We have still got work to do, as with all of these things there will always be a transition and an ongoing process but in terms of living and buying into the things that we are selling and it has shown a great effect.

How do you see the adoption of flexible and remote working taking off over the next couple of years. Can you see this changing the working culture here in the UK?

I think that this is absolutely not a fad and I think the desire for employee flexibility and for people to be able to work in ways which suit their life is something that we are only going to be seeing more of in the future. Particularly as the evidence shows that an organisation’s productivity continues to grow then this is not a tradeoff between productivity and employee flexibility they are in a correlated positivity with each other. We see that employees who are given this flexibility do offer more discretional effort and do put more into their job because they are frankly happier and more engaged. There are obviously some high profile cases where movements away from home have been put in place but I think for the majority of organisations moving to this flexible working is something we will see more of and I think it will span all sizes and all segments of organizations. I think the really good thing is that it will be really good for business.

A line in your study says that 40% of those you studied had overheard their workforce complaining about being tied to a desk; especially in creative industries being able to move around with your work has got to be a good thing hasn’t it?

I think there is always a place and time for brainstorming and getting together but even with virtual white board etc you need not necessarily all be present in the same location. Allowing people working in an environment that is conducive to them does create a psychologically better environment for better quality thinking whether it is in a true creative industry or just a job that requires some creative thinking - then that can only be a good outcome.

NTT Com Security's global research covered 700 organisations in the UK, USA / Canada, Germany, Nordics, Singapore, Japan and Hong Kong. The study shows that while over a third (36 per cent) of UK companies have adopted cloud in the last one to two years, almost a quarter (22 per cent) have yet to adopt cloud technology. This is compared to an average of 14 per cent globally.

Although just 10 per cent of UK respondents have already moved the majority of data and services into the cloud, 42 per cent will transition it in the next two years. Yet, 30 per cent of UK respondents admitted that they would never move their data, a figure only topped by the Nordics with 42 percent.

Decision makers in UK organisations admit that issues around data protection, legislation and regulation are responsible for cloud computing being adopted more slowly than they would like.

While just over a quarter (26 per cent) say these issues have been the 'primary reason' for slow adoption, 31 per cent admit they have 'significantly' slowed adoption and 29 per cent say they have affected it 'to some extent' – a total of 86 per cent against an average of 76 per cent across all of the other countries surveyed.

At a global market sector level, Financial Services (36 per cent), Petrochemicals (39 per cent) and Healthcare (27 per cent) organisations are most affected by legislation and regulation issues, citing them as the primary reason for slow cloud take-up.

The report also revealed that all organisations fit into Five Cloud Personas defined by their levels of enthusiasm for cloud computing and the extent of their adoption. Ranging from Controllers at one end of the scale, distinctive by their lack of cloud enthusiasm, the five personas also include Acceptors, Experimenters, Believers, and Embracers who are the most cloud enthusiastic and have benefited most from its use.

The Five Cloud Personas

1.) The Controller – least likely to be using cloud, wedded to data centres and unlikely to experiment with new and emerging technologies. Controllers see no financial gain and cloud is not part of their IT strategy.

2.) The Acceptor – likely to have adopted cloud in the past two years and to adopt technology where there is a clear business case. Cloud is not central to their IT strategy and they are unlikely to see financial benefits.

3.) The Experimenter – likely to experiment with new technologies and to move the majority of services into the cloud in the next year. Used in half or more departments and a quarter of budget is dedicated to cloud.

4.) The Believer – very likely to actively seek out new technologies and to have moved the majority of services into the cloud in the next year. Critical to the deployment of services with a third of budget allocated to it.

5.) The Embracer – has been using cloud for 3+ years, very active in seeking out new technologies, dedicates over half its budget and is very likely to see an increase in revenues and profits from cloud.

Key statistics: Country differences

Organisations in the USA/Canada are the most cloud enthusiastic, with 28 per cent saying they have already moved the majority of their data and services into the cloud, followed by Germany (24 per cent).

When it comes to innovation, USA/Canada also stands out, with 59 per cent actively seeking out and experimenting with new and emerging technologies, followed by Singapore (41 per cent), Japan (26 per cent), Germany (21 per cent) and the UK (20 per cent).

Cloud adoption has increased in the last two years, with 36 per cent of UK companies indicating deployment within that time-frame, followed by Germany (34 per cent), the USA/Canada and Singapore (31 per cent each), Japan (25 per cent), and Hong Kong and the Nordics (18 per cent each).

While on average less than a quarter (22 per cent) of IT budget is dedicated to cloud versus a global average of 29 per cent, UK businesses are still enjoying the financial benefits – 40 per cent acknowledge an increase in revenue and 23 per cent an increase in profits from cloud computing.

Over 40 per cent of USA/Canada respondents say cloud is 'critical' to how they deploy and maintain services, compared to 32 per cent in Singapore, 29 per cent in Germany and 9 per cent in the UK.

Singapore (45 per cent) places most emphasis on 'cost' as a factor when considering deploying a new service or changing the delivery of an existing service. Hong Kong, however, places most emphasis on 'security' (38 per cent), followed by the Nordics (36 per cent) and UK (33 per cent).

According to thousands of independent scientific tests by RootMetrics across the capital, Vodafone has the edge on O2, recording download speeds of 9.5 Mbps and upload speeds of 4.7 Mbps (upload) compared to O2’s 7.1Mbps (download) and 3.7 Mbps (upload).

Bill Moore CEO and President of Rootmetrics joins  us to discuss the findings in more detail.

For related articles and podcasts visit: http://www.itproportal.com

Bill, lets start then with an overview of what Rootmetrics do and what your mission is?

First and foremost we are the voice of the consumer. For us, it is about consumer advocacy and taking a look at the major operators in London from a consumer perspective. We take ‘off the shelf’ Smartphone’s that we buy at the retail stores just like everybody else and we test the networks from that means, so we don’t alter these phones, we go indoor and outdoor and run a series of tests across all mobile internet and text and then we score each of the networks based on the speed and reliability of them across, calls, text and then an overall measure.

In the first few months of the service being available, you’ve been testing 4G coverage in and around the city of London. Give us the background behind this study and why it’s been important to test these services so early on in their rollout.

We have been in the UK for the last couple of years testing the networks inside the initial rollouts and so we have been into London a number of times. This most recent study we did in excess of 86,000 tests and picked more than 100 indoor locations and drove 2,500 miles. When we talk about London it is more than just Zone 1, it is actually all the way out to the smaller towns, to the east it would be out to Southend-by-the sea, north to Saffron Waldon and Maidenhead to the west. So it is a very large and extensive area where we do a random selection and we go and run tests using phones just like a consumer would do.  The reason we are doing this is to allow consumers to have better informed choices rather than just listening to marketing messages. We look at what 4G means and how extensive it is so we can go and talk about the speed variances across providers, the reliability of getting on that network and even how widespread the technology actually exists. A lot of advertising suggests that it is everywhere when in fact it is not everywhere, so that is why we do this and do a benchmark if you will that put everyone on a ‘apples with apples’ comparison so there is no bias across the network.

Well you mentioned there that you use devices in the spec that they would be available to consumers, but what is the technology you use behind the scenes to carry out these tests and ensure accuracy?

We take the off the shelf phones and in fact we take a number from each of the operators and benchmark them separately to determine what is going to be the best-case scenario. If you are making a decision as a consumer you might be looking at the latest and greatest phones. We put each operator in best light possible but we do not alter these phones because we want it to be exactly what you and I experience. So our software runs on the top of that and helps automate the tests and we do things to make sure that everybody is tested at the same place at the same time so everything is time synced if you will so it is an absolute variable controlled environment so that we have a direct comparison.

Your study focused on 4G connection speeds in and around the city of London, what were the headline findings that you found?

We take what is called the large urban zone, which is defined by euro stats, which goes out into the suburbs. The important thing to realise is that we take 4G enabled phones where possible in three of the networks but we allow those phones to switch to whatever is available so, if 4G is there great if it is not it might go to 3G or even 2G so it is just like what you and I would experience. Then we take the average of all those tests and report on them in that speed.

What we have found when we look at the mobile Internet is that it is good news for consumers in that everybody is getting faster. O2 and Vodaphone are brand new into rolling out 4G and that has occurred over the last 2 months, EE has had a network over the last year and so they have had a bit of a head start but they have also seen improvements. Coming soon is Three, they have not quite rolled out 4G yet but that is coming before the end of the year.

The good news is that the cities are great starts with these rollouts and Vodaphone and O2 have seen a doubling of their speeds. In fact Vodaphone had a bit of an edge over O2 if we looked at the maximum speed of download about a 9.5 Mbps versus 7.1 Mbps with O2. If we compare and contrast that to EE who have been in the market place a little bit longer and rolled that technology out sooner they have also just rolled out with double speed and that is even a faster technology than 4G. As a result of that we saw them from the last time increase their speeds by 50% and they are actually at about 19.3 Mbps download speed so somewhere between 2 -3 times faster than what we are seeing on O2 and Vodaphone.

The important thing to remember here is that, it is not that each test is that much faster, it is an average in that area and they actually have as a result of being out there in the market place sooner and they have a much wider spread percentage of LTE in the overall market place. They vary really in the core city with about 84% of 4G coverage to 64% as we get to the outline areas. We can compare and contrast that to O2 and Vodaphone they are more in the region of 45 – 65% in the core city and a little bit less as you get outside where you get only 5% or 18%. What we see typically is these networks come in and generally start in the core centers of towns and to hit the most people as possible to start with and then they build up the masts and technologies as they start to move out. So we are still early and these deployments take more than 60 days, which is really where O2 and Vodaphone are at so we would anticipate that they are only going to get faster.

O2 and Vodafone doubled their connection speeds then, tell us a bit more about why one operator can make so much ground on another is it down to the way they deliver services or more about the infrastructure they have access to?

There are a ton of variables here and some of it is related to what allocations they have and the technology choices they made in terms of deploying that. Furthermore, how far they have actually deployed it. In this case it looks like Vodafone is a little more widespread at the moment in terms of deploying 4G than O2. But it’s important to remember that this roll out is still very early on and certainly EE has had much longer to work on deployment.

As important as speed is, we also need to look at reliability as well. So can we get on the network and do what we need to do without interruption like make calls, download a big files, enjoy web and app usage and generally use 4G without problems.  What we are seeing on reliability is that although Vodafone are faster on average than O2, O2 are actually more reliable on average. We believe that is a very important factor because if you can’t get on and stay on, speed doesn’t really matter. So that reliability quotient has edged O2 over Vodafone and Three. EE actually has the highest reliability when it comes to mobile internet and part of that is having one technology spread a little wider and not having to switch between the various different flavours of mobile internet technology.

What is important to note is that when we talk about these maximum speeds, it’s like comparing a car with just the one measure of top speed. We wouldn’t buy a car on that one measure alone. So the other components we look at as well include using everyday tasks like web, app usage and emails. Even Three, who don’t have 4G in the marketplace for example, where Vodafone are at 9.5, O2 at 7.1, Three is actually at 5.5 with just pure 3G. So they have one of the fastest underlying 3G networks out there and what is interesting is that while EE have the fastest speed overall they are almost on a par with just 3G alone in terms of being able to get out and do your basic facebook checking and surfing the web. Sometimes maximum speed means a lot and sometimes it may not translate into an everyday task just like a simple App or web use.

There seems to be a lot of work needed outside of the core of London to improve reliability from the data in your study?

As I was mentioning earlier the core of London is where the stronger levels of deployment are occurring and we see the fastest speeds there and the best reliability. In fact as you move out to St. Albans or Maidstone in those types of areas you are going to probably see as much as a 50% drop in speed. If you are in the core of London and you are commuting into London you are absolutely going to want in my opinion the 4G technologies because you can enjoy speeds that are 2 – 4 times anything else that you could enjoy. But if you are in these outline areas and you are not travelling in you may want to delay. You have got to be careful of where that deployment is because we are still early in that process so if you are an early adopter go and get the phones now because it is coming and everybody is building this up quite rapidly. Again, it is a good day for the consumer because this competitive race has only just started heating up.

If you were advising operators on how to improve their services, what would you advise them to do to improve the infrastructure over the next 12 to 24 months?

I think in the large part they are doing what they need to do and we are seeing this deployment of 4G in London and other major cities in the UK actually coming out very strong. The technology is rolling out quickly and even more quickly than we have seen in other parts of the world. We measure everything in the US and the speeds that Londoners are going to be enjoying as we speak is rivaling and even exceeding what we see in for example, New York. The speed aspect is really really good . One of the things we would say though and where we place a lot of importance is reliability, the ability to get on and make my call and do the tasks that I want the mobile and internet be able to do, like send and receive texts. That is an area that we think can improve as far as the overall networks are and that is where the UK is slightly behind some of the areas that we are seeing in other parts of the world. We are seeing a really strong ramp up in that reliability though and that is where we think the gain is going to be won between the operators. Speed is important but it is only important if you can get on and win the game of reliability, only then will certain operators have an edge over the competition.

Well it was announced that 4G was going to be rolled out amidst huge media hype, do you think it has lived up to expectations so far?

I think it does where it is, the caution is as I said the important point is that you have got to know that the media hype and the messages make it seem as though 4G is everywhere and it is not. It is not ubiquitous yet but everyday it is increasing with every operator EE have that edge because they have been out there for a year, O2 and Vodaphone are making massive efforts to move quite rapidly and are moving very fast from our perspective and Three is right round the corner with a very solid underlying network which has been quite reliable and fast without 4G and we think they have a great foundation to build on to be able to roll out further from 4G.

The full report can be downloaded from the Rootmetrics website here: http://rtmet.com/1gLTSGv

For related articles and podcasts visit: http://www.itproportal.com

Matthew, first of all, why is the Samsung smart watch interesting and exciting to you?

I think despite it having been received fairly negatively by the press, what we see with the Samsung Smartwatch is really the beginning of the next phase of how we think about technology and moreover how we interact with technology. To give you an example I have a 16-year-old nephew who doesn’t wear a wristwatch because he uses his phone for everything.

It is interesting to see what the Samsung Smartwatch will do because instead of having to take it out of my pocket and it having the form factor of a phone I can have a piece of technology on my wrist that can be my phone, send biometric information for sports exercise and it can be sending and receiving messages. The point being is that what is interesting about what is happening to technology is that it is less about brand and more about how we interact with the technology. You could argue will Samsung, Google etc be the vanguard of this or will they be in the future there to reap the benefits as we pour technology around ourselves or will it be someone else who understands better how we want to interact with technology and not necessarily the operating system that we use.

We often hear the phrase “Internet of Things” and it is this kind of interaction with technology that the “Internet of things” hinges around isn’t it?

I think the interesting thing about the “Internet of Things” is to really start to understand how we are interacting with technology. Internet of things understands that humans (in our old analog way) are touching technology and trying to get some kind of feedback or response. Whereas within the world of machines itself, a lot of this information can be passed on to other machines which process and present it either to another machine or back to us. So instead of predominately talking to another machine and the machine producing something back to us in some form, what we will see is a lot of intermediate processing between machines and devices as they move information around and consolidate it into the outcomes that we are trying to get.

A consequence of wearable technology is that, currently we produce a lot of content with our phones right now and so as time moves on, will be producing or using content on our wrist as well? So one of the things that you are going to start to see is the need to start organizing that because we are producing too much and we can’t find what we need. So the intermediate processing will take place, which will start to organise that. We already see that now in the Apps that you can buy for online shopping and the technology that exists within your supermarket. Your digital watch is being told offers based on your previous shopping preferences from that store. So, it is saying to it’s user things like, “there is an offer on multibuy of dishwashing tablets because you bought them last time and this time it is 5p cheaper maybe you want to take up the offer.”  All these things could be going on as you are walking through the store and that is all machine-to-machine interactions.

What do you think the impact on business is going to be of technology like this, what are retailers going to have to consider?

Most of the impact will be sort of obvious. People talk about augmented reality and one of the simplest things for retail for augmented reality is the example of your furniture store; when you go to buy yourself a chair or sofa you think about what is it going to look like in your house. So what you want to do is use your camera or Smartphone and look at the room and put the chair into that room to figure out how it will look and feel.

Another example, I hear a piece of music and I want to buy that piece of music. I want to add that to my collection and so retailers could be selling that music over the air giving the customer the option to say “I want to buy what I am listening to” and it then adds itself to your cloud music collection.

The point about it is how efficient should that interaction be with the world in terms of what a customer wants and to shorten the decision it takes to look at something, make a decision and then acquire it. If you just take that as your rubric for first flush of technology then there is a whole host of things that retailers can think about. Take a shopping favourites list that is already telling me where to go and what aisle I need and what other items the retailer has an offer in that isle.

Personal shopping to some extent can become a reality and you already see it in a lot of stores who have their own online portal where if you can’t see it on the wall you can still use technology to buy it there and then. What is clever (and some retailers have set this up better than others) is the interaction between the physical and digital world and getting that right gives the frictionless commerce that most retailers are looking for.

These innovations could also change the way that people interact not only with retail but also with their jobs as well. BYOD is a real growth area and we could see devices like these creeping into the world of business fairly soon as well couldn’t we?

It could be and it is interesting that you mention that because there has been talk about the biometric sensing on the next version of the iPhone. The ideas that the device is finally secure and can be controlled in the context of your IT organization is frankly entirely the wrong way to think about it. Every one of your enterprise users is a consumer and leaves with their Smartphone and is very comfortable with the Internet as its means of access. The right way to think about it is to make the assumption that the entirety of your workforce lives in the Internet and they will have or multiple devices, which they will use to get information, to communicate, engage and do whatever they do within their job. You as a corporate entity then have to have ways of preserving data privacy, data confidentiality etc. but not as a means of ‘controlling’ endpoints.

Instead of you going into the office which puts its rules upon you to some extent, we are starting to see that in terms of efficiency and communication the enterprise now have to conform or adapt to how the workforce wish to work and not the other way round. I think that is the biggest impact on enterprises. Whether it will move or take on within the next few years we will have to wait and see, but the point is that the old model enterprise management where you can shut devices down and people can’t do stuff is not practical any more.

Looking at this in terms of cloud, how do you think changes in the way we think about and use technology will affect that’s sector going forward? Is the technology and cloud infrastructure sufficient in most cases to support these behaviors yet?

I think it is still in its adolescence in terms of how we access it. A lot of what cloud computing offers is still constrained by the limitations of the capability the organization has access to and the assets that the organization has. I think what will happen is the same as what we saw with the advent of broadband and the Internet. When you first do it people ask in the interest in the method by which they access the form and they understand the limitations etc. I think with the cloud at the moment people are starting to get their heads around that instead of it being a completely new parable where all the rules have changed. It is actually just a more efficient way of delivering computing, storage and networks than the traditional static model where people used to do it with data centers they built themselves.

I think the ‘relevance’ if you like is that the only practical mechanism for all these devices to evolve (and use a Smartphone in Europe and you get a feel for the impact of the lack of an open access to that kind of model) is that all these devices rely on the assumption that there is going to be computer storage and network available for them to use.

I think you will see a growing convergence of network computing and storage and a level of sophistication that allows people to get different levels of security and different levels of optimization about how they build their backend up services. I think from that perspective it will be seen as a emphasis, in the same way that broadband in Europe drove the expansion of backbones in Europe largely single handedly, Smartphones and devices of that ilk are the ones that are driving the consumption of internet and driving the creation and consumption of computing and storage. They almost have a direct relationship.

What will happen is you will go through the first stage which we have just had and you will start to see people who are just starting evolving upon the key issues which are going to be how do I broaden out my computing storage so it is really highly resilient so it doesn’t go down. It may be problematic or it may cost too much or may be too slow but fundamentally it retains its form and shape 24:7/ 365 days a year. Computing and storage can evolve to that kind of level.

For related articles and podcasts visit http://www.itproportal.com

What is the background to Bitcasa?

Bitcasa is actually a solution to a problem that I personally had a few years ago I was working for Mastercard designing a fraud prediction system which would take your credit card swipe and determine whether that was a fraudulent credit card transaction or not. Meanwhile, I bought a Macbook Air and I installed all my music and development tools on it and then promptly ran out of space on the device itself. The way that you solved that problem back then was to buy an external hard drive and you move your photos and music over to that actual hard drive or you get a USB stick and you carry the things around that are larger than your device. I thought that there had to be a simpler way to solve that problem and that was when Bitcasa was born. Bitcasa is the world’s first software hard drive so you install Bitcasa on your desktop and Bitcasa creates a virtual hard drive that is literally infinite and it never runs out of space you can move your documents, videos, photos even programme files over to your Bitcasa and they don’t take any space on your desktop and it just never runs out

How does it compare to existing services like Dropbox that people might be more aware of?

It is actually radically different. So, if you think about Dropbox when you install it on your desktop it doesn’t give you more space and this is typical of all the synchronization solutions that exist today. So you install them and what they do with them is they give you a special folder that copies the data from your desktop to the Cloud but it doesn’t move anything it and doesn’t add capacity to your desktop. So if you have a terabit of capacity on a hard drive, when you drag and drop that to your desktop into your syncronisation folder it will just run out of space on your desktop. That is not the case with Bitcasa because when you drag and drop into your Bitcasa drive it never runs out of space, your desktop never runs out of space you can access it all instantly from every single device that you own.

We are living in a multi device age of course, how does this allow you to access files on your desktop, laptop and Tablet etc?

It is exactly like having the storage that follows you every single place that you go so that when you get Bitcasa your phone is now infinite, your tablet is now infinite and every device that you own is too. We are also announcing a 2.0 version of IOS. All the photos and videos you copy to the Cloud can be accessed instantly, all the documents and every single file that I own that is on my desktop is now instantly accessible on my mobile phone, there are no limits, no quotas, there are no file size constraints it is just everything and its infinite.

Is this a useful tool for sharing as well?

Absolutely, over the weekend I took my daughter to the beach and I recorded several videos, took various photos and I wanted to share that with my mother. So instead of me picking and choosing just the videos and photos that I thought were small enough to send I just took the whole experience and sent my mother a link. She was instantly able to access everything; there is no more uploading no more figuring out if there is enough space in an email.

You are launching first of all with a consumer-focused product but are there any plans for business applications with customisable API’s?

There are some things that will be announced within the next few months and some of those will be API’s but today we are 100% focused on consumers and there are some small business plans that will be coming out as well.

What do you have in place to ensure privacy and security of users data and files?

That was one of the first things that we thought about when we built Bitcasa and invented this technology. We need to feel comfortable to copy all of our data to cloud so what we do with Bitcasa is we 100% guarantee your privacy by encrypting everything clients sign on the device. So even though I am the investor of the technology and I have complete access on our servers I cannot access any consumer data for any reason at all because it is 100% encrypted. Even if a third party intercepts everything, there is nothing they can do because it is all encrypted with the consumer’s credentials.

Is this useable across operating systems as well, can use this seamlessly across my Apple and Windows devices?

We are supported on multiple platforms including IOS, Mac, Android, Windows, Google Chrome, Firefox and every single platform that is popular Bitcasa supports. We can transform the contents of the device itself. Say for instance you have a video that you had recorded using your camcorder at home we will actually transform that video to fit on the device that you are watching it from. Also we can transform it so that it can support the format on the band that you are actually watching it on. It is just like a Netflix or a Spotify for everything you own.

Once your users have uploaded their files to Bitcasa, do they still own that completely and exclusively?

Absolutely, your files are always yours and it is the same level privacy that you have on your desktop it is actually a higher level of privacy than you have on your desktop because everything on your desktop is unencrypted. If you lose your desktop and whoever finds your desktop has access to everything that stays on that pc it is not the case with Bitcasa since everything is encrypted inside it is always protected and you are always safe and you are always own your own content.

Do you see this as a new way of backing up your devices?

People use it to never have to back up again. The way Bitcasa works is that as you are using your pc Bitcasa automatically if you chose for it to do so copies your data behind the scenes to Bitcasa for safe keeping so you will save something to your desktop and Bitcasa will automatically copy it to the cloud. There is nothing that you have to do it is automatic so backing up is now a thing of the past. It is something that happens as you use your pc.

You’re boasting infinite storage, is this really true and how have you managed to offer this?

It is absolutely infinite. A lot of times when you hear things like that you always wait for the catch. I am here to guarantee there is no catch it is infinite save as much as you want and we will keep it for you safe and secure and make it accessible across every single device that you own there is no file, size limitations, there is no device restrictions it is infinite.

A problem that you sometimes find when using services like this is when out and about if you start uploading a file and then the 3G connection drops out and the upload doesn’t complete, there is sometimes a risk of losing data how have you managed to get around that with Bitcasa?

Since day one we have been extremely careful with making sure that consumer data is always protected so we will never report back to the device that it is successfully saved unless it has been successfully saved so we do not take shortcuts we make sure that your data is always secure. You have a higher chance of deleting by accident than us losing your data.

Do you see this as the end of the requirement for big local storage on devices; maybe even the hard drive entirely?

This is absolutely the future people have been talking about this for the past 20 or 30 years. In the future we do see the network getting faster and faster We will shortly see the deployment of  LPE networks which are lightening fast mobile devices, streaming is now the future most of the things we do now can be accessed like Netflix and other streaming services we  see the same trend happening with your personal data where it is all saved in the Cloud and it all backed up, its encrypted its instantly accessible across every device that you own, you don’t have to worry about losing it the biggest concern you have is maybe instead of you taking your device out of your pocket you accidently throw it into the washing machine now what about all those photos you have on your mobile phone. In Bitcasa world that does not even matter because you are always backed up and you are always safe. The things you notice is that you really don’t care about the physical phone itself but you care the most about is the data that is on it so protected that.

He starts by telling us a bit about the background of the company and how things have developed to where they are today.

For related articles and podcasts visit http://www.itproportal.com

We are a mobile money company and we look at mobile banking, mobile payments and mobile commerce. We are about 10 years old and we originated from the idea from our two founders to allow banks to service their customers via mobile. Back then there were no Smartphone’s, the banks were not too keen on small technology companies hooking into their core banking systems and so our founders had the bright idea of using the ATM network to connect phones to banks and this worked brilliantly. With an ATM you can check your balance, you can look at a statement you can even pay bills and so this enables mobile phones with SMS without touching the delicate core banking systems. Of course, since the advent of the iPhone and other such Smartphone’s we are now seeing banks with good mobile banking platforms seeing more transactions over that channel than all the other channels put together including online banks and phone calls.

Mobile payments are becoming more a part of everyday life but put us in the picture as to what volume of transactions are being carried out through mobile platforms currently and where is the growth coming from?

The last numbers published show that we are doing about 3,200 requests per second over our systems and some of our customers have disclosed their usage. NatWest here in the UK for whom we built their platform are getting 25 logins per month per user from their retail App. So people on average at least once every working day are having a look at their App either to check a balance, transfer to a savings account, pay a bill and more recently to pay their friends on the pay-to-pay payments.

What are some of the latest developments in mobile banking that we should all be paying attention to?

What is interesting to both our customers and us is this very high usage ever since 2000 when people started talking about killer Apps. The technology industry has been looking at killer Apps and it turns out that the humble balance enquiry is just that. We found through surveys that people who have started using mobile banking not only interact more with their bank which the bank is obviously delighted with, but also they pay lower overdraft fees and lower penalties because they are much more in control of their finances. It very much meets the needs of people wanting to have a handle on their balance and not being surprised by going overdrawn. Having created that audience, the banks are thinking about what they can do with that audience now to continue to improve their closeness to that customer. Mobile commerce is one area where this could work. Right now if you are trying to buy stuff on mobile one of the biggest reasons why transactions don’t complete is that you are suddenly asked to type in your credit card details, your name and address and it doesn’t really work on a small screen but if that ability to one click pay were made available via a trusted App like your bank, then that could make that process of whole lot more seamless. If we get it right and people are receiving the kind of offers that make sense to them then it ends up being a win win, the consumer gets what they want perhaps it’s an offer by way of discount from their bank and the bank continues their relationship with their customers.

It seems to have given the relationship between customers and banks more immediacy – is that true with what you have seen too?

Yes it has and it is striking this change in behavior. We did some research with the US population which showed that 50% of people paid lower fees as a direct result of taking on a mobile App and 25% actually visited an ATM less often which is curious because you can’t get money out of your phone? It turned out a lot of visits to the ATM were just to check balances and not to get money out. So it really does change banker’s behavior.

Have the developments in mobile allowed banks to have a closer relationship with retailers?

Like a lot of traditional industries the digital age is creating disruption and clearly for High Street retailers the focus has been around the whole online experience. Many High Street retailers are moving online but one problem has been that unless you have got the kind of audience like the likes of Amazon has and the nice one click payout experience it always tends to be a slightly slower experience to check out using these other ecommerce sites. Equally, if you are a bricks and mortar retailer, say you have got a physical advert on a bus shelter or in a High Street your problem is that people will see your ad and then go and buy it using an online retailer rather than going to the store that is actually doing the advertising. Something we set up last year was a joint venture with Carphone Warehouse and Charles Dunston called Mobile Money Network and this was really to trial what we would refer to as a physical instant mobile checkout. Using this technology retailers and brands could advertise a product and it could come with either a short code on the advert or it could be a QR code that you take a photo of, or you could even just take a photo using your Smartphone of the entire advert. Because you had pre-registered your name and payment details and address with the app that was all you had to do to purchase and that product would be delivered to you the next day, instant checkout was reality.

Having trialed that and seen its success what the merchants and retailers really wanted was a big audience for that app and so we acquired the third party stakes in Mobile Money Network and it became wholly owned by Monitise. We are now in the process of integrating that Mobile checkout into our apps, which are used by millions and millions of consumers. Suddenly it becomes a much more interesting way to checkout for retailers so we are getting huge interest there.

Does that whole change in purchasing behaviour offer opportunities for increasing revenues?

What we are trying to do is help banks, retailers and others with what Google is doing offline and online. It is no coincidence that Google is getting interested into the mobile wallet space as well and right now roughly 5% of retail commerce in developed markets is online. If you click on a Google ad through a Google search or through a Google provided ad on someone else’s website and you go on and purchase something online, Google will receive a lead generation fee. That is something like 5-10% of the transaction value, which is a fairly chunky amount, it is much much more than the payment interchange rate that a bank would receive through a payment on one of its cards. Now wouldn’t it be great if you received an offer on your phone and then you walked into a shop and redeemed that offer. You could get the same lead generation fee so Google were interested in doing that. With their wallet they had some kickback from some of the mobile phone operators who were not too keen on co-hosting it for them and also retailers are a little skeptical about being seen to be giving away their data to Google. The great thing about banks is that they are not trying to steal anyone’s data, they are basically acting as an orchestrator here and allowing what are quite often their own retailer customers on the corporate side to create the same type of transactions and offers, but in a way that does seem the retailers are giving away their data. I think that is the way to think about it.

How do you ensure confidence over security and privacy on mobile platforms when it comes to financial transactions?

One of the things from the survey that we recently commissioned is clear that a trusted brand, a trusted financially instituted brand, goes a long way towards making consumers feel secure here. Some of the companies we work with like Visa for instance took two years of due diligence before they started working with us back in 2009. An awful lot of effort goes into security by banks and other financial institutions and payments companies because you can’t afford to be making mistakes. It takes a lot longer to recover from them afterwards and so I think there is a built up trust there and I think you are going to see for instance Visa coming out with their v.me button is going to begin to appear this year in the UK on ecommerce and mobile commerce websites and that will begin to allow banks using those rails to allow one click purchases through mobile commerce websites.

How secure is the mobile? Well, this is an interesting one, one of the consultants I speak with often says “well how secure does it need to be given that your credit card has your name and your number printed on it for anyone to take” and I think this is an important point. It is impossible to get 100% secure here but you can certainly get good enough security and with the mobile phone the wonderful thing about a mobile is it is very personal to you. I think I saw some statistics somewhere that if you lost your credit card or debit card it took on average a couple of days for you to notice unless you were going to pay for something that day. With a mobile phone, you know you have lost it within 40 minutes. There is an inherent security with a mobile phone that you know you have lost it and of course it is very easy to switch it off, you just call the operator or even there is an App where you can go online and switch them off with some operating systems. The other thing that is more secure with a mobile phone than say online is that when you go online to an App you can pretty much do it from any computer certainly with online banking I can use the computer in my office, I can use the computer in my home or use an internet cafe and I can still log in to my online banking. What we do with online banking applications is to lock them to one phone so I happen to bank with NatWest but I can’t use your NatWest app on your phone to log into my account it has to be on my phone and there are many ways we lock the app to the phone and so that adds another layer of security. I don’t think that is widely understood yet but I think it is something that we and our customers and partners can continue to communicate to consumers.

Mobile phones especially seem to touch every element of our life at the moment, are we edging ever closer to a cashless society with technology developments such as these?

Great question, something like 50% of transactions in developed markets are still cash in value terms particularly when you include all the huge sums transferred from business to business, it is something like only 6% of the value of transactions are now cash. In some ways there is a long way to go in other ways we have already largely moved to electronic. There are many reasons to do with tax collection and to do with fraud prevention and criminal activity for governments to be interested in reducing the cash economy and increasing the electronic economy and actually there are good reasons for the economy as well. It is a lot more expensive in total to handle cash than it is to deal with electronic transactions so you can see a lot of regulations trying to increase people’s usage of electronic means. I think it is inevitable that over time cash will decrease but it will take a long time in my opinion and it is a huge debate amongst colleagues and peers in the industry.

 Is the take up of mobile platforms varying in different markets across the world?

It would be wrong to say it is the same but it not necessarily blanket more or less in different countries for instance the survey we have just done shows that Germany compared to the UK, German people are a bit less receptive to doing mobile payments than UK consumers and yet if you ask Germans if they have ever redeemed a coupon or an offer on a mobile phone more of them have done it on a mobile phone in Germany than here in the UK. You get pockets of behavior and it also depends who in the country owns a Smartphone, in Spain the penetration of mobile phones with the young is much higher than it is in Germany and to some extend than the UK. That means that behavior on Smartphone’s is more youth oriented so they tend to use the phones for social networking for listening to music and that kind of thing whereas in Germany and the UK it is a bit more for checking prices and finding directions for instance. You get little different flavours depending on who uses the Smartphone.

 For related articles and podcasts visit http://www.itproportal.com

Lee first of all, explain the background behind where this zero email initiative came from?

Many of us in the organization were not really prepared for Thierry’s announcement. We took some time to understand what we were going to do with it. We understood that he was serious about the commitment and that we were going to get engaged but quite how we in UK Consulting were going to use this took a bit of thought. It didn’t take long to get behind the zero email schemes and work out that it is actually a symptom of a broader frustration. How do the working professional classes, the knowledge worker if you like, make the best of the time we have got available during the day? Is technology helping us to become more effective and productive or is it actually getting in the way? So the way that we have taken on the zero emails initiative in UK consulting is to focus it on the professional working classes, the knowledge worker and to take email along with a range of other things as part of an approach to making our days more effective and more productive.

 We are all aware of the time that we all spend sifting through email, but of course email as a communication is there for a reason, so in a zero email environment what is supposed to replace it?

Email as a tool is decades old and it tends to have become the default tool. So it is the only tool for communicating, collaborating, sharing documents and for working together on documents. But it is not always suited to all of those purposes, so the approach we have taken in UK Consulting is to address what the key staff groups, key roles and requirements are in terms of information, contents and collaboration. What is the best set of tools that meets their needs? So for example emails still have a place with our delivery consultants but it sits alongside instant messaging, it sits alongside an enterprise social networking tool, and it sits alongside SharePoint. Our role has been to help people understand for which tasks and under which circumstances email is the right tool for the job or whether one of the others is better.

 Is the old-fashioned phone call perhaps part of the answer here, or the change in behaviour to ensure workers aren’t emailing a colleague who is only a few desks away?

I talked about the tools required for job but the behavior aspect is very important too and it is not just get off your backside and go and speak to people wherever possible it is about questioning some of the other behaviors. Regularly we are able to measure internal email generation for our staff and I talked to people who are having more difficulty in reducing volume and you get some surprising things coming out such as; “I am running a big project and I have got 20 guys in my project team and I need to make sure that when we have our weekly meeting that we minute all of the actions and then I send those actions out as an email and store all of that in my inbox and that is the way I make sure that we get things done.” We are trying to change the behavior that suggests that just because you write something down in an email and send it to somebody and store it, doesn’t mean they are going to get it done. There are different ways of doing it so trust people to do what they say they are going to do and cut down the email traffic as one example of the behavior aspects behind this.

Conversations are easy to backup, keep track of and be searchable on email so what is the answer to this using things like Instant Messenger?

I think for some organisations regular requirements that is quite a knotty problem to solve and I don’t think we are there yet is the honest answer, from my business there genuinely is not a need to store conversation in that way certainly by email so we are able to cut through it internally for example when we work with clients in financial services then this is an issue and we have to take a different approach.

There is a link you have with Team Sky the British cycling team and you have been working with them on efficiency improvements, talk us through what you have been doing with them?

The zero email thing is just one aspect of a broader goal which is about improving the productivity of let’s just say knowledge workers. I think knowledge workers are probably the final frontier in terms of efficiency and productivity improvement people who work in direct industry, in direct fields have had help in the past to improve their productivity. Knowledge workers have not and yet they represent 60% of the UK’s wage bill. We conducted some research recently with a number of external organizations in the public and private sector and we were testing a view with them that a) there is an opportunity to become more productive in daily working life and b) that the concept of the aggregation of marginal gains which we borrowed from the sporting world is an idea that might help them to do that.

The example in the link to cycling is that we are all aware of the success of Team GB and Team Sky, their mantra is that if we can get 10% better overall in terms of an athlete’s performance by understanding everything that impacts the performance of that athlete. Also by getting just a little bit better in each area like the performance of the bike, the equipment support chain, the diet of the athlete, and recovery of the athlete, the psychology. They have a pretty relentless and exhaustive approach at driving these marginal gains and making them count. What is the equivalent of that applied to the professional worker as the athlete as the concept we are trying to work through.

Can you see the zero email methods of communicating you are employing shaping the behaviour of workplaces in the future?

I can really see the opportunity and we are not alone. 50% of the knowledge workers that we spoke to said that they believed that they could be up to 50% more effective so that is a big prize to go at. The whole point behind this marginal gains approach is it takes an awful lot of work and time, you need to move a lot of things forward on quite a broad front. Do I see the industry as a whole taking on the consequences of this? I don’t know but we are trying it ourselves with our own business and we are having some success. We have reduced the number of emails that we generate ourselves inside UK Consulting by more than 65% and we are finding better ways to put that time to use and our business performance is improving. Can I show a hard cause and effect correlation between those things not really, but we think it is having an effect.

Well it’s an interesting concept, what’s your final bit of advice for any organisations that are considering a similar scheme to your zero email policy? 

My advice would be that there is not a silver bullet it is about moving lots of things forward in small steps every day. It takes time and absolutely the way to go about this is for it to be role based within any organisation there are a number of key roles and our objective to this should be to help people to perform better in their role. To all of this improvement stuff whether it is about email, whether it is about training, whether it is about collaboration tools, whether it is about reducing emails it should be focused back on helping people perform better in their role in that way I think you have got a chance in being successful.

 For related articles and podcasts visit http://www.itproportal.com

Matthew starts by giving us a bit of background on Interoute the company and why they have specific views on this market.

We are an infrastructure provider right across Europe and we do everything as we say from the ground to the cloud that means literally everything from our 60,000 kilometers of Lit Fibre right up to fairly sophisticated converge networking cloud computing infrastructure for some of the biggest companies in Europe and across the world so our services extending into 88 countries and we basically focus on communications, computing and connectivity infrastructure for enterprises and for service providers.

Talk us through the transitions and changes in the way that organisations are purchasing applications over the past few years?

I think where we have come from is that people would have bought their computing resources or assets and then license it in some way, everything from the days when you would get your books and books of CD’s and label it up and this kind of thing. We have always had pretty much the same mechanism whereby we want to buy the license for something. But the what has changed with things like the consumer app stores is instead of me taking physical media and having it come through the post or a person delivering it and shoving it into a machine I am now downloading it. This is possible because networks have got quick enough and useful enough as a delivery method but fundamentally we still have the enterprise level, and we still have a model whereby we are going out and licensing it in pretty much the same model as we have for the last 10-15 years. Now though you have got more of a subscription type model but fundamentally we have improved the delivery of the media and this is the pivot point in all of this in terms of how our consumer app store is starting to tip over into the enterprise and all that entails.

It appears to be a case of people wanting the same experience within the purchase of enterprise app’s as they currently have within the consumer market then?

Ten or twenty years ago your enterprise experience, your company experience, your corporate experience led your home experience you would go into the office to upload the video or download the video or do whatever you wanted to do. However, these days it is probably the inverse, people stay at home and feel they have got a far better experience and more agility in how they use their IT environment at home than they would have in the office. There are a ton of reasons behind that security and IT practice being one but fundamentally I think the biggest difference is really the difference between the thing you are downloading it onto and I think that is where the challenge is really for the enterprise app store.

How have the developments in cloud services affected this process?

The rise in cloud if you want to give it that name really means for many people that they can get access to those services which in traditional times would buying a server that you would rack, connect and patch it through to your corporate network for access. It created a model where if people have those kinds of platforms they have far more agility because they can get them as and when they need it. You are getting closer to this environment.  If you take this ultimate consumer environment you are out and about and trying to find something and you realize that there is an app that does that thing for you, you can download it and you can use it instantaneously. The enterprise is never going to quite do that immediately because typically you are downloading it, using it and then if you like it only then releasing it to a community. One of the key developments we have seen and one of the big shifts in the way people buy from us is that one of the challenges for the enterprise is that unlike the consumer who has an iPhone or an Android phone or a Windows desktop or an Apple operating system, i.e. 4 or 5 tightly controlled platforms, the enterprise is a far more complex beast. It may have grown organically; it may have grown through acquisition so you have got different bits of infrastructure in different places and not always on the right place. So, one of the things we have seen a lot people doing is using the cloud and we checked network communication and computing as really a way of homogenizing their infrastructure. That gives you a much more level playing field in terms of how your corporate infrastructure can run and therefore it means that the enterprise app store actually starts to make a lot more sense if you have got a consistent layer of infrastructure.

We had a customer the other day who is a VPN customer of ours who needed a firewall, he went onto our cloud store and had a quick look and decided it kind of made sense had a quick live text chat with one of our engineers and then bought it. That was it. In the traditional world that transaction would have been a 2 to 4 week type engagement. You are getting a far more immediate type of interaction but a key part of that is is people are able to standardize their infrastructure.

Has this enabled software vendors to pass on a cost saving to their customers as well?

That is one of the most fascinating things and we see first hand what people are willing to pay for. Most people will be aware that one of things we see with cloud infrastructure / software defined networks is that it kind of breaks apart the components of software technology.

For example, that firewall you used to buy as a box is really a Linux box running some software. Now you strip off the software you can see in the naked daylight the value of that software. On the cloud store we advertise the price that the consumer tells us that they think is the right one which is great. It is interesting to watch what people will pay for and what they won’t pay for and in what they see value and what they won’t see value in. I think the next 2 years are going to be really interesting because if you like for every type of software we have on the cloud store we will have the nearest open source equivalent. The key thing you have right now is that you have far more transparency about it especially at the appliance level. The cost of the software was hidden in the cost of the hardware in the appliance level and if you separate the two out as you do now you will say that the Firewall was for instance, 160 Euros a month and be able to question whether that is good value and the answer is – it depends on the user.

Is there a security risk here in that the way that the software is delivered is opening up an opportunity for malware planters to access a much larger number of organisations than they could have ever have dreamt of with traditional software delivery?

I think the thing about security in the cloud is sort as the same as it ever was really. If you look at how for example we have built our cloud infrastructure we have tied it into the NTLS infrastructure so we use network separation to isolate instances so those instances are matched from the hypervisors through the VLAN and beyond so it is exactly the same security and separation mechanisms you will use in your own private cloud environment. Fundamentally people talk about the cloud at a computing level but you have got to bear in mind that everybody is connecting to a network and all networks (99% of them) for most people will be shared in some way or multitalented to give it the more correct term. I think the normal considerations have to be taken into account just because it has got cloud in front of it does not mean you shouldn’t ask where is my data. Is all the software that sits on your cloud store has it been certified has it been checked do you know where it has come from, this kind of thing. I think that for us we have seen for security that most of the security concerns are answered in exactly the same way as you would answer any question and I think that should be the rule that anyone should apply, the key thing here is if you ask a question like that and you give an answer which I was once given when someone asked where the data was then I would start to worry because if it is in the cloud you want a street address. It is in a data centre somewhere and it is extracted and it is the level of control that you give the user in these sorts of things that is important so whatever the brand whatever the label just apply the same security rigor that you would with any service and you will probably get the right answer.

Have you had to challenge perceptions around the idea that some IT managers may hold that a program on a disk is fundamentally safer than something downloaded from a website or cloud server?

I would have thought (and you can’t speak for all IT managers) that most of them would have been comfortable with receiving patches and updates from software vendors via networks which has been the case for a number of years now. I remember when I had a company and we were working with Microsoft a lot and we would get our update pack through the post in the early to mid 90’s. It was big, there were a lot of CD’s there and most people should be comfortable with receiving software off the likes of Microsoft via Microsoft.com for instance. You can’t be completely paranoid but by the same token you should just be sensible. If you trust the brand you are getting it from, be it a brand you know or someone who has got a track record of customers that look like you and smell like you then that is a big part of it. Is it a website you have never been to before? Does it share a generic name or sounds like something slightly knocked up? Then I would probably doubt it myself too. Again it comes back to apply a sort of common sense, if it is a brand you know and trust and also if you can ring someone up and say this didn’t work then you can buy with confidence. That’s another thing, what is your comeback if it doesn’t work and what is your comeback if things don’t work out the way you want them to? It is understanding that and it is reading the SLA that will tell you what they are willing to warrant and what they are not willing to warrant.

Does the way that this delivery method allows IT Mangers to pick and choose certain elements of software they want to pay for actually impact in the way that the applications are actually developed?

Yes because I think you still have a fairly strong element of even thought the delivery mechanism is changing quite rapidly the licensing mechanism is still almost the same shrink-wrapped model you used to have, you buy it and you might have a lease model etc. One of the biggest things we saw when we first started the cloud store was how differently people wanted to use this. One of the key things that this environment gives you is the ability to do is just try things and see if they work and if they do then you buy them and I think that is what changes with software is that people are going to be far more agile in the bits they use so instead of having these big long development programs at the end of which you are only going to get some kind of result. Instead, people are releasing little modules as they go through and I think for a lot of people the way they digest software will be more receptive and we have seen the ones that do well are the ones that have the lowest barrier to entry. They will have utility billing module right down to an hour the minimum commitment might only be a month or something and so people are really able to have complete freedom to try something. What that does is it ultimately reduces and eliminates the pre decision type work that people have traditionally had to go through. I think the software licensing will change and on the back of the change you are also going to see a shift in the way software is developed to be more modular in the way it is released.

 For related articles and podcasts visit http://www.itproportal.com

Andrew, start off then by introducing Igloo, who are you, what do you do and where did it all start?

Igloo is what we refer to as a social business software company and essentially we make cloud based intranets that bring modern communication and collaboration tools into the business for the purposes of productivity. The company started in 2009 essentially as a platform that helped to connect together whether it is employees inside organizations or connect organizations to external constituents like customers and partners and so essentially we produce both social intranets and social extranets that are 100% cloud based.

I mentioned that you worked alongside Bill Gates at Microsoft. Tell us about the sort of things you were doing back then and how those insights have helped you at Igloo software?

I had the privilege of working for Microsoft for about 18 years and worked on a number of different businesses many of which helped in how to apply the learning here in my current role. One of the places that I worked was heading up office PR so I spent a lot of time working on the problems that knowledge workers face in communicating and collaborating together and how we can make a better office product for them. In addition I had the good fortune of working with Bill Gates and other senior leaders at Microsoft working on the tablet PC that was really the pre-curser to the iPad back in 2000/2001. What that taught me was a lot about how knowledge workers interact on mobile devices and how that is different from lets say a desktop and the types of things you could do on a different size screen and portrait mode. It really educated me a lot on mobile and how you can build great applications for the purposes of mobile. Then of course I worked on the Windows products as well and ran a lot of the Windows campaigns and was able to look at the operating system aspects. All of these things helped me to be able to inform now what we do with social business software, which is essentially the next generation of productivity tools that take the form of intranets inside companies.

Social, mobile and cloud are of course areas that all IT departments are looking to integrate but tell us what you think organisations should consider when they look for providers of these solutions?

What is interesting is I have been in the industry now for almost 25 years and I have witnessed a lot of technology and milestones from mainframes to client servers onto virtualization and that sort of thing but really it is social, mobile and cloud that are really the largest technology trends that I have seen to-date. They are compelling trends in their own right but they are converging together to drive social adoption within organizations.

If we start with social I think it was Mackenzie that found in a recent survey that something like 72% of organisations surveyed had already adopted a social technology of some type so it is clearly in main stream adoption right now within most corporations.

On the mobile side of things Gartner has assessed that by the end of this year, your cellphone is going to outpace your laptop as the most popular device to access the internet and so clearly mobile is having a profound effect on our working and personal lives.

Then on cloud it was also Gartner that assessed that by the end of this year only one-fifth or 20% of organisations will have no IT assets whatsoever so they are going to turn 100% of their IT requirements to the cloud. When you bring all three of those trends together those things are what is really driving this very aggressive adoption of social technology.

These services really have changed the habits of employees and the way people work haven’t they?

There is no doubt that that is the case and it is more a case I would say that it is people now working the way they want to work versus the way they have been asked or in some cases forced to work based on the tools that they have been given.

If you think back to the tools that a knowledge worker used to be productive and how that has changed in the last 20 years, we have given you a word processor, we have given you a cellphone, we have may be given you a spreadsheet or presentation programme and email but not much has really changed. What happened is in the consumer world there started to be this emergence of tools that were far more lightweight and easy to use and self-service. We all know Facebook, Twitter and LinkedIn and these are all tools that end users were able to configure and get up and running to work on their own. It allowed them unprecedented levels of networking with their peers, with their friends and with their family. So they came into the workplace expecting the same self-service lightweight tools and they didn’t get them. So the consumer market is really where these business social software trends and tools came from because this is how end users really want to work.

So talk us through some of your offerings and how you have managed to bring social, mobile and cloud all into one package?

You can think about Igloo as the new generation of intranet. It is not the intranet that you are used to. The intranet that you are used to, if you have one is a one way read only information repository where you go to find information out or documents and it is generally outdated and stale and it is certainly not the place that you go to collaborate. It hasn’t been the place you go to get instant updates on what is going on in your organization either. So the category of social business software that Igloo provides is a modern intranet that pulls together modern communication and collaboration tools that do those things for you.

I will describe some of those. You are probably familiar with Wikis which is essentially a new type of document, a forum for asking questions and micro blogging for sharing a thought very quickly. Also, activity feeds which automatically tell you what is going on in your company by giving you a list of new documents for example that have been uploaded or comments that have been made. The ability to follow content so if I follow a piece of content I am interested in, each time somebody updates it I am automatically notified so I can go and see what has changed. The list goes on to include rating where I can rate content and then later on I can assess what is the content that has been the most popular and the most consumed and try to seek out who the authors are of that content.

All of these tools now have come together in one modern intranet service that is 100% cloud. In other words there is no installation, no maintenance and no patching you just turn it on and allow people to communicate and collaborate on documents and produce finished products and content as a result of that collaboration.

An interesting feature is the ability you have built in to track the engagement of users, why was this important to integrate into your offerings?

The justification for deploying a new social strategy, whether it is Igloo or anybody else needs to have some kind of ROI associated with it. You can’t just say people are going to be more productive because they are working more along the ways they want to work to justify this new investment, you need a way of being able to measure that. You need to be able to look at what type of interaction people are having with each other and what content and that assessment is what I am seeing along the lines of the improvements I am looking to drive within my company. So we have contracted with Microstrategy who are a leading analytics provider in the BI space who have made possible for the very first time the ability to actually measure peoples interaction with each other and content as an indicator of their success. For example, for lets say you have two teams one east coast sales team and one west coast sales teams. We know that the east coast sales teams are selling better than the west coast we just don’t know why. They are getting the same type of leads they have the same type of skills, now we can delve into what it is that the west coast team doing differently, are they following content more often than the east coast team are they micro blogging and communicating more often, are they maybe following content from other departments like the product group so they can see what products are coming down the pipe and are able to convey that to their prospects?

These types of insights are going to be very powerful to help reinforce those types of behavior across the company.

Where do you see the developments in this space going next? What do you see the future holding?

The world is moving more and more towards self-service and it started in the consumer space. That expectation has been brought into the business and it is to the benefit of the business user and IT departments if implemented correctly. In the case of BYOA and BYOD, (‘Bring Your Own App,’ and Bring Your Own Device’) I would say that the pendulum has maybe swung too far in that direction to the point that it is the end user who is now starting to dictate what comes into the company. All this has started to put pressure on IT departments to really regain some level of control and process and how all these things work together.

So, while it was an important milestone to start having these end user driven applications come into the company I think you are going to see the pendulum start to swing back into more of a balanced place where IT is the provider and the entity that puts process around the applications even though these applications are self supporting. You are going to see IT departments becoming more of an ad market place where the apps are sanctioned and applications that any user can use and the user goes in self provisions and uses those and configures those themselves.

In terms of security do you see enterprise class app stores being the answer to managing the distribution of these services?

It really is. I refer to some of the Dropbox type of cloud transfer utilities as ‘consumer cloud’ and they are very popular because they do a good job of transferring files but they are not necessarily secure. What enterprise needs to see is a secure solution that integrates with what they have already got, be it an active directory or a single sign-on that meets all of their security requirements. Having enterprise class of cloud provider is critical versus a consumer class because that just doesn’t scale over time and so you will absolutely see that balance of end user friendly tools but with enterprise class security.

For related articles and podcasts visit http://www.itproportal.com

John starts with explaining how this research came about.

We have been doing surveys out to prospects and customers and people in the industry around BYOD. This is not just a Rackspace customer survey but covers the broader industry and we wanted to gauge how people are adopting these various technologies and the trends that are behind them. We started with cloud computing and we have moved on most recently to mobile, Bring Your Own Device and the trends towards application delivery on a mobile device within the context of IT. It seems that the trend is really picking up in that direction. One of things that we picked up on was the trend towards more and more business applications within the enterprise being delivered primarily on a mobile platform. I think in the past we used to look at maybe a desktop client and then we moved on to the web browser and I think the trend is in the direction of many applications being delivered as a primary mechanism on the mobile device and whether that is a tablet or Smartphone or some other device.

As we look forward the real trend is that people want that same experience that they get in their consumer lives whether it is a social networking app or one of their other favorite applications, they want that same experience delivered from the IT department with their business applications. That came through loud and clear in the survey.

Were there any real surprises within the survey’s anything that you didn’t expect to find?

We are a company that is always looking ahead in terms of cloud computing and adoption of these technologies so I don’t think there were huge surprises. I think there was more a validation for us. I think the surprises were in just how far people are taking this, the numbers were higher than we expected in terms of adoption. There were some numbers in the 80% range where I figured that people would be 50:50 in terms of how they were adopting mobile devices. Some of the questions we asked led me to believe that this was just an unstoppable trend in terms of the adoption of mobile in the workplace for real business applications, I think that was quite a surprise to me.

You mentioned that employees expect now to have access to applications within the workspace in the same way that they do out in the consumer world. What challenges is this presenting to IT departments?

I think what IT departments need to understand is the kind of tools and techniques and the technology that the big consumer web properties are using. That is part of our interest in this; to understand how fast this adoption cycle is going to happen and therefore how that impacts the tools and the technology that we are going to deliver. Cloud computing is a great enabler for mobile and mobile is a great driver in demand for cloud computing. I think they are like two sides of the same coin so from my perspective the message to IT is that you need to start taking these next generation tools very seriously. You cannot build a great mobile experience with last generation technology and last generation architectures so you need to be looking forward at what the big web properties are doing. What is Google doing to deliver their experience on the Android? What is Apple doing to deliver their mobile experiences? How can you take advantage of that as an IT leader or business leader and how can you tap into the same technologies set and make that a part of your application portfolio underpinning. That is really what we are driving towards as a company here at Rackspace with all the cloud computing offerings that we have we are trying to give IT the same technology foundations as the big guys have.

What are employees hoping to get out of mobile working or BYOD?

I think from an employee’s standpoint it is very much like the consumer standpoint they want convenience, they want access anywhere all the time they want a lightweight experience where they can get into their application very quickly and not feel like they have to open the laptop and find the Wi-Fi and log into the VPN and do all the things we are used to doing in a laptop or notebook experience. They want it at their fingertips, instant and reliable access. We are an increasingly mobile workforce, much more than in the past. We want to do business from the coffee shop, from the airport and we want to stay in contact with the rest of our workforce everywhere. We basically want the same kinds of experiences that we have come to expect at home. BYOD is the idea that a worker can bring the kind of tools, tablet or Smartphone they want to use into the workplace and not everybody necessarily is going to allow unlimited choice but we should have a great experience for the employee so they are not frustrated with his interactions with the tools and the apps that they are going to have to use in the workplace.

Did your research identify a rise in corporate app stores?

That was another thing that came up in the survey actually the idea that we were as employers or as businesses going to have our own app store. I can’t remember the number off the top of my head but again that was one of the ones that stood out to me that there was a large degree of interest in a corporate app store where employees had their approved applications and their native workplace applications and the ability to mix and match those depending upon their job role or needs within the organization. But yes, that was another idea that came up and I didn’t realise it was going to be as interesting to people as it was. They want the same experience as iTunes or the Android store but within the workforce.

What are the attitudes and concerns around security with BYOD?

I think everyone thinks of security when they think of adopting a new technology or bringing in a new technology into the workplace. Security should be on the mind of everyone in IT and even the employees themselves should be thinking that way. I don’t think it should be overwhelmingly difficult to start to adopt these new technologies otherwise we are stifling innovation. If you put security in this land of unattainability and just assume that we can never do this kind of thing because it is just not possible then I think you really just put people off from really trying to do innovative things. If you think about security in a practical way, the same way we have thought about it for all of computing history, you just tune it for the mobile. There are certain types of applications that are probably going to come sooner or earlier than others but we certainly do not want to turn off the innovation pipeline by saying things like security is a blocker and we cannot get past it.

What is the level of investment put into BYOD and mobile working by businesses out in industry in general?

Certainly mobile permeates the workforce at least at my company and the companies I visit a lot the mobile devices are in the hands of the employees all day long. They are on the move constantly and now I think we are starting to think about what application experiences we need to create so that they are even more effective with those devices. The question is are we going to as IT leaders, truly enable them to be as productive as they could be or are we going to give them the license to use these in a full business context rather than the current situation of a hybrid of personal and business, heavy on the personal and light of the business. I think is how it stands today but I think we could certainly flip that around and at least make it balanced and maybe even flip to the other direction. We need to give them the right tools and the right apps and give them license to use it in the ways they want to. In some ways it’s a matter of time, we need soak in this new technology. It is a little bit like ecommerce was in Europe in the early days, we were reluctant to put our credit card number into a website and that took a while for people to come to realise it was okay and it was going to be safe. We all picked it up as second nature and the mobile experience in the workforce will probably be the same.

It’s interesting to see how new technology is changing the way we work and do business isn’t, looking forward do you think the days of the desktop PC really are over now?

For me personally I believe it is. I think I have a tendency to try out the new stuff and move on very quickly. A true desktop is something I don’t own any more and I have a very small mobile set of tools. I use a thin laptop, tablet and a Smartphone and I tend to go for the smaller devices so I think that we are definitely going in that direction. There may be pockets where a large monitor and a desktop computer make a lot of sense but for the mobile workforce for the people who are consuming a lot of data, the executive staff can do without a true desktop or at least very soon we will be able to. They will always exist but certainly the days are numbered.

 For related articles and podcasts visit http://www.itproportal.com

Simon first of all let’s start with what you identified that lead to this study initially?

The global study went out to just under 2000 people who were all IT decision makers. What we were looking to find out was whether their network infrastructure was fit for purpose or their businesses future plans. We were obviously looking to see how they were going to grow their networks over the coming few years. The interesting the information that came back really told us that Brocade’s strategy around fabric based technology and the future direction we have with software defined networks is absolutely on the money. Some of the scary statistics that we came back with were that a third of the businesses are experienced multiple network outages these days due to the fact that their infrastructures are not fit for purpose any more in the way they were originally designed for the way the businesses interact today. That is quite a shocking statistic in my perspective anyway.

Tell us about the sheer pace of change that has occurred within virtualisation and cloud and the issues this rate of change has caused?

If you go back a few years, the traditional three tier model service, the client server type interaction of an external application talking to maybe a data base or something in a data centre is what we refer to as north south traffic. The three-tier architecture that pretty much every network supplier has implemented and designed worked perfectly for that. It was a very good robust way of doing things. Unfortunately the way that data centers’ and businesses have changed means that there is far more inter process communication within the Data Centre. So you think about virtual servers to other virtual servers you talk about virtual farms of servers and talk about load balancing cross multiple applications. All that interaction is happening within the data centre so you now need to allow and enable this high performance, low latency conversation to happen within the data centre and the old model unfortunately introduced too many different hops or levels if you like to move from one point to the other. So as the applications and the usage of the applications have changed the design really has not changed with it and as a result we are starting to see it is creaking a bit at the edges. Brocade identified it with the way we treat fabrics and the way we have got on in our storage business for many many years.  You have got to remember Brocade has been in the fabric business since 1995 so we have a very long history and understanding of the benefits of the fabric technology. So when we employed that in the Ethernet world we realized that the whole benefit of the fabric being a very flat high performance layer two type network allowed these communications to happen so much so much sooner. The fabric itself is self-forming, you can plug in a new device and the fabric will have a new life and make it available to the rest of the fabric. It’s deterministic so it knows exactly the best path to go from point A to point B in the fastest way so that if something happens within the fabric like the link gets damaged then it will automatically reroute traffic. So there is no redesign required when the fabric has to flex to the applications needs.

Have data centers’ fallen behind and is cost a factor in any of this?

I wouldn’t necessarily say that they have fallen behind but I would say that business and the way that we use applications and the way that consumers use applications has changed so fast that the traditional ways of building data centers’ has not been able to keep up. I think that is where we are seeing the push around these highly virtualized datacenters and where Brocade’s strategy for the ‘on-demand’ data centre really comes into it’s own. Data centers’ have to be very flexible these days and they have got to be scalable and they have got to have a large amount of automation in them in order to cater for the demands of the customer base.

I would not say they have fallen behind I would say that the customer requirements have changed dramatically and very fast.

What impact are you seeing on businesses from the shortcomings that this study has suggested?

The impact we are seeing is really around the customer experience and customers are demanding very high level of service level agreements with their hosting environments or their internal IT department and what we are starting to see is that if they have very high performance requirements or very high uptime requirements some of this flexibility I just referred to that they don’t yet have is causing them problems in meeting those requirements. In these cases it is costing them money certainly if there is compliance issues meaning downtime is quite a financial hit that they can take in certain situations.

What needs to be applied to data centers’ to solve these problems?

One of the nice things around the whole concept of fabric and virtualization and software defined networks, certainly with fabrics you can bolt them on to an existing network so you can have a planned migration of the network from three tier you can add on a network without having to do a written replace so it is a very low risk way of migrating one environment into another. As you start to move into things like software defined networks Brocade has released the ability to do hybrid ports and what I mean by that is we can have an ISDN enabled flow network port that you can control via software and you can have that living in the same environment as ports that are dedicated to traditional networking infrastructures and ones that are dedicated 100% to software defined networking control under open flow. Brocade has made it simple and have de-risked the move from the traditional network architectures into what we believe is the architecture that data centers’ of the future will require and demand.

The report states here that 91% of organisations have admitted to needing substantial upgrades to cope, that 91% can’t really afford not to can they? 

I think this report is making that a pretty clear statement that the way that applications and customers interact and the customer service level agreements demand they have to change their data centre networks, data centre networks in the past were absolutely suitable for the way that applications were interacting with them. Unfortunately applications be they mobile, be they different types of web interaction have a different set of requirements in the data centre and the traditional three tier model we are starting to see is not necessarily fit for purpose for the way applications are talking to each other and to customers these days. What we are seeing is people moving into fabric technology which has a much simpler method of management of the infrastructure so the costs are running larger and larger enterprises is also reduced when you employ fabric infrastructure.

What would be your advice to IT managers listening to this that know themselves that they need to upgrade as well?

Obviously contact your local Brocade sales rep and have a more in depth discussion around the requirements for their own business but you have got to remember we have deployed well over 1000 of these brand new Brocade customers globally in all sorts of different verticals so we can certainly make their decisions a lot easier with a lot of case studies and reference cases in that are bound to fit into one of those areas so there are plenty of things that we can do upfront to demonstrate the capabilities and the terms and the benefits of fabric technology within their data centre.

 For related articles and podcasts visit http://www.itproportal.com

Chris introduces us to the research and the reasoning behind it.

Aruba has carried out research in respect of what is happening to the state of IT and specifically to the IT professional. The reason for this is that we see a lot of trends on the market place that are really reshaping the role of IT and so it was our goal to do both qualitative and quantitive research combine those findings together and take a look at essentially what the evolution is of the IT professional based on a lot of key the trends in the market place. Trends like BYOD, cloud and virtualization are all having significant impact on the types of skills that IT professionals need in order to be successful and also where they need to go to get those skills.

What were the knowledge gaps that lead you to conduct this research?

First and foremost obviously we spend a lot of time with the IT professional and I think part of this was trying to understand what the impact of a lot of the technology shifts that are occurring in the market place, things like consumerisation of IT. What the impact of that is on our customers and obviously those enterprises that are yet to be our customers. Some of the key findings included the fact that more and more we are expecting the IT professionals to build on communication skills. The key take away from this report was actually that communication skills will be more important than technical skills to the IT professional by 2020.

Have you found that there is somewhat of a skills shortage within the IT profession at the moment?

There is definitely a shortage in technical skills, but also skills around business interest. Both of these are often hard to come by and if we take a deeper look into each of those, first and foremost we see that technical skills are increasingly becoming more and more specialized. We actually expect that increasingly organizations will have to look outside to find the appropriate technical skills that they need and in fact what our research shows is that 76% of the respondents expect that the number of projects that are outsourced to specialists will increase. So this certainly shows the dynamic where the enterprise IT department is expecting to have more and more of a challenge keeping up with a lot of the deep technical expertise. That now creates an opportunity for many, certainly for partners and for consultants and the like it creates an opportunity for them from enterprises looking to find those pockets of deep expertise.

The other thing that we found here is a need for the ‘communicator’ as we will call them; this individual understands the impact of IT and can transfer that into the language of the business. This role is going to become more and more important to IT in the future. I think the impact on a lot of IT departments is that they have to think about the type of person they are looking to bring into the organization. Often the person who is very technically adept may not necessarily be the right profile of individual that is going to be the most successful in driving the IT department forward in the business. Rather looking for those individuals who have very strong communication skills, very strong writing skills that have the ability to understand different audiences and craft a message based on those audiences. That type of skillset we believe will become more and more critical for IT especially as IT becomes more fundamental to the success of the business.

Well you worked with Cardiff University on creating this report, is this something that they have taken note of for the education of students?

Absolutely and in fact Phillip Brown is the professor of work employment and the labour market at Cardiff University and he gave us a lot of great insight. He played a significant role in crafting the direction of this study and the findings of the report but certainly we see a lot of work going on both from Aruba as well as generally in the IT industry in terms of interfacing with students earlier and getting a lot of curriculum around not only technology but increasingly a lot of the soft skills that are required by a professional as they come out of University. This will ensure they can combine effectively the IT skillset together with a lot of the soft skills that ultimately will help them to be successful in this new environment.

What problems arise from a lack of communication between IT teams and their businesses?

Essentially at macro level the biggest problem is the loss of competitive advantage because quite frankly these days IT is such a critical piece of any business that if you have this disconnect between the IT department and the business itself then the business is not going to be able to optimize to the level that it is required in order to maintain competitive advantage within the market place. This linkage between IT and business is really critical and we believe that it is not so much about the technical attitude of the IT department but more about how that IT department is able to understand the trends in the business and listen to the users in the business and be able to adapt solutions to the requirement of those users and then deploy and maintain that technology for them.

Is it a shift then from the IT department’s stereotypical image of being stuck in a cupboard somewhere to having a more central role in business?

That is absolutely right and this is good news because if you think about the career path for the average IT professional, that old stereotype is not a very glamorous career path in some respects. Whereas today with IT playing such a significant role in the success of the business we in fact see more and more likelihood that even the ranks of the CEO can originate out of the IT discipline. One of the things that came up quite a lot in the focus group that we conducted with all levels of IT professionals was this expectation that we will see an increase of the CIO rank moving into the CEO rank and that is great news in general for the IT professional because it means that ultimately their strategic value to the business is only going to increase from here.

Something that stood out to me was the statement in this report from Aruba that 30% of the workforce will know more about the devices they use for work than the IT department – this may have serious implications for IT departments surely?

I think that the underlying trend that drives that is of course BYOD and in some respects this is an acknowledgement by IT that historically IT was the ‘be all and end all’ of technology. If we had a technical question we knew that we could go to the IT department and most likely find the wisest IT person who had all the answers about technology. These days the reality is that the average new person entering the workforce is going to know more about certainly consumer technology than often the IT individual will. So, this is somewhat of an acknowledgement by IT that the role of technical specialist whilst still important will be affected by the fact that more and more users are becoming tech savvy. That role actually becomes a little less important again hence the shift towards more communication of policies and communication of change. It is a kind of embarrassment from IT that often they will be dealing with the user who knows as much if not more about the solutions that they are using because they have chosen them. In many cases the IT department will know that the skill set change here that is required is understanding how to interface with that new class of user and then understanding how to establish the policies for acceptable use of that new technology.

Does the fact that the devices and technologies in use in organisations now are designed to be so user friendly, so easy to integrate and so robust meant that IT departments are no longer really needed to program things and fix technical issues, really what they focus on is communicating the benefits of these technologies to the rest of the company instead?

You have hit it spot on and I think the other part of that is not just in terms of how to set up or configure devices or applications, which increasingly have become more and more user friendly. We have dramatically changed the interface between the technological guts of the IT system and it’s user to the point where we have abstracted a lot of the complexity around how to use and set up that. The implications of this also in terms of IT departments themselves is that the everyday person does not really need to know how to configure a product because through self help guides and graphical interfaces a lot of these tools have made it easy. Even within Aruba’s own technology we deliver ways in which the IT manager or the network manager can very simply install new products without having to actually touch the product, they can literally ship it to a remote location and ask a non IT skilled person to essentially plug it in to a power point and the product will configure itself.  It is this type of change that means that technical expertise at times is less critical in IT today. Once again we come back to the primary point of being able to communicate to the business and being able to understand the needs of the business being far more important and will become increasingly more so in the future.

We mustn’t forget the people that want to join the IT profession because they don’t want to be making presentations but would rather be fixing problems, building things and dealing with just the technical side of IT. Is there still going to be a place for these people or are they better off finding work with these companies that are supplying technical services as part of the increased outsourcing you mention?

I think ultimately that skill set is still going to be required because I don’t think we ever abstract to the point that we will become dummies so to speak. I think we are always going to have a need for the technical expert. The point that you bring up is though, does their become a shift in where that persons skills are most highly valued? I think the answer is probably ‘yes’ and the good news for those people is that moving into more of an on-demand or product based model actually probably bodes pretty well for the potential for that role to be quite lucrative. I don’t think we are saying that this class of individual who likes to get into the detailed technology, configuration and troubleshooting will go away but it does potentially mean that where those individuals sit in the ecosystem will change. It is also the case that those skills will remain certainly highly valued.

Well this obviously raises concerns over the security of business and personal data alike so David Gibson VP of Strategy at Varonis is here to tell us more.

 For related articles and podcasts visit http://www.itproportal.com

Firstly David, tell us about Varonis and why this study was relevant to you?

Varonis was founded in late 2004 and started operations in early 2005 and our founders were storage experts and came from Network Appliance. We have really helped organizations manage and protect their unstructured information so that’s the information that lives on file shares or in their intranets, or their email. Our goal is to make sure that only the right people have access to the right data at all times and that all use is monitored and that all abuse is flagged and that people are able to access that data from the right devices and that once that data is no longer needed it gets archived or deleted appropriately.

Give us the top headline figures that this report has revealed then?

I think that what we have seen is that the nature of collaboration is changing. First of all digital collaboration is in the mainstream and almost every organization is data driven. If you think of business process today everything from customer relationship management to human resources information everything at some point gets down to some kind of digitised format even your voicemails are now digital. The format of our collaboration of our business is digital and as we can see the ability to access that digital information is paramount. People want access to their email, files and other services from any device from anywhere from wherever they are working and it seems like also for any time of the day even during meals as our research indicated. That is why it is relevant for us because we deal with digital assets and collaboration. We wanted to observe the habits that people are forming and living with these days.

Your report is entitled Bring your Own Demise? Is the problem really that serious?

It really depends on the value of the information that we are talking about. They say that every day a disaster starts with an email these days. If you think about if you have a Smartphone, do you access your emails from your Smartphone?  If you left that device in a pub and you did not have it password protected what would that mean for you personally? Think about it in those basic terms for people that use their mobile devices for work. You have customer lists and potentially your business plans, blueprints, property details. All these are things that you want to access from those devices. Many organisations I am sure are restricting what people can access from which device but from our research you can see that there are quite a few security implications and organisations are definitely feeling the effects of disseminated information that is in a device that is not necessarily locked out.

Were there any surprises in the attitudes of workforces towards security on things like smartphones from the conclusions of you report?

I am not really surprised that not all the devices had protection on them but I think that the message is that we need to start thinking about all the different places that our information lives and how valuable it is. We really need to start to make sure that basic fundamental controls are around the information no matter where it lives.

What sort of encryption, password and other security measures are people using already and are they enough?

If you take a look at some of the research that we have done over the past year or so. There are some basic fundamental controls that are not as widespread as we might think they might be. A lot of organisations, (if you take a look at our state of data protection research) don’t really know, or are not confident that they know where their critical information is stored. It is not just their own information that is stored it is actually information from their business partners, customers and third parties.

Information that they have a responsibility to protect and they don’t know where it is stored. Other controls that are missing include the fact that very few organisations audit all access and they don’t necessarily review who it is that has access regularly. They also don’t know where the information belongs or who it belongs to, so they don’t have an owner assigned to that information. If you want to know where can we augment our controls I think there is going to be the basic controls around this information.

Does the report go as far as to offer some advice for organizations and their mobile device obsessed workforce to limit the potential risk?

At the conclusion I think that the first thing is to understand what is and what is not allowed. There is statistically difference in the companies that have and don’t have a BYOD policy but it is important to start educating your employees about what is allowed to be on those devices and what is not allowed to be on those devices. I think that to start with, employees need help to understand the value of the information that the organization has and what the controls are that they deserve and I think basic controls around your devices and once you make sure that the device doesn’t contain anything it shouldn’t contain then lets add additional controls like password protection, encryption, remote wipe potentially.

Years ago if a member of staff had taken important documents from the  office and spread them out across the table in the local pub it probably would have been frowned upon, but essentially that’s the situation we have with mobile enterprise isn’t it, we are carrying all this sensitive information around with us?

That’s true and I think that there is a fine line between productivity and security. It is very clear that we need to collaborate in order to function. We need as we have said organizations which are data driven now. If you didn’t have access to your email or intranet or your file shares your productivity would plummet and so it is important that we are able to collaborate but we need to collaborate securely. Making sure that we are conscious about the information we are storing and where we are storing it, who has access to it and who is using it and making sure that we have the fundamental controls in place to spot where sensitive data is exposed to risk where people might be abusing their access, or just have too much access. Those are things that we need to make sure that we adopt wherever our critical information is stored.

Do the advantages to business of being able to have their workforce working remotely and on the move still out-weigh the potential risks or is it a risk that’s perhaps simply not worth taking?

I think that that is the choice that every organization is going to need to make and they are going to need to make it with respect to their own digital assets. It may be that some assets really should never be accessible outside of the organization. It may be that some are acceptable but I don’t think there is a blanket statement that you can make about what risks an organization should be willing to accept. I think that each organization is going to have to decide where are their critical assets and where should people be allowed to access those assets. What is acceptable use and how can we control our environment.

For related articles and podcasts visit http://www.itproportal.com

Timo, firstly tell us what Technotree’s interest was in conducting this research?

Technotree are a company who are very much involved in the business of support systems of the operators and one of our main targets this year and going forward is to look at customer life cycle management so what does it mean to manage really the life cycle, the revenue cycle of the consumer beyond just doing offers beyond doing campaigns and beyond just doing simple customer care. So the approach with this research was really to look at what is it that drives the customer experience and what is it that drives the loyalty of the consumers towards their operators. Then assess how that could be incorporated into our solutions and offerings.

A simple point of view might suggest that loyalty is down purely to cost, is it as simple as that or is it more complex?

I think there is a little bit more to it. Cost is an important factor obviously but I think with most markets globally today moving from a growth of subscriber base to more trying to maintain and them milking more revenue out of that base I think the cost has to be balanced with the opportunities that are out there in the market. These opportunities naturally are very different in different markets because of market maturity and spending levels of the consumers.

Looking at the actual customer behaviour stats that you have identified then, what is the average lifespan of a customer and does it vary across markets?

We found that customers globally view themselves as surprisingly loyal but the funny thing is that we know that in certain countries such as Kenya or Nigeria in Africa journey is a very big problem for the operators. The average lifetime of a customer from a customer prospective seems to be very long. I think that the crux is that there is a perception difference first of all but over all what we have found is that if we take the point of view that if a loyal customer stays with the operator for more than 2 years (renewing their contract at least once) we can see that a significant amount of customers globally actually exceed that.

Were there any surprises that you weren’t expecting to find as part of this research?

One of the surprising aspects we found in this research was that the perception between how the consumers themselves viewed their loyalty and what the reality or what the operators viewed is slightly different. Consumers view themselves as more loyal than they actually are. There could be many factors behind this one could be that in many countries consumers hold the same cards as some multiple operators so they are actually loyal to more than one operator. The other interesting angle we found was that gadgets do actually play a big role. For example consumers are actually looking forward to upgrading their devices and receiving an upgrade device offer from their operators, whereas the operators themselves may be do not view the device upgrade as such an important factor in loyalty.

Why should, from an operators point is customer loyalty important and are there any benefits to the customers in remaining loyal? 

Loyalty is a very complicated thing because there is reality and there is perception.  I think from an operators view the traditional way to look at loyalty is to I guess to avoid customer acquisition cost , or one of the reasons to look at loyalty is to avoid acquiring those customers over and over again and that is a cost factor. The other factor is that we can clearly see that customers who stay with their operator for longer tend to spend more money with those operators so they acquire a portfolio of services that produces more and more money for the operator. From an operators point of view naturally it makes a lot of sense to invest in customer loyalty and keeping those customers. From a customer’s point of view I don’t know what the real need to stay loyal would be beyond familiarity and beyond getting a broader set of services a broader bundle of services from  a single source.

What would you suggest that the mobile operator industry as a whole learn from your findings?

One of the key findings that would be useful for the industry as a whole would be to look a little bit beyond the traditional view to loyalty so to look into not just the set of services to look at, not just the pricing and competitiveness of the pricing but also the usage pattern or the pattern that the consumers behave in when they change. Like the device upgrades that consumers viewed as highly desirable would that be something that the industry could look at and see if we can use that proactively to drive loyalty instead of may be adding more services, adding more to the portfolio which were not always necessarily that well perceived by the consumers.

So it’s a case of flexibility rather than adding more and more products to keep consumers engaged with operators then?

Flexibility is very important and I guess offering products and services and just adding more stuff into an already big portfolio will not necessarily bring in the results but it would be better to try and make it cleverer and package the value in a way that the consumer can immediately see as beneficial for them.

What has Technotree been doing to support service providers in light of this research?

We are currently rolling out a set of products to our customer base that enables them to more intelligently target offerings for example. Use the information they have from their customers to find combinations of products that would be compelling to their customers not only from the point of view of loyalty but also from the point of view of finding up sell opportunities that are not intrusive from the consumer point of view. This research basically supports our thinking on how service bundles work in the market across the different geography’s and across the different types of operators.

 For related articles and podcasts visit http://www.itproportal.com

Alan, firstly a quick trawl through your website will reveal advice around ‘Reflective Memory Injections’ – cited as one of the most serious malware threats affecting businesses today. Explain what these are and what they do?

It is quite technical so unfortunately a bit of technical depth is required to fully understand what reflective memory injections are. They come from buffer overflows and remote dealer reflections around buffer overflow which a lot of people will have heard of. What that basically means is that any application that is effectively loading has allocatable memory and it has hooks into the operating system to make that application have allocatable memory and strings to make it work. What a memory injection does is, exploits a vulnerability in the application that can be exploited by a hacker to make the memory overflow so memory is allocated to make the application work correctly, a buffer overflow effectively moves the memory into a different memory space where the hacker will have some kind of shell code to inject something into the application to make it do something it wasn’t expecting to happen. The shell code itself is normally relatively small but certainly can do denial service or distributed denial services and also then make calls for the application to go and find other pieces of malware codes to inject into it. That is not new it has been around for  a while but buffer overflows are always listed as critical vulnerability because of their nature and they are very invasive and hackers can then write things to disc and then pick up other bits and pieces in terms of trying to get local privileges etc etc.  Traditional technology like antivirus and application control white listing are really looking at hashed executables to ensure that only the right DLL’s etc are using the right calls to the operating system to make it work. With reflective memory injection the real clever thing about reflective memory injection is that it doesn’t use any local OS load functions. What that means is that ultimately your traditional security technology is looking for any changes in patterns within the local OS or what is written to the disc so reflective memory injection is basically creating a malicious DLL in memory without relying on any local OS load functions. It is really difficult to even know it is happening let alone stop it unless you have very good clear forensic process and analysis on a particular machine to look for anomalies in the way that executable libraries are occurring. But the reality is that it is almost impossible to do across multiple machines so you have to have a particular technology that can look for that particular type of attack.  The reality of the way we operate in the world now is that, as we have to move into identifying advanced persistent threats and sophisticated forms of attack buffer overflow or memory injections. These are the types of vectors that criminals or organised people in the hacking environment use to be able to gain access to a machine. They look for vulnerability in the application itself and they then try and execute a memory injection within the application. They now know that reflective memory injection is a very difficult thing to protect against so the sophistication is there for them to be a be really able to move into using these types of attacks against people.

What sorts of organisations do these types of threats affect the worst, already we know governments and banks are particularly vulnerable don’t we?

Absolutely, especially the types of attacks that are occurring against critical infrastructure like governments and banks. We have seen the US banks being under constant attack over the last 12 months, it is almost like a cyber war against those. The UK government is seeing thousands of attacks hourly. There is nation against nation stuff going on but there is also a lot of cyber terrorism hacking and anonymous political people with statements to make, so we are all having to think about the way we protect ourselves these days as the world that we operate in has changed completely. I would like to say that it is not just government and banks and the nature of types of attacks we are trying to protect ourselves against. In today’s modern environment are much more obvious than they have ever been, what I mean by that is that the name of the game is to get in get what you want and get out before anybody realises that it has happened and therefore certainly something like reflective memory injection is totally in a stealth mode in terms of wanting to do something for anybody who picks it up. That is why you would use a reflective memory injection because you know that the majority of people are not even going to know that you have gone before anybody realises that it has happened. That is a threat for all organisations not just for government and banks I would say.

Behind every attack is a human being with criminal intent isn’t there and we perhaps might not appreciate how dangerous these kinds of cyber attacks are around the world from those that wish to do nations harm?

I agree with it and I think we are seeing a lot more of it in the mainstream press. Certainly China were slated as being the people that were attacking Google and we are definitely starting to see a little bit more understanding that cyber warfare is without doubt the pre-cursor for any type of warfare. We have seen with other examples the Iranian chemical plants how it was never said who actually did it but it was certainly a nation against nation in terms of injection code that somebody had a remote capability to control their nuclear plant and effectively slowed it down by six months. I think we would be naive to think that there wasn’t already some kind of espionage cyber capability in North Korea; I wouldn’t say it definitely is but I would be surprised if it wasn’t. Nations against Nations have been conducting espionage way before computers were invented but I ultimately all of our critical infrastructure and all of our individual work is done operationally from an infrastructure point of view that is totally reliant on computers.  All the stuff we are doing right now without computers we wouldn’t be doing this podcast.

And as threats go it’s probably the cheapest and most covert there is?

To a certain extent I would agree with you. The other side that has been going on for years and years and I think governments have a pretty good handle on Nation against Nation because they are all doing it against each other and ultimately there are kind of rules of engagement and one should not cross the boundary unless or is a diplomatic incident. I think the real challenge is around organisations that have intent but not necessarily the monetary backing and then there is also cyber criminality which is a huge business. Cyber criminality makes more money than drugs and the drug problem worldwide is huge. This is also for hire and you can buy programmes that will bring your competitors website for 50 bucks an hour. These are all over the Internet and you can buy these malwares as a service. It is already out there and you get it and purchase it and put it against somebody you have a grudge against or a company that you want to put out of business and it is 99% anonymous.

As part of the industry working to guard organisations against attacks like these, tell us the measures and technologies that you are developing to address issues especially around Endpoint Management?

Looking at security as whole I would say that there is not one technology that can do everything you need. There is no silver bullet unfortunately or fortunately whichever way you would like to look at it. We focus on one particular area of security which is Endpoint management and managing the Endpoint in terms of being proactive about controlling access and whether or not there are vulnerabilities within applications that you are running and whether those applications are authorised to run.  We have been in that business for a pretty long time and as I said at the beginning, the key thing with buffer overflows is that 99% of the time, they are exploiting a known vulnerability within the application itself. Patch management has been around since the beginning of time but it is still an absolute critical security posture to take care of because if you mitigate known vulnerabilities, you are doing a very good job of protecting yourself. We do patch management and security control and device control and antivirus all on the same platform. The application control is where the reflective memory injection comes into play because with our application control we are putting a trust mechanism into applications that allow to execute within your environment within a business environment so you are effectively white listing applications saying I trusted this application, I have hash coded every line of code within it so it can only execute that which I have approved to use and there are a  lot of organisations around the world that are starting to recognise that defence in depth strategy is better than just relying on one or two technologies and application control is being seen as a very important component of the first line of defence against malware because there is so much of it, there are so many people developing it and just trying to keep up with signatures is becoming incredibly difficult. So with our application control a reflective memory is all part of that application control module because with application module control we are looking at local OS load functions, we are looking at the DLLs that allow to execute. We are basically looking at all of that to the files that save to disc and if you are injecting malware into memory on an application that is authorised to run so that is another component so we have built that reflective memory injection into at that high level of security to cover people that are trying to just do memory injections which without technology to help you do that it would be a very very manual process to try and check all of your machines for reflective memory injections.

Also I notice you have been working quite extensively on covering mobile devices, tell us about your work there?

Yes we have. We have a broad spectrum of customers around the world and although we are a US based company we are very global we have offices Galway, Luxemburg, UK. A lot of our customers because we are talking about security around the Endpoint a lot of our customers have said to us mobility is the thing they are having to deal with BYD people’s expectations to be able to use different mobile devices and tablets and bring those to work.  It is almost like that is the business driver has come before the security conversation. The reality of your tablet, your phone, you’re smart phones etc they are just an extension, just another Endpoint so it made absolute sense to us to move into that market place.  We give our customers an enforcement, visibility and protection so without visibility you can’t understand what the risk is associated to the business and you can say to people yes, you can bring what you like but unless you know what they are bringing and what they are connecting to in your corporate environments you have no concept of the risk associated with that so you can actually see what is happening so bringing visibility on a corporate level and giving you the ability to enforce policy whether it is a corporate owned device or whether it is owned by the user themselves because obviously there will be different types of policies based on whether it is owned by the employee or the corporation. Then the ability to protect yourselves from loss of data, theft, IP and certainly customer data which is important to a lot of organisations that are governed by compliance.

The rapid adoption of Enterprise Mobility has caused some real challenges for the security industry hasn’t it?

I think it the security organisations around the world are probably screaming no it is not an after though but the employees and the board members are saying yes I want my ipad, I want to be able to use this Smartphone etcso for the security industry certainly within the organisations are playing catch up to try and figure out how they can best protect their corporate environment but that is ultimately the name of the game when it comes to security when you are talking about business as a whole it is a complete risk management environment.  I have to have the best for my business and make the maximum efficiency and effectiveness and I have to match that against the risk associated with doing it. The most secure environments are the ones where you are not allowed to do anything but obviously if you can’t do anything you would not be in business very long. That is the whole crux of the problem for security mangers around the world today it is trying to balance the requirements if the business which smart phones, tablets ipads are an absolute requirement and they are only going to get more and more. You only have to look at the Intel report that came out showing the massive decline in PC sales and an organisation that size and the big increase of sales of tablets and most people today are not going out and buying a big old chunky laptop let alone a box that sits under their desk at home they can get everything they need by using ipads and tablets and smart phones.

Office environments are not straightforward are they in terms of platforms and just like ourselves here at ITProPortal many offices have bother Mac and Windows systems running and you have managed to design a system that encrypts across these different platforms and languages haven’t you?

We work on the Linux, Linux Mac on the patch management side of life so we give our customers the ability to patch across platforms and also what we have released through 7.3 is the ability to decrypt on a Mac from an encrypted device that has been corporately encrypted on your machine at work that may be a Windows device so  have got read write decrypt on a Mac using our inbuilt what we call S Valbro which is an inbuilt encrypted capability in the device itself so we have added that because you are absolutely right as we don’t just want to decrypt the USB onto a Windows and I want to go home and I have got a Mac book at home and I want to work on my work when I am at home so I want to decrypt it and then encrypt it back on a stick  when I get back to work.

Alan looking into the future and the developing patterns of threats, what do you see as the security issues that will be concerning us in the next couple of years?

I think it is more of the same right now I see in the terms of the nature of attacks that we have to defend ourselves from external and let us not forget the internal as well engineering issues as well. I think organisations really have to get more proactive about how they manage their environments from a people process and technology point of view. It is going to be more of the same and it is going to be a continuous battle and the goal posts will continue to move and so if we look at the way we are trying to defend ourselves in a reactive way we will never get ahead of the game. For me certainly the mobility side will certainly increase so we will have to manage people’s capabilities from a mobility point of view, but we need to be putting ourselves in a trust mechanism rather than a threat mechanism because if we just try and guess what the nex6t threat is going to be by the time we have guessed what it is it is already executed. For me it is about making sure we understand what the risk is to our businesses and we put ourselves at a point of educating our people in terms of how they should behave when accessing the internet or using corporate defined machines as well as their own and making sure that we have got technology that can support those policies.  I think from an external hacking perspective, they will continue to utilise technologies that work until organisations get a better handle on protecting themselves from those techniques and then we will start to see some changes in the way those techniques are used.  Right now a lot of the techniques are still working as they were working 2 or 3 years ago.

Here to discuss this is Guy Lidbetter, CTO of Atos Global Managed Services.

For related articles and podcasts visit http://www.itproportal.com

Firstly Guy, give us an outline of how this study came about?

With Ascent to Journey 2016, we looked at and identified 4 global trends that we believe will have an impact on society. Also we looked at trends within the way IT is delivered and consumed by enterprises and by consumers alike. We addressed four trends around business and technical challenges.

There were demographics around the shift in which people are interacting with each other and the influence they are having on a much wider basis than ever before. This is through the connectivity of social networking etc.

Closely aligned to that is trust, because the more people are engaging and the more activity that is going on in a digitally connected world then the greater the amount of thought needs to be given to trust and the associated topics of privacy and security.

We have looked at economic sustainability, which really brings sustainability into the commercial area in saying that sustainability in itself is important but we believe that it has to be viable.

Finally if you bundle all those together we see a growing influence of what we call globalisation, so all this stuff is happening now on a macro level rather than maybe the local level that it started at. So, if you take the 4 drivers, demographic, trust, sustainability and globalisation within that one of our topics of research (and we have 13 different tracks that address different elements of that model) was cashless society.  

In particular cashless society that is driven by mobile payments and the emergence we believe, in different markets of different demographics of people that we believe will feel far more natural in utilising the technology to do things that have historically been based on more traditional methods of payment like cash, cheque and credit card etc.

Also what we will see in an emerging economy where there is maybe less of a cultural adherence to a particular payment method. I believe, and I count myself in this, that we quite like having the pound and we still quite like having the use of cash and the adoption of mobile payments and NFC near field type payments has not been as fast as it might be. We believe the adoption will be faster in emerging economies where they don’t have those cultural barriers.

What are the main areas of technology that will be driving this move to a cashless society, you mentioned NFC payments which most of us are familiar with now but what else might push the change?

NFC near field communications, where you can just brush your card against a payment machine for a micro payment of perhaps £10 or less is one area because what you are doing obviously is improving the speed of the transaction. We have moved to chip and pin, which is quicker than signature, but you still need to do the pin. Whereas if you can get it to more of a swipe and go type behaviour then you are creating the user experience that can or might encourage adoption.

My observation is that I have seen terminals in shops and I have even tried to use them and it still doesn’t come naturally both to the people to pay using that method and to the people in the shops that are actually offering that payment, you know  “Oh well it doesn’t work I don’t know why that is, just use your card in the normal way.”

We saw those sorts of solutions come in a number of years ago so it shows that it can take a slow burn time before it becomes acceptable and natural as a standard way of payment.

The other one is really around mobile. Mobile can mean a mobile phone but an example I use here is almost like mobile payments by stealth. I don’t say that in a nasty way to pull the wool over people’s eyes, but it is because people are using mobile in a natural way to acquire a service.

An example we use is the Kindle, where people have associated their payment details to their accounts and quite naturally download books it pay for them by hitting the button, go, done. That has created a much more fluid means by which that payment can take place when you compare it with maybe 20 years ago, go to book shop, buy book, write cheque etc etc.

How about the importance of the emerging Asian markets, how is the growth in these areas affecting this argument?

We observed that you will have less ties to traditional payment methods and also Asia is known to be a very early adopter of new technology. Put those together and we see that the use of mobile and cashless are being easier to deploy into those markets. You also have emerging economy’s which traditionally have not had heavy infrastructure already deployed and in place. If cashless becomes the only method of payment that they have then obviously they are going to use it more naturally.

There is an element here of human nature at play surely. We do like to have something tangible, in our hand to exchange for something else don’t we?

I think in terms of the way that we have presented it we have shown the demographic trends between a more reticent western culture and those digital natives coming through and adopting the cashless sort of payment method more naturally. These digital natives, once called the Generation Y are becoming the new generation of the workforce in companies that we all work with. They are far more in tune to social networking, to the ways in which they interact, they are less interested in email and more interested in social interaction with each other on the web etc. We feel this generation will be far more in tune to making these sorts of payments in the future.

What are the benefits to the economy of a cashless society? For example, I’m thinking about the situation we have had this year in Cyprus and earlier Greece. Both of those are very cash driven societies – could a cashless society have eased these situations?

Thinking about the Cyprus situation, which is obviously a terrible situation for people to be in if you put your money in what is supposedly a safe place you end up in various discussions. I think these are not new discussions they have gone round many times, cash under the bed is worth more value to you than putting it in the bank.  I can’t speak directly as being an expert on the particular specifics of the Cyprus situation but obviously we read the papers and look at the news.  Benefits I believe are that it just makes the whole economic process simpler and easier and it should be possible to keep more on top of what you are spending, where you are spending, how you are spending. There are benefits to governments in terms of may be taxation and there must be a basic cost of maintaining a cash based infrastructure.  The whole infrastructure of printing, distributing, collecting and destroying money represents a material cost. Also, consider the fraud and thefts that can take place with physical money.

Looking at that situation from a consumers point of view, if you have a situation like we had in Cyprus and you’re living in a cashless society – you can’t very well run down the cashpoint and pull out all of your money to save yourself can you?

You can’t but I think you make the point that even though we are cash based society I don’t think many of us walk around with more than a fraction of that cash actually in our pocket and it is still electronically held in the bank until we release it. So I don’t see how that changes. In the cashless Cyprus situation instead of not being able to go to the cash machine they just wouldn’t be able to make any on-line payments but what is really different is that the bank still will not let it go for whatever reason.

Well it’s a fascinating subject and it is interesting to imagine a culture using money through technology in different ways. What sort of timescales is your report putting on the cashless society?

I think in terms of us talking in the emerging economies I can foresee that happening in a generation window. Are you going to come back to me in 2060 and check whether I was right, I guess not probably but I can see it happening and may be even quicker, you know sometimes these things can just take off and we have seen that in various quote on quote on technology based revolutions n the last 20 years.  Twenty years ago there was not internet, no email, no social networking, look where we are today. Things can move very quickly when you get a momentum behind them.

For related articles and podcasts visit http://www.itproportal.com

Firstly Anthony set the scene for us with some background on Testplant?

We started off 4 years ago looking at test automation. The objectives that we have had on test automation over the last 10 to 15 years include the idea of repeatable tests with low incremental effort each time. Better quality and getting products out faster. That was a great goal but we didn’t see a lot of people achieving that goal really well. We had people frustrated with the existing set of tools which were largely object code based tools and we decided that there was a space there for innovation in a new approach on testing, and we came up with Eggplant.

Eggplant is a test automation tool that is based on image search and image capture. Whereas traditional tests would go in on the code framework level where they interpret the code and they look for buttons or test fields at the dot net or the piper level.

Eggplant interacts with the system exactly how the user will, it looks at the screen and it identifies objects through recognition and search techniques. So to clarify it is not a coordinate tool, it doesn’t go through a pre-determined coordinate to look for your okay button, what it will do is it knows what a button looks like on your screen and it will search for a button that looks like the okay button and then it will interact with that so this approach has a lot of benefits.

Firstly it is a much more intuitive way for testing rather than have a test case that describes the user story and then having to translate that into object properties. Testplant allows you to execute a test case to fit exactly as the user story would.  It is also independent of the technology underlined so one of the questions we always get when we first start talking to people is they ask us questions like, does it work with dot net? Does it work with flash? Does it work with objective C? And our answer is always yes as long as it is rendering to the screen, as long as it has got some sort of user credentials to act with then we can test it. We came up with this approach about 4 years ago and we have had a lot of success.

Let’s set the scene for this then, what is the size of the market we are talking about here currently and where has the growth in mobile apps come from?

I think that this is a really interesting time in terms of apps because we are in almost a second wave of app development and I think about 4 or 5 years ago when the iPhone 1 really hit the streets then came the big surge of interest. Most of that interest came on the wave of advertising, media apps and a lot of apps that were really just about giving people phone access to existing websites also novelty apps and games. I think this was the first wave.  I think we saw a decrease in that about a year and a half ago.  I think that initial wave started to decrease especially on the media and on the advertising side of things; games and some of the novelty applications kept going. 

The really interesting thing over the last 12 months is that enterprises have really started going into more the implementation phase with their apps.  I think about 3 years ago enterprise software companies got a bit of a wakeup call when everyone had to have a mobile strategy, they had been thinking about that and they had come up with their plans and they have now hired their teams and they are really getting going.

So a lot of the people we are talking to are enterprise software companies or traditional software companies who are now building their mobile applications and their mobile client rather than pure mobile app development shops. I think this is really interesting because we have got a lot of new companies coming in which is leading to a big surge in the number of mobile apps.

It is leading to much more complicated mobile apps, these are not just loading an HTML page and then really letting the browser framework to do all the work, they are actually real applications and they have got business logic in there. They have sometimes got more sophisticated UI techniques in there.  It also means that they are not entirely applications in their own right so to test the mobile application you are not just testing the mobile application you have maybe got to interact with a backend and may be you have got to interact with a desktop as well. This is particularly relevant to the test industry because for the last few years I think tests for mobile apps have evolved separately to traditional testers on the desktop. This means that a lot of teams have their mobile testing app and their desktop testing app. This of course creates problems if you are trying to test one application which has a mobile part, a server part and a desktop part. These are a lot of the dynamics that are making testing mobile applications interesting and a challenge.

What are the types of testing that all apps must go through before going to market?

It is less about the skills required to test the mobile application I think it is more the mindset that strikes me as being really different because if I think about traditional enterprise desktop software then I am thinking about SAP, Oracle, ERP systems where the focus is very much on functional testing. It was all about: “I am inputting these values and I am pressing a button and that gets the database sorted correctly and then when I retrieve it to get the right information.”

As a result of the fact that the first wave of apps was about advertising and media and also because of what influence Apple have had. Mobile applications are more about user experience and a lot more about the interaction with the device than maybe performance and just usability. So when people come to test mobile applications there is of course the functional testing but there is a lot more performance testing. Most teams I know testing mobile applications have proper performance responsiveness criteria and that is not something I see on the desktop. There is also a lot more behaviour driven testing so testing from the users story and user experience rather than function points.

This is what Eggplant does quite cleverly isn’t it, mimicking human behaviour?

Exactly this is why we think we are seeing a lot of success in mobile because the fact that we are a visual tool and we are based on exactly replicating how the user works rather than looking at the code I think that is a very natural thing for us. It is also not just about encoding what a user would do, it now means you don’t have to be a developer to use Eggplant whereas to use  some of the traditional heavy weight tools you have really got to be quite a scripter and understand how UI frameworks work.

The way it uses image capture technology means that you no longer need any additional hardware anymore either?

Absolutely not we mostly run over Wi-Fi and some people run us over USB but that is all the equipment you need.  The other thing is we are really not invasive as in some of the testing solutions we have seen especially on mobile. Because of the signing restrictions they usually need you to compile something into your application or modify your application in some way or they need you to jailbreak the device and of course a lot of people are uncomfortable with that.  You really need to be testing in the environment the software is going to run in, so we spend a lot of effort trying to make sure that we have a solution that does not require you to modify your application in any way or jailbreak the device.

An obvious question then would be: why not get a bunch of people to sit around for a bit testing these apps manually on the devices that they are intended for?

There are 2 or 3 reasons for that and the main one is just time and effort.  I was talking to a company the other day doing mobile development and every time they make a release they like to test across at least 3 or 4 different iPhone variants and then 10 android variants.

What the development manager said to me was he has actually got to a point where he can’t really make changes to his applications so they get feedback and it would be one line code change for a developer but they are not doing it because it would be two weeks to test it with manual testing to get that release.

I think the original test automation was a more a progression test from release to release whereas in mobile testing and I guess with the more platforms we have it is not just from release to release but also across these different platforms and the test matrix is really expanding and if you are doing manual testing just your time for releases and getting the releases out regularly and rapidly is going to be incredibly difficult. Then there is the cost of course because that is relevant and having an army of people to test every android variant is just not practical. Then finally there is the reliability of the whole thing, there is certainly an argument that test automation is more reliable and is more thorough and more repeatable than human testing. Test scripts don’t miss things even the hundredth time they test. I think it is all about cost, time to market and quality.

App developers are quite rightly protective over privacy around their applications in the testing stage – how do you ensure this through Eggplant in comparison with some of the concerns over web based testing systems?

Eggplant is primarily a product rather than a service. We deliver Eggplant to you and you run that within your own environment, within your own firewall and you never send your applications to us. The more people we talk to not only do you have the concerns around the IP of the application itself but especially when you go into the finance industry, retail, Ecommerce, people have legal restrictions around sending that data to a third party from say sending their customer data for example to a third party for testing so we basically provide a product that runs inside the customers firewall and that seems to keep everyone happy.

You must have to keep a close eye on the mobile app market, what developments will we see across the market over the next few years do you think?

The current trend going on all around extending existing software and existing products onto the mobile I think that will continue, I think that integrating mobile devices , lifestyle apps are going to be the obvious next thing so the smart house is very much a topic coming up at the moment so the ability to integrate your phone with your television with your stereo and then with your fridge I guess it is the internet of things and I think the mobile phone is really at the centre of that as peoples primary computing device. I think it is all about mobile apps just becoming more integrated with the environment around them.

David Attard and Sergio Gallindo senior product managers at GFi Software are here to tell about some of the things organisations need to consider.

For related articles and podcasts visit http://www.itproportal.com

David, first of all we must say that the use of the Internet within legitimate breaks is a good thing isn’t it?

Yes definitely, people need to make sure that they get their daily dose of video and radio and watching viral videos and checking their emails. This is about making sure people are happy in the workplace. People need to get their daily dose for recreational purposes and just like a cigarette break or coffee break; you get your Internet leisure surfing breaks.

How big is the problem around recreational usage of company bandwidth then, what are organisations seeing as the impact of this traffic?

Having multiple streams coming into the network when people are surfing does have an impact on the business. For instance, using sales force, or when people might be on the phone with customers you will see the impact where phone calls will start to drop out and get jittery. We have actually seen that and what people don’t realise is that when added up, you start to push out what we call ‘good traffic’ where you are actually using the Internet for business.

Surely the obvious answer would be to restrict access to sites and content, but is there anything else, more diplomatic that companies could be doing?

Yes, there are. There is a tremendous amount of value on YouTube when you think about how people are using it for research for instance when they are taking a look at products. More often than not the video is a mechanism to learn about a product or learn how to do something or get a question answered. People really are starting to use that YouTube search engine to get information for their jobs, so blocking it is probably not a good approach. However, monitoring and management is an approach that works. Knowing who is using it is key. There is always the outlying case when one person has decided to stream a ton of videos or watch 2 or 3 videos at a time and we have had experiences where people didn’t realise what they were doing it. In some of the smaller offices that do have limited bandwidth, users often will stream high definition video from their home and say look at this and show their friends, what they don’t realise is that they are taking up all the bandwidth which is a limited resource for many of the small offices. That does impact on productivity so limiting YouTube or blocking YouTube is not the best approach I think management and monitoring is better.

Are there any security risks associated with this sort of traffic be used on the network?

It is a known fact that cyber criminals actually exploit trending topics and people’s natural instinct to actually follow stuff that is trending. Anything that is trending at the moment is bound to be used to lure people into visiting sites that contain malicious items, viruses and Trojans. Because people are naturally curious, they forget about the security risks that are associated with visiting somewhere that is unknown.

What advice would you give IT managers listening to this podcast to start addressing these issues?

You need to be sure that you have the correct tools to manage the problem by having solutions like batch management in place for instance. Another is to monitor to see where people are going and then have the right tools in place to automatically block items that are malicious. So you need to have antivirus engine and software that is basically making sure any places that are visited are safe and also places that are unsafe are actually blocked.  Mainly it is important to educate people; but education by itself is not enough. Worksites that are usually safe might get infected and start distributing viruses. One needs to make sure that they have the necessary tools such as filters and anti-virus management tools.

With high-speed Internet connections getting faster all the time, will this problem not just solve itself?

I think the problem is getting worse because of expectations. Peoples expectations for their home internet has gone from having a small amount of dial up to now having equivalent to what you have in your office and in many cases having better connectivity at your home than you do at the office. Office buildings have not quite kept up with the technology that is coming out in the homes. You will have an office building that may have a 10 megabit connection but when you get home you have a 30 megabit connection, or 50 megabit connection. You are watching these videos and you are streaming your Netflix and your expectation is that this is okay when I get to the office because it works at home. When in reality it is the reverse and there are many more people in the office that are using relatively limited bandwidth. So that is why speaking about the three things that we need to worry about, the monitoring, the management and having those policies in place and a bit of education goes a long way. Having people understand that yes, while it is good that you can go to YouTube and research things watching these videos the expectation does need to be managed a bit.

There are some significant costs attached to an issue like this aren’t there?

The business grade Internet cost is one of the largest costs a business can have. By definition that is their lifeline, whether it is cloud storage or using a sales force for their business processes on line or they have voice over IP for their telephones, the fact is they depend on that internet and they need to, and are, spending more to have that service. Where at home when you have ever been on the internet and it pauses for a little bit, or it goes out for 15 minutes or an hour or even a couple of hours it is not that much of an impact, you kind of shrug your shoulders and you move on to something else. For a business, the Internet is their lifeline. They are investing in it and they do need to protect it. Viral videos and the like, whilst creating a good time for people needs resources to monitor it, manage it and be sure that people are educated at what the usuage impacts are.

For related articles and podcasts visit http://www.itproportal.com

Give us a bit of background on what services Axway has been founded on?

Axway started in the business process integration space. We help companies address not really how to build applications but how to connect applications to their business partners and communities. Over the years we have grown by acquisitions, which gives us a very wide suite of products that enable these sorts of integration. In particular, we focus on governing the data flow that binds an organization to another organization, and that gives us a real focus on what it means to be at the edge of the enterprise and to help companies take ownership of that edge. Naturally there has been a lot of pressure as the technology landscape has evolved that has really made it an exciting time for us to look at new styles of integration and to do quite a few innovative things around redefining the edge of enterprise and adding security to it. In my own background I have been with the company for 17 years. I started with one of the companies that we acquired some years ago and my original background was as a developer and I have worked my way through product management.  I have always had a focus on security and I have worked on some of our PKI infrastructure products. So now as Chief Security Officer I look after the security aspects of our product suite, in particular the way they get deployed to our customers in a secure fashion, which is a bit different from a security officer within one of our customer companies who looks after customers internal aspect of the enterprise.

What are some of the main security threats or challenges that you have identified as needing particular focus amongst your clients?

When we talk of the edge of the enterprise I think what these trends are doing is redefining the edge or in some cases even erasing the edge. I think we have in some way had to stop thinking about the classical enterprise boundary model where there is an inside and an outside.  We have all these different approaches which have opened data flow channels into places where they didn’t exist before. So instead I think organisations need to focus on management domains or safe zone compliant areas where particular steps of policy apply, and then try to enforce some kind a filtering management visibility when they cross those administrative boundaries. A great example would be payment card industry security standard PCI. Any merchant that handles credit card transactions had to be compliant with the security practices related to the data around those payments, and they can be fairly strict and onerous but you wouldn’t want to necessarily make your entire infrastructure comply with those requirements.

What are the tools for dealing with these controls that you recommend at Axway?

I think two main areas go beyond traditional network control. The first is taking a deeper look at what identity means of course security cannot really be divorced from identity because the whole concept is “who” is doing what to “whom,” so we have to get a better grip on this “who”. There is no real push away from passwords to try to do more with maybe stronger potential technologies and so we have products that fit into that strong credentialing space, but also a lot more with identity brokerage and federation. I know personally I have hundreds and hundreds of passwords and it is very difficult to keep track of those and in an enterprise business contacts companies try to do more and more by leveraging their existing identity repository and they can make those practices around managing those repositories stronger if they can get more leveraging out of them.  There are some new technologies that are emerging and also driven by some of the open API mobile world that change the way we manage identity in applications where you remove the identity management from the application itself. I should point that the mobile world and also the cloud world is very heavily API driven.

Are businesses taking the sort of risks that you advise on seriously or have some been slower to adopt?

The way companies respond to security channels is based very much by their industry and some types of businesses are heavily regulated and strongly influenced by security position. You can think of financial institutions maybe are the leaders of that charge, there is also a curious inversion principle so what I have seen is that while financial institutions are very focused on security it makes them not fast movers in terms of adoption of new technology. We see more innovation and rapid adoption of the new stuff with some of the younger smaller companies may be in the retail or super space, maybe they have less regulated infrastructure so they feel that they can move more quickly but I also think that they don’t have the burden of such a large entrenched infrastructure and they are already are naturally hybrid or ‘cloudy’ in their approach and therefore that makes them to easier to wire into new technology. Whereas, if you have a large existing infrastructure you have to proceed a bit more carefully. Basically I think the awareness is there.  Discussions around security are in the papers, in the news, in our face every day with the militarization of cyber warfare and attacks on corporates around the globe. Security really is part of everyday discussion.

What message or words of advice would you offer to businesses that may feel that they have security issues still to tackle?

I think the main message in security is of course is that you are never finished, it is a topless mountain that you keep climbing so you should never feel complacent which is what makes you vulnerable. I think that specific trends to focus on today, I would look at two things, one is to focus on the data, try to understand where the data is moving and where and how. Don’t focus on the components of the infrastructure, the firewall, the network interfaces but if we can understand where the data comes from, why it is there, where it is going, how long does it stay around, does it need to be archived does it need to be rejected. That is the kind of inventory focus that will help you make the appropriate investment decision during that data.  The second is to look at the evolution of technologies in the API mobile cloud state.

How do you focus on keeping security measures cost and resource efficient?

One of the tools for having a cost efficient approach to security is to really focus on your data because not all data needs to be secured and treated the same. So if we can begin to apply appropriate security measures to where they are needed then I think that allows a lot more cost efficiency. Security is almost always a trade off and there is a balance between usability and access which may be part of driving your business forward and the level of security and control that you have over that information and so the real coast may not be the cost of acquiring security software, security devices or even the ongoing labour cost of maintaining and operating that investment. The business opportunity cost if you close down a channel that is really meant to be open. It is absolutely not a one size fits all technology.

For related articles and podcasts visit http://www.itproportal.com

So firstly Lawrence explain the challenges that Revlon were facing with their IT Infrastructure prior to NetApp coming on board?

One of the biggest challenges they have coming from a business perspective is the visibility of the business across multiple geographies. They have got a massive business and a huge number of product lines into the hundreds and millions in terms of the products they have to follow and be able to measure in each of these geographies. The challenge for them was getting an insight of the business from the point of view of knowing where to invest and where not to invest, insight into the product line and insight on the components that make up their products as well. So in a way what we are looking at here is a big data story and what we were aiming at was the analytics engines that they need to put in place to actually improve their view of their business worldwide so it was quite a challenge for them.

And cost reduction must have been a key driver for change here as well?

Yes, significantly, they were aiming at getting costs reduced; just take the energy costs for instance.  The energy costs were reduced by over 70%.

 What were some of the solutions you provided them with to achieve these savings then?

NetApp is a storage company and our prime focus is in making storage efficient for our customers. This is often a big challenge for lots of organisations and you can imagine that for many customers when you are developing new products to market and developing new business elements you create lots of duplication and the infrastructure is not used as efficiently as it might be.  Just take for example what we do in our everyday lives; We create lots of copies of say production databases and on our laptops we create lots of copies and duplicates of files so just doing simple things like de-duplicating data and compressing data reduces the actual physical space the data takes up. So those are some of the key things we focus on but also automatic things such as applications in virtual hosting environments. Analytics of the business is absolutely key to Revlon given the size of market they must monitor. Things like uptime and availability are very important. They were looking for something near to six nines of uptime and I did actually sit down and work it out that it means achieving less than 13 seconds of outage a year, so quite extreme in application uptime. From NetApps point of view one of our key things is to ensure through things like clustering that a customer such as Revlon can achieve such levels of availability as this. 

IT as we all know breaks, you know you will get elements that fail especially on the mechanical side where you have got mechanical disc storage. But, these days it is perfectly possible as it is in a compute layer with virtualization and VMware to maintain a connection from the application to its data and get through those failures without stopping the application and certainly that is one of our big focuses.

 What has been the impact on their business from these changes?

In large organisations when you have to develop a new business product, bring that to market and increase velocity of that application, the development cycle is key. They have seen an increased projects throughput of something like 425% and that has enabled them to deliver products ahead of time and get ahead of the market and get ahead of their competition, which is often key for a lot of us these days. Decreased time to market means the majority of their projects are now seeing well over 99% improvement of product projects hitting their budgets and being delivered either ahead of time or on time.

Well one of the statistics that caught my eye from this is that you managed to reduce energy costs in the data centres by 72%. That is big money for a company on the scale of Revlon isn’t it?

It is! You can imagine that one the biggest costs within the data centre is from what sucks the energy out of the wall sockets through spinning all these mechanical discs. They are energy hungry and they product a lot of heat so you have to cool them as well and often to get performance and efficiencies with other infrastructures, we don’t use them particularly efficiently. So our goal is to enable customers such as Revlon up to 50% physical capacity on their machine rooms and data centre floors and that is achievable by improving the utilization of the storage they have got just by intelligently what I would describe as high function data management features such as de-duplications, compression and thin provisioning. All of these things combined together can significantly reduce the amount of investment needed and the amount of capacity you put on the floor. Also changing that dynamic are things like flash technologies as well.  It is just ramping hugely now. Flash has kind of come of age if you like. When you combine it with traditional mechanical hard disc technology you can use it in different ways it is very powerful. For instance, you can use it for caching, so you cache heavily in the red blocks in the flash layer and you can get some extreme performance out of it. This reduces the requirement for having to put such a physical hard disc on the floor for a lot of our customers. You can reduce the spindle count, the number of hard drives you have to put in the system to achieve a given level of performance, so I see that as a game changer within the industry.

Has the power of these benefits come from combining flash and cloud together?

As the adoption of flash becomes greater it will polarize the storage market. The price of Flash Technologies continues to drop. I had a look at some of the stats around it the other day and in 2008 you were paying something like 65 dollars per flash gigabyte. Today I did a quick search around for an enterprise type of Flash and last week you would be paying something like 8 dollars per gigabyte, so the price reduction in Flash has just been phenomenal over the last 4 years. That is really set to continue and what that will do is eventually polarize the market and more and more workloads will come onto the flash tier as that price drops.

Do you think the days of physical storage are on their way out with these developments?

Not yet I don’t think, I think that there are absolute valid reasons why I would want to keep my “crown jewels.” By that I mean the data and the assets that describe my business. I may or may not want to release those depending on regulation or compliance issues. If these were bound in to a service level agreement with assurances that the company that is going to provide those services that would be fine, but I don’t think we are there yet. 

However, I think there are elements of the business that are development elements, you see developers increasingly going to the cloud because they can spin up, spin down, spin up very quickly different development type of environments. That is about time to market but for the production and customer facing environments I think there is still a lot of scrutiny of whether we can do that today.

What do you think are the main barriers that prevent some organisations taking the plunge and res-structuring their IT systems?

One big thing that affects a lot of the customers I deal with is transition. How to manage the lifecycle of an infrastructure, retire old infrastructure and bring in new infrastructure. That entire process is a challenge when cloud down time is a rare commodity. In other words, you go to the business and say I need to take the system out of production for 2 hours on a Sunday night; you cannot even do that anymore.  I have heard of organizations that have kits sitting in their warehouses unable to bring it into production because they can’t get the planned maintenance windows to do that and when they do get them they have to meticulously plan the time. But, with our solution that is possible today however and that is what the likes of Revlon are looking for in that 6 to 9 of uptime figure. So, times have changed over the last 30 years and I think that is only going to increase to the point where downtime is just not acceptable at all.

What can organisations learn from the approach you have taken with Revlon here?

I suppose the key message for me and the one thing I have learnt over my many years in this business is that actually storage, when you begin to look at it is pretty much foundational. It does represent the foundations on which you build your business on and if today you have a very siloed infrastructure for your storage and actually your compute and your networking as well then you do need to consider how you can unify that and how you can share it. If you are designing “green field” from the ground up then it is easy to take that approach going forward. But, if you are sitting in a very siloed infrastructure then it is a lot more difficult. However, you can make small steps to actually get towards a shared unified infrastructure and start to introduce clustering but, absolutely you should just take on board that the storage is pretty much foundational and you can drive huge efficiencies if you get that layer correct.

What are the technologies we need to be watching for in the future – how do you see things progressing for big scale business infrastructure?

Flash changes everything for me. It will change the whole dynamic within the storage industry so I would absolutely advise everyone listening to this to keep your eyes on that developing market. It is quite confused and quite exciting at the moment and there is a whole bunch of new technologies that are following hard on the heels of flash so if I was going to say one thing I would say that semi-conductor based storage technologies are the future and that is going to be the one to watch. From the cloud side of things the future lies in how cloud enables the business and it brings IT back into the fold of being an enabler for the business if that makes sense.  I think we have gone through this curve where the IT function within the organization has been very much a cost centre. But, IT can absolutely be the enabler for the business and cloud is probably the vehicle for that. The way that I see that happening is with things like self-service, automation of provisioning and service catalogues. Also the measurement and reporting and show back, charge back elements are going to be key in the cloud. Storage plays a huge role in that, how can you provision, how can you automate provisioning, how can you do that against a service catalogue of specific levels of service. Then how can you measure and report on all of that. It is absolutely foundational for cloud once more.

For related articles and podcasts visit http://www.itproportal.com

What brought about this study initially?

Ed Airey

We are very excited about this research, it is part of a conversation we have had for quite some time with our customers who continue to search for talent for critical business applications that were written using the Cobol language. It’s a challenge that we are seeing more and more as the skill set within organisations are retiring and moving on.

Michael tells us about your work at Limerick University?

Michael Coughlan

I have been a lecturer at the university since the 1980s and have been teaching COBOL since then. I have a popular website of COBOL tutorials and instructions.

Explain then how COBOL has a relevance compared to other languages? What is it used for? It has been around a long time hasn’t it?

Michael Coughlan

Yes it has been around a long long time and people keep predicting its demise but it has managed to soldier on. Probably the reason is that it is very good fit for the business domain for information systems, posting of files and that kind of thing. Other languages for example if you were to take Java for instance, they don’t have the built in native types that COBOL has for dealing with currencies.  They have to import them as classes so in a Java programme for example you might have a mixture of operations for multiplying and dividing integers and then to multiply and divide currency and you would have to have a completely different set of operations. In Cobol that is all one thing because in Cobol the facility is present to allow you to do multiplication on decimal data as a native data type to the language. That is what makes it so fit for operations and for business in general. There is a huge inventory, approximately 89% according to Gartner of all the programmes in the world are written in COBOL If you go to the ATM it is probably COBOL behind that. If you get your payroll slip it probably has COBOL behind it too. It is incredibly important for all the mission critical operations that we do in the world and our current problem at the moment is that we have all this code out there but the pool of COBOL programmers is shrinking and we are not replacing them.

MicroFocus has recognised this problem and launched the research that we are talking about today so talk us through how the data was collected. How many universities were involved?

Ed Airey

The research that we conducted was across about 120 universities and I think what was very interesting to us was through the poling we saw some very common trends. Much of what we believed to be true was actually true in that there was an inability to meet the demand that businesses have in terms of being able to find the COBOL talent in the industry. There were just not enough students coming out of university with that skill set and organisations were faced with either internship programmes or perhaps moving to a different technology. Of the universities and academic leaders that we polled, only 1 in 4 today are teaching COBOL so certainly there is some work to do there. In that same data sample over 70% of those people stated that they still believed the COBOL language will persevere and will continue for at least the next ten years and perhaps longer. That leads us to believe that obviously the language is not going anywhere and we are still somewhat dependent upon that technology but there is a question of how we are going to support it moving forward. Very few students were graduating with a skill set in COBOL and I think in total it was about 5% overall of the data sample.

Michael from your point of view working with students on a daily basis what’s the attitude of students towards COBOL languages and could part of the problem be linked to the way that in the world of technology we are always looking towards the next big thing?

Michael Coughlan

Unfortunately you are right there is the attitude that students are attracted to the new and the shiny and even now if you go onto the internet and you do a search on Java you will see lots of material there talking about Java as the new COBOL. In other words students are now being attracted to the much newer languages like Python and Ruby. Students are attracted to the new and the shiny so it is difficult to get them to engage and to realise the importance of the language and I mean it also does much more mundane stuff, you are not writing, you are not operating systems and you are not writing system programmes you are writing business programmes and they tend to be (from the students perception) seen as being a bit stodgy.

Does the answer to promoting and inspiring students to take up the COBOL language lie with academic institutions, the industry or governments? Who needs to be working on changing the perceptions here?

Michael Coughlan

I think it is combination of all those exactly as you have suggested there. MicroFocus for example and the other COBOL vendors are doing some good work in that regard because it used to be very difficult for students to gain entry into COBOL because of the expense of the compiler. Now though, MicroFocus are making that compiler free and Fujitsu have a similar sort of arrangement so at least you can download one and try it out before you buy it. Those sorts of things are allowing students to actually try out the language and reduce the cost of learning the language. That is a tremendous improvement and that movement has happened very recently. So that is one way of doing it, the other way of doing it is for the companies to start advertising for entry level COBOL programmers because there is a definite perception among the students that there are no jobs in COBOL and if they do a search for jobs in COBOL what they find is that the only jobs are for people who have 10 or 15 years experience. Obviously they are not going to go for those jobs and they see them as being not available to them. Companies need to make it clear that they need those people and need to start advertising for entry level programmers if they want to replace their ever shrinking pool of programmers.

So are MicroFocus now looking to promote this language to students? How are you going to achieve that?

Ed Airey

Absolutely. That is a part of what we hope to do within our academic programme here at MicroFocus not only through being able to provide access to software as discussed earlier, but also by connecting them with the market and the opportunity. That goes both ways it is also for the business organisations to help them by promoting the jobs that they have whether they be entry, end or senior positions. So, that is what we are looking at here as part of a talent hub initiative at MicroFocus for people to connect those two together so they can share in the joint opportunity.

There was a recent campaign by code.org with a viral video campaign that we have covered here on ITProPortal recently promoting programming generally as a skill to young people. Is this do you think indicative of a skill shortage in programming generally not just within the COBOL language?

Ed Airey

I would say it does span across generally and applies not just to the COBOL language. You see it within other languages as well but I think it is probably more pronounced in COBOL than in any other language for the reasons that we have discussed. COBOL is found within so many businesses that if they stopped working the situation would become very very critical. So, I think it is more pronounced within the COBOL language but you also see it within many older languages as well.

Well as a result of the MicroFocus study what would you like to see happen now to bridge the skills gap and inspire students to take up this programming language?

Michael Coughlan

I think I would definitely like to focus on persuading other COBOL vendors to address the situation and to encourage people to become COBOL programmers. I would also like to see industry advertising to raise the profile of COBOL in general.  That is what needs to be done but there is still going to be the perception that other languages are more modern and to an extent what else can you expect COBOL has its origins in the 60s. New languages are going to come along and people are going to expect that they more modern, more advanced and more interesting and are going to be drawn to them because of those things.

Should governments be getting involved here? What could they be doing?

Michael Coughlan

Governments can get involved and in fact I came into computing (as my original degree was in history) because of a government initiative in the 1970s when there was a shortfall in programmers. The government then actually paid us to take conversion courses to convert ourselves into programmers and academics of one sort or another. We are seeing a similar sort of thing in Ireland now where fees are being waived for some of the courses in the higher diploma and the one-year conversion type courses. These things come and go in waves, in the year 2000 our numbers on the course were very large and we were having difficulty coping with the numbers of students that we were getting in and then the Y2K problem happened and the departments spent all their budgets. As a result, employment fell off quite dramatically and that information percolated through the schools and people stopped applying for the courses leading to the current shortfall now. Computer science departments all over the world were not turning out programmers or computer scientists and that is what has led to the current crisis. Once that is addressed we will probably have a glut again and then a shortfall and so on.

Well a final thought from you both, what was the most surprising thing about the findings from the MicroFocus study?

Ed Airey

I think what surprised me the most about this study is that we still have more work and more roads ahead of us in making an impact. I think that in many ways we are still falling behind in addressing this challenge. I think time to a degree, is running out and I think if we don’t have a positive change in skills development then I think what will inevitably happen is that we will be forced to take a drastic decision about the technology. Sometimes, drastic decisions don’t typically end well if they are made in haste and made under that type of pressure. I think that there is certainly urgency upon us to make sure that we do what we can to try to and change the trajectory of where this research leads us to believe we are headed.

Michael Coughlan

To be honest I was surprised that there was a many academics as there were who were expressing the need for COBOL because traditionally people have been a bit COBOL resistant one way or another so I was quite gratified that there were that many people who were aware of the need for COBOL.

For related articles and podcasts visit http://www.itproportal.com

Tell us more about the Symkloud platform, how have you designed it to support these needs?

The trend in the market is that a lot of the applications are moving away from the handset and finding their place in the core network infrastructure. So the challenge to launch new mobile devices is primarily battery life and also processing capability on the handset itself. A lot of the applications are moving towards a cloud infrastructure where they are managing computer resources in the back end of the network. So that could be mobile gaming or it could be streaming video applications and transcoding to offload to the mobile device. That mobile device could be pretty much anything from a tablet to an iPhone you name it. There are other mobile devices connected to the network now and one direction where we utilize the mobile device is from machine to machine interaction towards a cloud infrastructure. The difference between the tablet and the Smartphone is that with a tablet transmitting machine to machine data is really is transmitting only data, or in some cases streaming video. With smartphones that includes the location or GPS information and lots of other information as well. So, the end-to-end device is just a gateway to transmit data towards the cloud. The processing takes place in the cloud itself.

What we realized is that in the current environment using standard hardware, for example into Intel CPU processors is if you have a massive CPU as the computer engine in the infrastructure the scalability and the cost are very challenging to accomplish new deployments. In other words if I have multicore platforms the only way I can actually separate multiple tenants in the mobile cloud because we could use the term “multi-tenant environment” is by adding a software layer on the platform itself and do virtualization. When additional software is added that typically brings the challenge of maintaining the software revisions in order for it to be a secure virtual core. The other challenge is the cost of course. We need to add on top an extra burden and it is not easy to manage so the cost is pretty high on average and in manageability and flexibility it is really limited.

So we approached it by coming up with a platform approach where we have more scalability by separating multiple smaller CPUs with dedicated memory and a dedicated hard drive and also a dedicated memory for transcoding and actually separating it into a 2u where we have up to 9cpus for web applications and up to 18 for transcoding applications. So they are more flexible and we can actually scale much better.  The other advantage for computing approach is by eliminating some of the power consumption and challenges. So, again coming back to the example of having a massive CPU multicore with visual layer, the web platform is usually sharing resources, memory and hard drive so this means I cannot just shut down if I underuse my CPU. The CPU still has to be fully active and I can actually optimize the load on the platform itself and in low peak times I can actually consolidate the workload into multiples of smaller CPUs. Even shut down an underutilized CPU so it is much more flexible and more scalable and it also helps on the capital operating expenses low.

With Web 3.0 and mobile cloud gathering attention in the market were there a list of challenges that you were trying to almost tick off while you were developing the SymKloud platform?

Yes we looked at the market conditions first. We have another product line, which is coming soon in the form of an end-to-end platform. If you look into the market demand for end-to-end productivity coming up, the traffic model within the network will have a different shape because we are using machine to machine interaction and the packet sizes are more numerous within interactions but in a smaller packet size so that makes it much more efficient to use smaller scale CPUs, but a lot of them.

The challenge with this model was that, more CPUs means you need to have a load balancer for functionality in the platform itself. This is in order to optimize the traffic load and the workload for each individual CPU. So we broke into the platform in order carry out check pointing to see what the utilization of each of the CPUs is in the platform and redistribute the traffic accordingly. The other advantage of balancing the functionality is that if you have say, streaming video for example you can actually do controlled balancing. This means that if you have an app for insertion you can actually have much more flexibility of including this into a platform by a dedicated note to the 2u platform for only managing the app insertion and have the streaming content on a different note.

So that is the advantage of having balancing and switching in a platform.  The other was when we talked to hosting service providers or customers we discovered that the upfront costs from the data centre in the traditional way is outrageous meaning we currently obscure what they are because the upfront costs for switching, cooling and rack space are the most critical ones. You can imagine if you have to invest in switching gear up front on the top of the rack, switching for let’s say 25,000 hours and you are not really utilizing other ports then you are going to increase costs pretty significantly. In our approach we have a better scheme by actually adding up multiple clusters without the need of a rack switch so again we are reducing costs and providing more scalability on that.

It is important to many businesses to streamline their services does this help them to achieve that in a new way do you think?

Correct, because if you go onto other cloud services or hosting services sites, the infrastructure costs have a fine margin. If I am selling services to end users the infrastructure costs are a big burden for me to actually generate revenue. So if I can eliminate some portion or minimize that, through reducing power consumption, costs for cooling the data centre, etc. then I am able to generate revenue much quicker.

Well the spec mentions the app ready modular system that you have built this around. Explain more about that?

The application already is a bit of a different approach. In the past we have been coming from the embedded computer technology space and we provide it in modules based on Intel and other processors and platforms but the key here is to bring cloud providers and other equipment providers to revenue quicker. So what we are providing is free integration of some of the platforms of the operating system with some manageability to our customers so they do not have to develop an interface to be actually able to use it and provide the cloud developer an interface to actually provision it. So these we call application ready because we have already the capability built in for provisioning of the cloud application development itself. It is basically the framework to get off the ground much quicker.

Looking at the industry as a whole are organizations really prepared for the changing needs that all businesses are going to face regarding data storage moving forward?

The challenges coming right now in the market really relate to the need to manage the modern technology acquisitions alongside the lack of increased profit margin. It is very competitive and our customers need to come up with a more innovative way of increasing the margin on an average revenue business portal. This issue has been out there for a while but it is moving quicker when you see the forecast from all the analysts in terms of the traffic demand for mobile devices on top of the machine-to-machine productivity to the cloud.

For related articles and podcasts visit http://www.itproportal.com

Let’s start with a bit of background on Canonical what are you best known for?

We are a limited distribution and the product we are best known for is Ubuntu it is one of basically three or four commercial operating links operated systems out there, many of which people will know such as Red Hat and SUSE. At Abunto what we have been doing over the last few years is particularly focusing on cloud computing and impacts that developers see there in the way that they develop and deploy applications out into their businesses. So that is what we have been focusing on and really trying to understand what is going to change now that we are deploying and developing applications in the cloud and what that means in terms of the sorts of things that Linux distribution needs to deliver for them.

Now if you look at the Canonical.com website you will see the phrase Hyperscale trend. Explain what we mean by that Steve?

I think you see two trends that setting the way that applications get developed these days. First of those is the rise of what I would call the web development stack so using JavaScript and using some of the dynamic languages python, ruby and web scale development and that is making its way both in terms of consumer applications but it is also making its way into business. All of the applications that are developed internally for enterprise are now developed on that type of development stack. So that is one thing that you see. The other thing you see is the impact of that capability and development in delivering very large applications at scale so if you look at Google one of the things they are doing there is fundamentally changing the way that applications are delivered and developed. So when we are talking about Hyperscale what we are thinking about is how can we help businesses take advantage of those new capabilities, and those new ways and developing and delivering applications so that they can get some of the advantages and efficiency in time to market that some of the famous examples in the Google and Facebook type areas take advantage of those efficiencies.

What have been the business needs that have pushed this forward then?

The main things I think have been that a lot of the developments around Hyperscale computing are really about the agility in development. A common phrase that you hear people talking about is the fault line between development and operations and reducing that fault line to develop a greater speed of time to market so rather than the traditional cycle in an enterprise of developing an application for 6 months or 9 months and then doing a deployment which would take 3 to 4 months we are trying to reduce that so that you can get those capabilities out to your business or out to your customers that much faster so can you do continuous deployment. So, it is really about enabling greater agility, greater speed and certainly there are lots of efficiencies that you can also get while you are doing that which will help on the cost saving side of that equation.

Well you are famous as you mentioned for Ubuntu and for those not familiar with this system give us a bit of background on that?

Ubuntu is a type of Linux distribution and we work on both clients’ laptops but also on servers. We have a very agile deployment method so we do two types of releases; every 6 months we release a new version of Ubuntu that has the latest features and the latest pieces of software in it. Then every 2 years we do a big release which is a long term support release and the real critical difference for businesses there is that it answers these dual problems that they have at a technology level around how they can get the latest and greatest features that they can develop their software on because that is what developers want to work on but then how can they also make sure they have a capable system internally which is stable, secure and maintained. This means that people running systems in production can have those systems stable and secure for a much longer period. Our maintenance period on LTS is 5 years for example so for those who are perhaps deploying a CRM system they would chose the LTS release, but those trying to do some fast development on a new feature or on a new capability they would chose our 6 month release. In general we have tended to be focused on fast technology, new technology so things like Hyperscale and big data instead of some of the slower moving aspects of the enterprises like Oracle database compatibility for example.

So from your core product in Ubuntu to this new relationship with HP tell us about how that relationship came about?

One of the things that we noticed from our customers and our users in particular as they start to use this more agile stair box capability is that one of the implications aside from the software level is what happens at hardware level. You now move to a system in the cloud or with these very agile deployments where what you want to be able to do is get the software out there and scale in a horizontal fashion so you want your application to run across multiple servers and then you need to add more scaling to the application rather than getting a larger server you want to just add more servers in. That is the way in which the architecture changes. But of course at a hardware level that has a lot of implications as well because what you are trying to do at hardware level is trying to be as efficient as possible and to use the smallest amount of energy that you can and the smallest amount of physical space that you can and so we have been thinking about Hyperscale for a while working on things like ARM chip so ARM CPUs which have traditionally used a lot less power than some of the X86 ones. So we started working with HP on the Moonshot project and what Moonshot is about is re-thinking how servers are designed, configured and deployed and to take advantage of these new software architectural capabilities.

When you were looking at the developments in your operating system and core products what were the gaps that you identified over the last 12 months in your offerings that you have had to respond to in order to move things forward?

I think the interesting gaps that we are trying to respond to right now is probably at two levels, one at the hardware level and the work that we have been doing with Moonshot specifically is about trying to get the most and highest level of density in servers.  To some degree this is an old problem because server manufacturers and people in Data centres have wanted to get as much density as they can out of servers for a long time but some of the new architectural capabilities there are available for instance with some of the things are around ARM and ARM CPUs mean that there is a sort of a new step down in terms of energy usage and a new level of density that we can manage. That does have implications for the operating system though because the operating system has to be hardware aware and it has to be able to boot this new hardware and bring this new hardware online whenever there is a temporary need. So, imagine an internal application, maybe it is a financial application and it runs once a month or runs at a steady state once a month and then suddenly has a big pile of work and it has to work out how to pay all of the employees. So what you want in those circumstances is a hardware level there so it can chug along on 15 servers and then when there is a sudden spike it should be able to double that amount of hardware that is being used. Of course at a hardware level what you want is the hardware not to be using electricity for 29 days of the month and then for 1 day in the month is to bring that hardware up and use the software and then go back to not using that hardware after that temporary work load spike has finished. There are implications around the software around that in being able to boot hardware, manage hardware and understand hardware’s capabilities and that is certainly something that we have been thinking a lot of with Moonshot.

Has cost saving for your clients been a key driver in the developments at Canonical? Big data has been traditionally very expensive to manage so how have you made it cost efficient for your customers?

I think that one of the things that is going on here is that, one of the challenges with big data in the past has been that at a hardware level and a software level it has been quite costly and complicated. At a software level really big data is starting to become much more ubiquitous and Ubuntu has a lot of big data capabilities. We are doing a lot of work on the software to make it really easy to deploy and manage big data capabilities. A lot of the capabilities around cloud computing help to put that management framework in place. So that has been getting easier but you still need a large number of systems that can process all of that big data. So when thinking about how you can really make it cost efficient for an enterprise to manage big data capabilities and how they can use the hardware as efficiently as possible, we talk about how we imagine that a customer’s internal servers are acting. Just like a public cloud. Rather than you just using the Amazon cloud, we take a customer’s internal servers and start treating those like a cloud. Right now we want to use all of our hardware for this big data job or a significant part of the hardware for this big data job and then we are going to use it for something else later. Thinking about that flexibility and that dynamism in the way that customers can use the hardware is a really big thing and ensuring that it is as cost efficient as possible.

Well we have seen a massive increase in the data that businesses are needing to handle but we have also seen this massive increase during a period where the markets have suffered from the global recession has this combination opened up opportunities for a company with cost saving solutions like yours do you think?

I think so, one of the things that was happening before this tough period was that people were very comfortable with the technology that they had and so as they added more data or more processing to their internal systems the balance of risk for them was that it was better to stay with some of the expensive proprietary systems because they understood those systems. Whereas now, both in terms of the rate of growth in big data requirements but also the fact that everyone’s budgets are under so much pressure that the balance of risk favours something with a step function better than what was available before. Open source and from my perspective particularly, Ubuntu allows us to deliver a much more efficient, capable and scalable systems to customers at a tenth of the price of they are paying for the proprietary systems. It does mean that there is new software for them to learn so there is a cost of change but they get a much better function and capabilities at the other end of it. That has had a big impact and I think people have become just more aware of the richness of the solutions that are out there as the big data issues have become more common. That is helping organisations to experiment with some of the open source offerings out there.

If you could pick out the most important benefit to organisations that Ubuntu and Moonshot offer what would they be?

I think that for organisations that are looking for a greater degree of agility in the sort of application development and deployment methods that they are looking for and they really are in a situation where they want to make those great cost savings and efficiency that you can get from a specialised hardware then Moonshot and Ubuntu is a great solution.

Your predictions for the Hyperscale trend over the next few years, where are we going next?

I think I am looking forward to seeing Hyperscale coming much more broadly into the market and some of the capabilities about management and deployment of software becoming much more mainstream because they are applicable and there are lessons that people have learnt in Hyperscale space that will be coming into the main market over the next year or so.

For related articles and podcasts visit http://www.itproportal.com

Hyperedge Architecture to enable agile, application-centric campus networks for the mobilized workforce. it’s quite a mouthful so Marcus, tells us all about it!

Let me try and simplify because it is quite a big sentence to describe what is actually a simple view. What we are doing here is just listening to the customer base and listening to what clients need. Infrastructures, particularly network architectures have not really evolved in the last 10 – 15 years. They have got quicker and we have added more features but the way that we go about designing them was really designed for what we call the higher clients server architecture which we have all grown up with and most people with be familiar with. Back then, applications were on a local device, normally a PC and you had your main applications, replication and actual storage back on a server. This was usually somewhere in a server farm, a compute farm, or a computer room etc. Now two things have really changed, the first thing is that cloud technology is changing the way that we access our applications. Virtualisation of the applications is happening so you can no longer really point to a single server farm or single computer room to access your applications. At the same time, there has been an explosion in mobility and also the way that we access data. The architectures that exist are not really suitable for mobility so what we are seeing from the client is that they are reluctant to roll out new applications like video. Highly mobile forces with "bring your own device" have really been held back by the network architectures that people have. So Hyperedge has been designed to address that and allow organizations to run their applications to the ends that they wish to, without having to worry too much about the architecture that they have. In a way, this is the first step to another big topic which is software defined networking.

What is the importance to an organization of their getting their network architecture correct?

We need to remove some of the legacy barriers. People spent far too much money and time in our opinion worrying about their network architectures and those network architectures have a lot of legacy protocol. Let’s take one for example; Spanning Tree protocol, which was designed to stop blocks and loops in networks. What that really means is that you waste a number of ports and you have to think about the flow of traffic that you have. By removing that protocol need and the need to manage it, you can actually free up a number of ports and get more density which has a cost reduction straight away. This allows you to run out your applications without thinking about it. Another point is looking to be able to manage domains as a single logical architecture. That would be very handy because at the moment you have to look at managing switches individually so you have to have some very bright people in your organization to think about how to deploy applications. What we want to do now is to deploy applications very quickly and just know that we have a robust infrastructure that can look after them and adapt to what you are doing.

Is it the case the network architectures still lag behind the demands of the work place especially in terms of mobile working perhaps?

I have heard people say "I can do more with my iPad" and "I can do more at home with my corporate infrastructure" and that is the case for nearly every organization and that simply cannot go on. People are demanding that they have the same flexibility for applications in the workplace as they have at home. The reasons why most organizations lag on that are down to three aspects. The first is the cost of replacement of the network. The second is security, with people accessing information and the third one is the sheer complexity of allowing people to work on what we call an open ended architecture. The productivity gains however will outweigh those barriers and so forward thinking organizations are making their changes now. The other big thing is that within most architectures now, the last connectivity point is wireless. People generally do not actually wire their laptop, tablet or whatever they are using to access information the network. There is an access point which then goes back to the network and that has been a huge change to the way that networks are designed.

Obviously mobility has had an impact on security risks but what measures have you taken to ensure the safest possible network architecture?

Brocade itself is not a security organisation so we see ourselves fundamentally as a infrastructure organisation predominantly around the internet protocols and the fibre channel protocols. What we do is adapt to the open standards but with 8021X for authentication. We also partner with organisations such as McAfee, Symantec and Palo Alto with the next generation firewalls to secure these network access points.  We believe that security needs to be looked at as an appliance and not an infrastructure layer and therefore we don’t see ourselves entering that market but just want to work with the best of breed in that market.

There are open standards around the IEEE which allow people things such as authentication but security requirements are very personal to the organisation I mean clearly if you are financial institution or healthcare institution you have a very different security requirement than if you are a retail organisation so what we are seeing now is people being able to tier their security requirements and then buy appliances or effectively software which allows the security at the correct level. Security at hardware level is really overkill for a number of organisations. When we talk about the edge of the network its mainly an access control and appliance device so you can see why people like Palo Alto are really growing very quickly with their virtual approach to security as opposed to a physical approach to security.

What are the main points that distinguish your solutions from other service providers?

The differentiation in our approach is sometimes difficult to explain because it gets very technical very quickly. The network standard is open and therefore as you know any networking device connects to any others so really the innovation we try and bring can be described in three areas:

The first is simplification; allowing people to run applications that they cannot currently run and to simplify their management. A number of switches or single hardware devices can be compared and collected together to be managed by a single IP address. You can put in any policies that you wish to, maybe it’s a floor of a building, a whole building or a whole campus. You can apply the same policies as if it was one big single logical switch without having to make complete configuration changes. The cost savings on that are massive in terms of the time spent just keeping the lights on.

The second is with a Hyperstack and Hyperedge area. We actually now have an upgrade path which means you can now buy in at a very minimal cost with lower features and then bring more features together later by simply implementing a more intelligent switch in the stack. You do not have to replace every switch, you can in fact just bring in one intelligent switch and that populates those features down the line. So we are looking at future investment protection.

The third thing really, is making sure that we have a complete management system which allows people to manage all their flows, not only for those in the edge of the network but also in the core of the network, to have a single view of all of their traffic. This applies not only in the application world but clearly we are the market leader in the storage world as well so we have a single view of the three aspects above. They are the three cornerstones of the simplification and the benefits which we are trying to bring.

Do you keep a close eye on trends and patterns within the ways that businesses are working in order to design solutions for your customers?

We don’t declare quite how much money we spend on gathering that information here but I can assure you that it is in the tens of millions that is invested every year. I think the important thing is that you need to form your own opinions as a manufacturer. We take all the information we are seeing and take all the trends and then we form our own opinions for our five year roadmap. I think the one thing that everyone agrees on is that the explosion of mobility is huge. The mobile devices (whether you are a Samsung user, an Apple user or a Blackberry user) are getting smarter and their capacity to generate data is growing. There is no end in sight for that.

We were just about getting used to video to the desktop and now all of a sudden high definition video is being used and then we are looking at ultra high definition video within the next 2 -3 years. Customers often say that they don’t need that, but you can see how this could change your processes. For instance, ultra high definition video would allow a doctor to diagnose potential skin ailments over the phone. That changes everything, you don’t need to travel to see a specialist anymore.

What we are now also seeing, to coin the phrase, is the 'Internet of Things'.It is believed that by 2020 there will be over 30 billion devices connected to the internet. Over 200 billion devices with intermittent internet activity path. So those requirements are just continuing to explode along with the requirement for data storage. On both sides of our product lines we see the addressable market growing significantly and what clients are crying out for is complexity  removal.

I guess that means that you need to create a product that is flexible and scalable enough to constantly adapt to changes in demand and usage?

We do and it is a challenge because we are bound by the laws of physics and so it amazes me how our IT departments continue to come up with ways of actually bending those rules slightly and getting the most out of them. But, really we cannot move traffic any faster than a light beam or an electron can move down a wire or a fibre channel so we are really really pushing the boundaries of what can be done in a number of ways. As an organisation Brocade is number 1 in the research network so if you consider 'Internet 2' which is basically the new internet built by the research organisation in the US, that is actually based on our technology.

We are well known for stretching the capacity of what can be done in the networking point and now more and more getting that ethos into the end user community and into the enterprise community where we haven’t been seen as strongly over the last 5 or 6  years

For related articles and podcasts visit http://www.itproportal.com

Give us a bit of background and then your own journey to the position that you are in at Wipro now?

I have been a Wipro for 3 years now and I have been running Wipro Consulting in Europe and recently took over consulting globally. Prior to this I was with Capital Market a niche consulting firm in the financial services market and prior to that I was again with Wipro running financial services businesses in Europe.

Well most of the businesses we have been speaking to on this podcast are relatively new but Wipro as a group of companies at least has been around for a long time since 1945 hasn’t it?

That is correct that was when we started off. Thirty years on from that, we moved into the IT part of the business and as a result of IBM in India we found a gap in that market into which we stepped and ever since that we have been on a tremendous journey and today we are providing services globally in roughly about 54 countries worldwide.

Tell us a little bit more about the early days of the company what would Wipro have looked like if we were here talking about it in its first 20 or 30 years of its history?

Wipro has always been very innovative so when the opportunity to work with IBM during the 70s moved out of India due to issues in terms of nationalization and so on Wipro found an opportunity to service the local market in India and subsequently take its services to the global market.  So the approach really has not changed in terms of always being innovative and trying to find where the next set of technologies or trends emerging in the market is going to be. They are also a very passionate organization in relation to employees and structures so individuals who have joined us over the last 15 – 20 years continue to be with the organisation. We have also always been looking at the emerging technologies such as cloud with a raised mobility so; we have always kept at the leading edge to find solutions for our clients. If you go back through the decades you will find that Wipro was smaller and rapidly growing and we are now larger but still aiming to grow in the market.

Well you pride yourself in having members of the team that have many decades of experience has that been an advantage to you do you think?

There is a balance between holding the heritage and culture together whilst bringing in employees that offer new talents and skills. Having employees with 20 years plus of experience and then having no new employees would never be a healthy balance, but I think the balance that we have at Wipro is very useful for us to bring heritage together with fresh skills and capabilities. That is absolutely critical for our organisation.

What are the innovations that Wipro are most proud to be involved with currently?

We can break that down into 2 or 3 things.  Firstly innovation is really to win in the world of constraints. If you look at the world today, whether it is energy or talent capped most of these are getting constrained because of the availability in the market today. The way we want to work with our partners or our customers is to identify what changes are being enabled for the businesses driven by the innovation that is happening in technology. So for example, if you look at visualisation of technology with the scale of simplification with unit costs that are coming down, we are looking at how it can help to reduce IT costs to reduce risks to improve business insights.

If you look at technology today with cloud in collaboration, which actually allows enterprises to really globalize the asset that they have today, you do not need huge capital expenditure to buy platforms today when you can use cloud.

You can also look at innovation in terms of the way technology has been consumerised today. This is through the use of Smartphone’s at enterprise level on platforms such as Google. These are all actually coming in today and we are interested in how they actually benefit the business rather than just having it just in the IT department and not being able to utilize it.  So we look at innovation as an organization perspective from two angles. One is how do you optimize costs and secondly how do you grow your business using emerging technologies and what additional revenue channels can that add.

So as a global company how has the recent recession impacted both upon your business and that of your clients and how has that changed the innovations and the services that you have provided?

Organizations really started to entrench, go back into their shells and just look purely at cost. This is where we actually stepped back and came up with ideas on how you globalize your cost base, which is built up out of technology platforms. As this has moved forward over 2008 and 2009 and so on you can only do so much around cost optimisation. Next is how you actually start looking at what additional markets we can go to. In the Western hemisphere, Europe or America it faces challenges so we identify emerging markets such as Asia or China where the growth is still strong. This where ‘consumerisation’ comes in, i.e. how do you make your platform and your technology available through devices that the emerging technologies have moved one level ahead of and how can you make your revenue streams through different channels to make them available through those emerging technologies. So our whole innovation platform is driven towards the exit from the economic climate for client organisations.

To that end then do you think those challenges put forward by the global recession have actually helped to develop technology in that, technology has been developed to help cut costs? Is there a positive aspect here?

I think it is positive in the way that we use technology has changed. No longer would you want to spend hundreds of thousands and millions of pounds on platforms that you will need to secure and maintain on an ongoing basis. With the recession hitting organisations and the cost coming down they are starting to look at having centers where that can be forwarded to them so cloud for example has helped organizations reduce costs. Mobility has helped them to get cheaper channels to market if you will. So to a certain extent a lot of businesses have started looking at technology as a mechanism to help provide services. Organisations need to become more aware of what the business is doing; it is no longer an isolated department within a large organization like a call centre. What they need to be looking at is how the organisation can use them more effectively to regenerate revenue.  So I believe it has been a positive trend and when we come out of this we will be much stronger.

A new financial year is upon us now and looking forward to 2014 what are the key focuses for you moving forward?

With the recent announcement of Cyprus and the other challenges that Europe is having and also the market in North America’s difficulties I think our focus will continue to be building on helping our customers utilize technology better. Help businesses look for more revenue streams. Partner with our clients more in terms of getting them to understand how business can really benefit from technology plus at the same time bringing then innovative platforms like mobility cloud. The fundamental thing will be to partner with clients and effectively put ourselves in their shoes to think how they are looking at the world and what channels they have to develop to actually grow their business.

What do you see as the technology development that is going to have the biggest impact to business organisations and the way they work in say the next year or two?

I would say collaboration. I think that with the technology enabling you to now have collaborative development globally you do not need to have large technology centres. You can now collaborate with centres across the world to be able to bring your product to market. I think that will have a huge impact in the way organisations not on

For related articles and podcasts visit http://www.itproportal.com

First of all tell us more about yourself and give us a bit of background on Aruba Networks?

My responsibility with Aruba is that I am the Senior Director of Marketing for Europe, the Middle East and Africa based in Paris, France. Aruba has been in the market now for approximately 11 years and our focus as a company is to deliver end to end comprehensive solutions that allow enterprises and service providers to really deliver the holistic mobility experience so everything from the network piece to the security piece and then extending into what we are going to talk about today which is all about mobile applications and pulling them all together to allow our customers to have a comprehensive mobility platform.

Let’s start by defining what we mean by Enterprise Mobility?

It started very much in the vertical segment about 10-15 years ago where you had retailers and logistics companies needing to have extensions to hand held terminals that they were using for various business processes, think about bar code scanning as a great example. As the market progressed and we sold more and more laptops into the market they started to be received by the general worker who became more and more mobile the enterprise until today with the broad variety of tablets and smart phones. What we mean when we say mobility is everything from how that user connects to information and how they access information over a network and how they move between networks. Also how they move between network environments so in the office one day and on the road or in the airport or potentially at home another day. So it’s all the intelligence, software and the management that make that experience robust and reliable but secure and easy for that enterprise to manage.

Tell us about this new product called Workspace then. What were the gaps in your offerings beforehand that led to the development of this product?

That is a good place to start. The market has been talking a lot about BYOD over the past 2 years “Bring your own device” and what we are really seeing within our customer environment is that BYOD for most people essentially means a shift in who is buying the device, so traditionally IT has always bought and given a device to a user when they come into the company. Typically it was a laptop or a Blackberry smart phone. But, increasingly of course what BYOD means is that the user is buying their device and bringing that device into the network. Now the reality is that we are seeing an evolution of the BYOD challenge. It is not just about whom is procuring the device but we are actually seeing a complete shift in user owned or user controlled IT. So, I as an employee am increasingly making my choices around which devices I buy and which devices I use, which networks I connect into and which applications I use. It is a complete reversal to how we have been in the past really, enterprise computing has always been an IT led scenario and now we are seeing the user actually take more and more ownership of the types of services that they are using. This is on the one hand great from the users perspective because they have a lot of freedom, they get to choose the applications and devices that they like but of course for IT this represents some significant challenges. So it’s these challenges around how I secure my network with these employee owned devices coming into my office, and how I manage those devices within the policies and the parameters that my business deems appropriate. Furthermore, how can I ensure that I can manage the applications that these users are selecting for those devices?

So what Aruba is announcing with Workspace is a solution that really expands our portfolio into the mobile device and mobile application management environment. Leveraging what we already have in terms of secure network connectivity and secure wireless network connectivity for smart phones and tablets and other mobile devices but now also moving into the device itself and managing that. This includes the applications that the user is bringing in on those devices as well.

You mention the challenges around users bringing in their own devices to work and you actually quote some interesting research that you carried out showing that 48% of users would feel violated if their employer had access to their personal devices and 54% admitted that they would not report the loss of a mobile device to their employer. What impact did this research have on the development of the new Workspace app?

Essentially what you are seeing in that data is that on the one hand the user is saying that this is my personal device and I do not want anyone to touch my personal information and at the same time they are saying by the way I am not going to tell you if I lose that device which now has corporate information on it. So you can see here the kind of difficulties that this places businesses into. Essentially of course they want these users to be able to use these devices and users want business information and business applications on those devices but they are not always willing to share or keep IT up to date. So this is a challenge of managing personal with the professional lives of employees because let’s face it all of us increasingly in our day-to-day activities blur the lines between professional and personal.

This challenge is what Workspace is ideally aimed to solve and how it does that is it creates a workspace on that device that allows all corporate owned applications to be managed and controlled on that employees personal device. By leveraging the policy intelligence that we have back in the network we can do things like for example, say okay that employee with his own device has now moved into a restricted zone, we know that because we know how and where the device is connecting so we can instruct that device to block the camera on the device for example, or block any sensitive applications that may be running on that device. In that scenario you are seeing complete integration of network intelligence, device intelligence and application intelligence. This is ultimately what Aruba Workspace is all about and how we showcase really the differentiation that we are delivering to the market with this announcement.

Well the network intelligence of this app is very interesting. You describe this app as network fluent. This must have been very important in allowing it to adapt to different networks and the security required on them?

That is exactly right. I will give you another example, with a lot of the Apple IOS devices whether they be tablets or iPhones, they are always looking to update their iCloud backups. Apple introduced iCloud and of course a lot of the contents are constantly being synched back into the cloud. Well, an enterprise may decide that their network is relatively congested on any given day and so can actually free up information into the device and restrict the amount of iCloud back ups that the device is allowed to do at any given point in time. So again you are seeing a great example of how we can understand what is happening in the network environment and then use that intelligence to affect how we authorize as well.

So how are you finding this app being received by organizations? Are they seeing the benefits from it straight away?

Certainly at the moment we are currently in beta testing with the product and what have found is that the product has been very well received and in fact our customers keep coming to us asking if we can support more and more applications with this platform. At the time of launch we are announcing 40 application partners that are working with us within the workspace solution. We are also announcing the introduction of a program that will allow us to bring in more and more application providers and also those applications that our customers may be developing in-house. That allows us ultimately to scale how our customers can manage more and more mobile apps within our environment. I think that this has been the biggest take away from the initial deployment that we have had in place. It is just the need for a broader portfolio of applications that our customers want to manage.

That leads us nicely onto the partner community, was it necessary to offer all those different aspects?

That is absolutely correct it is very important for us to be able to scale this program and make sure that we are making public the interfaces to the workspace application because being able to support a broad variety of applications like customers own internal developments is critical in making sure that this solution is a success.

What sort of processes do you have to go through as a solutions provider to create a product such as this for your customers?

Obviously it starts with being close to your customers and Aruba always prides itself on being very very customer focused and making sure that we are listening and working with our customers on a regular basis to understand what additional requirements and needs they have. Once we start with that kernel of information of course often at times it helps to be able to segment off a specific target team to be able to go and determine the problems and determine the solution and ultimately get to work in terms of engineering development.

For related articles and podcasts visit http://www.itproportal.com

For those unfamiliar with the Galileo project, give us an overview?

Tim Just

Galileo is the European satellite navigation system equivalent to the US GPS system and it has been in the making for some years now but the final constellation was launched into orbit and we have the first four satellites operating. On 12th March we had the first position fix from those first 4 satellites. It is fantastic news for the UK space industry because the pay loads and a lot of the ground infrastructure were produced and developed here in the UK. This competition is not about the satellites it is about how we use the improved positioning performance we have got from this new space infrastructure.

Tell us more about this competition then, what have those entering got the opportunity to become involved with?

Paul Batyer 

This competition has been running since 2004 and it started life as the Galileo Masters Competition to develop new applications and ideas for businesses that would use Galileo when it came online. The competition is more commonly known as the European Satellite Navigation competition and it is currently entering its 10th year. The competition opened on the 1st April and it closes on the 30th June and it is basically looking for people to come forward with innovative ideas that use satellite navigation for new applications, ideas that can actually be transformed into businesses that will employ people and use the Galileo services and to make money.

Is this competition something that is open to established businesses and organisations as well as individuals with their own ideas as well?

Tim Just/ Paul Batyer 

Yes it is an all-inclusive competition. Something that is assessed through the application and judging process is how much people have actually thought about the business case. There ought to be a business that can be made out of the application, service or product.

What sort of businesses do you envisage having the most to offer to this project and how have the entrants ideas changed over the last 10 years that you have been running it?

Paul Batyer 

Nowadays we are seeing more and more application developers come to the fore whereas in previous years we had seen people coming forward with ideas for products that would be bespoke and using navigation in their design. To give you some examples, the winner of the UK leg of the competition for last year was a company called Igolize. They were a start-up but people who had experience in creating successful businesses in the past had started it. Their idea was like a paradigm shift in terms of the whole navigation and location direction thing whereas they are looking at time travel or travel time i.e. how long does it take you to get from A – B by using a particular mode of transport following a particular kind of scenario. They are getting lots of interest from companies who offer services like Rightmove looking at a location of a house close to certain amenities.

Other people who have entered have included SMEs or even some larger companies. For example, I was telling you that this kind of competition started in Europe a good few years ago and there are now about 23 regions across Europe that participate in their own regional challenges.  We actually operate the UK challenge but there have been companies for example, like GMV from Spain who entered the Spanish leg of the competition a couple of years ago. They went on to win the national competition with an application that was helping to locate people who had been stuck in disaster situations where it helped to guide sniffer dogs to people who were in trouble. Another example is the runner up in the competition from last year who had an idea around precision sports. His application is basically looking at the performance of athletes by using the technology in tandem with other things to improve the performance of soccer players and athletes.

Tim Just

The beauty of this competition is that it is ultimately an ideas competition and if you have got a good idea of how you can use satellite navigation and you have got a good idea of how you are going to turn that into a business we can help. In the first round of the application process you will get your idea validated and there is a panel of experts who will review that and if you make it to the final you get a chance to meet them. If you are the successful winner of the UK leg you get a business incubation support package and some cash to get the company going which is usually about £5,000. You also get some patenting advice and the knowledge you need to get the company going. Also you get a huge amount of visibility and recognition in the community. To help you take it to the next stage it could be an investor or it could be an industrial partner. It could access some of the governments support infrastructures we have, such as the newly created Satellite applications catapult centre or the business incubator program so that you can turn your idea into a business.

So it is exciting stuff to be getting involved with isn’t it? Do you think here in the UK we are making the most of the Satellite based data and applications that are available to us?

Tim Just

We are starting to and I think we are leading the way certainly in Europe and possibly in the world. The UK has some of the highest ideas and applications within this competition across all the home and European regions. Also, the government is starting to recognise the importance of supporting both start up companies and bigger companies that are changing direction to make use of this technology. We have become very location dependant in our daily lives and we are very dependent upon space technology but don’t actually realise it. Something like 60% of all apps now use location information within some form of how they operate. The majority of searches are location sensitive these days. We often take it for granted that satellite navigation is there and available for us to use. What we want to do is get people to recognise that potential, recognise the improvement in the infrastructure that is coming with Galileo and how we can do more commercial things or just think about how it could improve society by being more location aware in what we do.

Galileo really is seen by Europe, as the long-term solution for location-based technology isn’t it?

Tim Just

Whilst we are in the process of launching the first Galileo program constellation we are already thinking about what improvements can be made to make it more affordable, more efficient and if necessary to improve its accuracy for the next generation of satellites. We have seen a real commitment across Europe that this is a long-term infrastructure program.

Paul Batyer 

Of course it is not just about Galileo it is about the kind of improvements coming forward in GPS and the other global satellite navigation systems that are coming online so now the chip sets that are available within your mobile phones will already pick up the Russian system, GLONASS as well and there is the Chinese system coming on line called Beidou. Pretty soon there will be so many satellites that we can lock on to in order to improve the quality of our positioning. It’s about using the positioning sensors and navigation sensors within the phone or within the device in tandem with other sensors as well. There might be the camera inside your phone and for example the winner of the UK leg of the competition 2 years ago was a company called Instantview and what they did was design an app for a smart phone which allows you to take a picture of an incident with your vehicle and that goes directly to the insurance company to validate your claim. There is a lot interest in that business and there is a whole support structure that is getting stronger and stronger in the UK to help to develop these businesses even further.

The creation of the Satellite Navigations catapult centre in Harwell are working in partnership with centres like Grace at the University of Nottingham to give support to businesses to help them get to that next stage in development, so it s really an exciting time at the moment.

For anyone listening who might have a great idea and want to enter this competition to submit a business idea to utilise the Galileo technology. Give us some good inside tips on how to make our entries noticed?

Paul Batyer 

First of all the database closes on the 30th June if you are applying from the UK. The UK leg is a really good regional challenge and as Tim has already said I think you can win a package which is worth about £10,000. But you will have multiple chances to win in this competition. So it is not only the regional challenge there is a special topic prize that you can go for as well; If you go for the European space agency special topic prize you can win more cash and you can win up to 10,000 Euros and you can get some kind of incubation as well. Then having entered into the competition you can go in for the main prize which gives you 20,000 Euros plus some incubation and so on. One of the innovations that we have in the UK is that the validation phase is built into the submission process meaning you will get actually the opportunity to get advice on your idea when you put it into the database.  The earlier you put it in and the earlier you start the process the better off you will be and in the UK we offer surgeries at events around the country which will be publicised through the www.grace.ac.uk website where you can come and meet the business, accountancy, IP and technical experts. There is a lot of value in there that you can extract to maximise your chances of winning and also as Tim said it is the exposure to the network that’s so valuable. We really rely on the hub of experts and the support that people like Tim give to this competition. As an entrant, you have an opportunity to interact with these guys and the networks that they are connected to.

Tim any advice that you can add?

Tim Just

I think there are probably two bits of advice that I would give the first is that it is not just an ideas competition it is a business competition so a little bit of time and expense and thinking about what the market might be will help. It doesn’t have to be fine detail but just a little bit of thought about what the business might look like and secondly, what sort of technologies we are looking at. We see a huge range of ideas in mobile phone apps but the Internet of things is coming and many of those things need to be location aware so there could be a real opportunity within the Internet of things in this competition.

For related articles and podcasts visit http://www.itproportal.com

Splunk is an awesome name what did it come from?

Splunk comes from Speleology, which is caving rooting around in caves with a head torch on looking for stalactites and stalagmites and generally finding things underground. When our founders set up Splunk they were rooting around in the logs of computers trying to understand why a website had crashed and getting data from different sources. They likened that to ferreting around in a cave so the name came from speleology in America it is called spelunking and we shortened that to Splunk.

Splunk is known as a provider of services around big data let’s begin by defining what you do in that area?

Well big data obviously does lots of it and by lots of it we can talk in terms of terabits so if you wanted to visualise what a terabit is, it’s about 600 hours of high quality audio recording. If we had to analyse that amount of data to find issues and challenges within it as part of our daily business operation then we would have a pretty tough job. So ‘Big Data’ is all about whether you can handle that quantity of data coming at you at fast arrival rates in order to protect the stock price of the company and optimise your revenue.

So tell us a little bit more about the type of clients you have and how your solutions have been designed to benefit them?

Well if you look at the pattern of our customer base there is a lot of financial services, retail and Telecommunications companies and I think that is largely down to the fact that they have huge customer bases and mission critical websites where they are transacting B to C. They have to know on a minute by minute, second by second basis what is going on within their infrastructure in order to detect security threats, to see that there is a performance problem with the website or to discover that there is a new customer segment emerging. Those three areas financial, Telecommunication and retail compete on the basis of service to their customers and they have to be spot on everyday within that real time web environment.

So James when you go into an organisation to help them out what do you start by doing?

The main thrust of what we do is analysing machine data. Machine data simply put, is the logs that every computer program spits out. It’s the trail that it leaves behind like exhaust fumes and by analysing those exhaust fumes you can see everything that is going on within a business. A program that runs an application that runs a website is recording every customer/ entry of data, user names, products, purchase and also time that is taken to move from one page step to another. So by analysing all of that stuff you can discover what is going on in your infrastructure in real time. It is real time because you are taking it direct from the machine as opposed to waiting for it to be aggregated and inserted into a data base and then analysed a couple of weeks later. So main difference between what we are doing and what we call operational intelligence is that we are looking at what is happening right now rather than the historical sort of business intelligence where you are more sort of looking at rear view mirror at what happened yesterday and last week.

Have you seen the importance of big data initiatives rising amongst those companies to which it is relevant?

Every major company has got some kind of big data initiative going on but not every single company is clear on what it is going to get from it. What we are doing is focusing with our customers on specific applications. An obvious big data application is security which is not a discreet area of its own, it’s in the website, it’s in your ERP application and it is across every part of your infrastructure. So big data is critically important and when you look at the volume of information coming at you in terabits and the need to keep on top of that on a daily basis it is increasingly important.

What do you think has been the biggest change or development over the last 12 months for you?  I guess mobile has had a significant impact?

Yes. Mobile has had a massive impact as has the Internet of things. There is this new type of machine data, which is all about transaction information, that you can suddenly harness and then correlate with your historical information data bases and also with unstructured human information. So to bring that to life, it is now possible for us to correlate what is happening on a website in terms of the percentage decrease in visits with the call centre stats that show an increase in calls coming through and then correlate that with the performance of the middle ware layer to see if there is a problem in supporting the website that is causing customers to go from the website to the call centre. Then in doing that it means that you can set up alerts so that rather than wait for a negative customer feedback a few days later you can instantly trigger a check to be made by IT to look at the middle ware layer and ensure that the website is back on track. It is really a new way of looking at the world as it’s a much timelier source of information than has ever been available to us.

Well your main client base includes some very large companies but what is applicable to smaller companies when talking about big data. Are there small companies that have big data to consider?

We have a lot of companies that are smaller in size actually. For instance, if you look at the betting market, those companies are not huge in terms of the number of employees or their geographic spread or even their revenue but they do have a big data problem. If you look at your average soccer match, it might have 100-200 different markets on it from first throw in, to first corner, first free kick, first goal and so on. When you multiply that out by the number of customers then you very quickly get to big data issue.

Has the global recession do you think opened up any opportunities for you at Splunk or has it been a hindrance?

I think what it has brought into focus more and more is the importance of the web as way of doing business and a way of grabbing customers from your competition. The one area of growth even through recessionary times seems to be the e-commerce area where more and more funding is going in to grab the competitions customers and to grow that one part of the business that does seem to be more recession proof. More people go to the web when they have got less money to spend rather than the High Street. We very much capitalise on that because if you are competing on the effectiveness of your website then you need to know that your infrastructure is behaving in the right way, you have got security threats covered and also that you are analysing the customer order patterns and how they are experiencing the website. That throws up a big opportunity for us and typically in a recession the other thing you see is the spending on cost control and security those two areas are very strong for Splunk. So, not only are we able to help companies generate more from their websites but also keep their infrastructure secure and take costs out of the operational inefficiencies in the business.

You will see from our results in the last year we have grown by 64% year over year and we are now just a shade over 200 million in revenue and we IPO ‘d last year and our stock price had the first day pop of 109% which was only matched in recent times by LinkedIn and unlike other high profile stocks we have not only maintained the level of our stock price but have actually increased it in the last year. Regardless of the recession we have done extremely well. I think it is a testament to the value that Splunk brings to businesses that needs a response real time.

So what are your focuses for the year ahead at Splunk in terms of growing the business and improving your services?

I think it is to capitalise on our position as first mover in machine data. We have also been recognised by the market as being the first true mover in big data. In the last year we have moved from a position of knowing that we held a lot of value to the security professional to actually being voted as number one provider worldwide. The opportunities are vast and I think what we need to do is get the message out particularly in EMEA we have 1300 customers out of the 5000 plus customers worldwide. 

We have to focus on continuing to give good value to those customers by helping them to achieve the operation and intelligence vision. This involves creating a platform upon which any aspect of the business, sales, finance, marketing or logistics can very quickly (and I mean within 15 – 29 minutes) build a dashboard that starts to show insights that they never had before. That is a huge opportunity for us just within our 1300 customer base and then going into markets such as security where typically our presence has been more modest we see an opportunity to clean up and become the dominant player.  We have a different view of the world in security to all of the other players and what we are doing is bringing all the information into one place. So, for a security professional that is very powerful because all they have to do is ask the right questions and the answers appear. That is very different from historic seam solutions that have to narrow down the volume of data because they are not built to withstand big data. With our map reduced technologies and our scalable solution we should clean up on the security market but then look to become a platform across our customers for all of their real time operations and intelligence needs.

To finish us off then by looking into your crystal ball, how do you see the security industry changing over the coming years?

Well back in the 1950s Alan Turing posed the question; “Can machines think” and if you think of the Terminator etc then it would definitely be useful to know what the machines thoughts were and those thoughts would be stored in logs. I think more and more as awareness of the value of machine data gets out there we will see that companies are looking to organisations and especially Splunk to harness the value of that data. Just think about the potential of a sensor on a car park at a major retailer – if you are taking data off that sensor about how many cars are moving through, you could correlate that with last year’s data and the revenue that was gained on that day and forecast how much you are going to sell on that particular trading day in advance. So that at 8.30am you already know what your sales are going to be at 5.30pm. This is all about taking data from machines. When you look around you at the machines that we use it’s your car, your mobile phone. So the more machines out there with sensors on them generating machine data the more there will be a need for Splunk. I think looking into my crystal ball it would be that light bulb going on across major organisations around the world that will create our biggest opportunity.

For related articles and podcasts visit http://www.itproportal.com

Lets start with some background on Entrust?

We have been around since 1994 so we are one of the old guys of security I might say and we do about 40% of our business with governments so people like HM Land Registry and Revenue and Customs, the Home Office use our technology most UK citizens have a password that you uses our technology to authenticate and encrypt and protect their information on that password.  We do a lot with banks from securing their emails to their desktop and laptop stuff all the way to the web server certificates that protect the communication and their web presence that they deal with clients on.

So lots of people will have come to this podcast from various areas of IT Proportal so what we should do first of all is define exactly what we mean by enterprise mobility?

If you look at the enterprise mobility market it is increasingly “Bring your own device” or mobility that is provided as a choice of computing within enterprises. When we look at mobility it is perceived to be one of the more insecure platforms and you don’t have to read too many papers to see some headline stating that some mobile platform has been broken. What is interesting is that it is actually a more secure platform than desktops and laptops. In important identity based scenarios you can obviously still amass information like your pictures and information of contacts and both these can be stolen because you are on a shared memory part of the phone. Or, if you are using social networks that have APIs that can access your pictures or your contacts to them then malware can enter there. When you put your own individual identities in the non-shared memory side, that it is much more secure and we have not seen to-date any breach of your personal credentials on those mobile devices regardless of operating platforms whether it be android or IOS.

Are mobile devices safer due to the way that they talk to the outside world?

With smart phones, let’s assume it is not jail broken. A lot of people think they need to jail brake phone to get applications but once you get a jail broken phone then all bets are off in terms of security. But it starts with an architecture that has a shared side and a protected side and it starts with something called a sandbox. As many people would know Sandbox is much more secure in terms of looking at the applications, trying to check them and ensure that they don’t contain malware. Also then if the application is in that Sandbox, not having malware jump across applications in the Sandbox. Despite popular misunderstandings we are not aware of applications jumping across each other in that sandbox, usually it is when you have an API on a social network that connects between applications that how it happens but not in the sandbox itself in the store where those applications sit.  I think it is also important that it is not just the enterprise employees. I know that I as a consumer and you as a consumer increasingly want to use my iPad and my IPhones as the way to communicate through the web to do whatever I am doing whether it is my banking, my insurance, my health or playing so I am thinking increasingly businesses, banks and governments are going to have to look and are looking at how they mobilise their applications because that is the number one drive for consumers.

What are the main issues and threats that are affecting businesses at the moment in your opinion then?

It is interesting when you see as much as we do in the States that every day there is 300,000 variants of malware being created. When you are dealing with that kind of volume of malware variants being created it’s just simply not possible to keep the perimeter up to date to keep those things out so the corporations are in an arms race between the bad guys trying to get in. That malware, whether it is Zeus, Spy eye, Man in the browser, Man in the middle - whatever type of alphabet soup malware is really trying to compromise or steal your individual identity by someone either external of the business or internal to the business. They want to do that to steal the money, the IP, or to impact someone’s critical infrastructure if you are a country.

Where do you think that the holes are in the defences of organisations at the moment? What are businesses not addressing enough currently?

I think people are still hoping that they are not breached and that their perimeters are holding up because they can’t find the malware inside. At our conference this week we were working through and talking with our customers like banks and government about how you can take and protect your digital identities ensuring that the transactions that you need are identity assured, not compromised and are secure with your digital identities. We do that with using a combination of your desktop security that you have today and the perimeter but we use that mobile device to put some secure mobile credentials or digital certificates, think of it as like a smart card on a mobile device. What that allows you to do is to take those sensitive transactions that would normally be completed and dealt with online through your desktop and laptop and that network to an out of band channel like mobile and to use digital signature and authentication techniques for those mobile virtual smart card for a generic answer to complete those transactions so they cannot be compromised by malware.

I know you an advocate of next generation firewalls what are the conversations that the industry are having around them at the moment?

I think where next generation firewalls are right is within the map that I have explained earlier. A traditional AB firewall or Intrusion just cannot keep up with those variants because every time one of those comes in first you have got to find it and then take that in digital signature map and that can take 7-30 hours per signature. Then you have got to get it back out into the systems and people have to deploy it.  These latest threats don’t have traditional community control, so traditional IP white lists and black lists are not useful relative to that because they are stood up in 3 hours and torn down in 3 hours and it is just not practical to deal with that. So many of these next generation firewalls are really trying to either explore the Malware or watch the Malware and they claim to be signature-less, but in reality if you are putting that in somewhere and incubating it and waiting for it to do something (I call that sleepy malware) it is not hard to program around that.

What we believe is that while they are collect and why that will help it is good layer it is better than what existed before on the layers on the perimeter that is still not going to protect you if that malware gets in because it is in so now your IP your money or your critical infrastructure how do you stop it you cannot stop it from the perimeter. Second, if you just look at the math you will not be able to keep it out not even with the more advanced perimeter technologies that are there. So our view is go and protect the identities or your employees or your clients or your citizens and then use mobile as an out of band technology with the proper mobile device security so the device itself is secured. Then use your mobile smart credential that has your personal information that can authenticate you and sign important transactions and there you can completely beat the malware even it is in your network.

The big change here I guess is that it is no longer about protecting data it is about protecting both data and identifies at the same time isn’t it?

That is really a very good point, so many people now are saying that people are getting through so I need to work on that identity and focus on that but then the other thing they then say is that must encrypt all my data, well if you have encrypt your data you are going to have to manage it over time and that is quite important. The second thing you have got to think about is what is the standard of encryption that you need to use to make sure that you are protected. At the end of the day someone with their proper identity encrypts and unencrypts that information when they want it so if you don’t have the identity side strong and identity assured that malware can encrypt or unencrypt at will.

You mention that you work a lot with financial institutions and governments, are those organisations doing enough to protect the ordinary man on the street?

I think financial institutions have made considerable progress and if you look at the faster payments in the UK and its regulations, I can assure you that the UK has much better legislation and regulation than we have with FSIC in the US. I think that on that stand point the UK has done a very good job and the banks have done a very good job of upping the pace of defending themselves and their clients.  The problem is the rate of change on the bad side keeps escalating. I think the UK governments are increasingly trying to do a better job but increasingly there are more bad actors and once some of this malware goes into open source the people that have to write it it don’t have to do much anymore, it is just point and click.  You can go online today and buy Malware with support 24:7 that will guarantee you through the top 40 perimeter technologies that exist today. That is a hard thing to keep up with for governments and banks. But I think the rate of pace that they are on is certainly better than it was even 12 months ago. Critical infrastructure on the other hand I think we need to pick up that pace as there is a lot of risk in those systems. It’s a complicated architecture with different components and I think we all need to double our efforts in the US much like the governments and banks have done here in the UK.

Well I always think it is fasinating field to work in where you are in this one to one battle with criminals who if they got the freedom to do what they wanted to do could actually cause big problems for the globe couldn’t they!

Yes. We just announced that we are working on the security on the Afghanistan National ID and the UK, the US and quite a few other countries have put quite a few lives into giving them democracy and hopefully some freedom away from the Taliban. That national ID is a pretty important thing to keep voting as a democracy, identity, healthcare and many of those government services running.

You have had a lengthy career in security so; based on your vast years of experience what can you see as the main things to watch for in the future?

I think security providers have to realise that it is an arms race and we have to find ways to embrace next generation architectures to take advantage of the security capabilities. Back to where I started, if I asked a 100 of your listeners today probably 90 of them would think your mobile phone is probably more insecure than your desktop or laptop and that is where we have got to really take the time as security people to make security fit the needs of businesses and government to make security easier to use. We also have to really think through how to take advantage of these different architectures for an advantage like these other people are taking advantage of them for not hacking for harm but hacking for non altruistic purposes.

For related articles and podcasts visit http://www.itproportal.com

Firstly tell us about the background and the purpose of this report?

The purpose really is that we are trying to convey to different organizations out in the market place that with a company like Intel we also have an IT department and we also have challenges consistent to all sorts of organizations. We have the same type of challenge around making sure that we are having appropriate costs to doing business. We want to be innovative, but again we sometimes have to challenge the way in which we are having to get that type of work done just like any IT organization. I think we have got messages that we want to share about how we have done that and hopefully anybody that is keen on reading this can see something that hits organizations across a variety of different topics.

So to summarize this very detailed report how does it reflect the developments within Intel over the last 12 months?

With regard to Intel, the report reflects some of the initiatives that we have been working on between IT and between some of our design and manufacturing elements. When we looked at stories relating to cloud computing or big data and predicted analytics we are talking about real world examples that we have had experience of within Intel that has helped us build up what we want to do for our organization as an IT group. Also how that can take advantage of some of the technologies that Intel provides.

What can other businesses learn from this report and from the journey that Intel has been on over the last year?

I think the main message is that the themes cover many of the topics that are very prevalent in the market around cloud consumerisation and so forth. Some of the messages are around what we have learnt with regards to implementation of key technologies. So as an example, in the space of big data we have a few different pilots throughout the organisation in 2012. One that was highlighted in the performance report is around a group of 5 people that we targeted to go and look at the way in which we were doing our chip design and validation processes. What we have been able to establish through that is that by taking advantage of some of the data capture that we have been doing along with some of the sensory information that we have when we were doing testing, we were able to increase the throughput of our products within the environment. We are getting more and more demand from our customers to supply new products faster so it is helping us to provide that throughput and giving us real business cases that we can take to the people who really make the decisions in Intel about why they should invest in activities like big data. I am hoping that the people who will be listening to this podcast and would read some of this annual report would see how to stimulate growth and how they can get their job done better within their organisation and help support their business growth.

An interesting part of the report was the way that Intel is using the predictive analysis to ensure the reliability of test processes. Tell us a little bit more about that?

Intel likes to be considered as a high quality brand so quite often we are ensuring that our test processes are very very thorough, as any manufacturer would do. But through those processes there is so much more information that we are able to take from what we are doing. Within a validation environment you will have a number of different sensors around you from things like temperature through to conductivity from some of the materials that we are and the validation process can happen over many weeks. Now during that time these sensors create an incredible volume of information, we are probably talking terabits of data that we have to trawl through with regards to the types of results that we are seeing that helps us tune the manufacturing processes better. For Intel we want to make sure that we have got a high yield from the silicon manufacture that we have got so we have got more high quality chips coming off the silicon wafers that we have. Getting that information and making design changes where necessary and reintegrating that into our manufacturing process allows us to get the product out faster and bring new products on line quicker as well.

Well of course mobile features highly in the report as well, talk us through some of the developments within mobile that Intel have detailed in this report?

Mobile is an interesting space, anybody who watched the tech industry would know that Intel are very keen to get involved in the mobile space with regards to phones and tablets. It also covers an area of the consumerisation of IT and “Bring Your Own Device” so we have had a huge leap in the numbers of devices that people are bringing into the environment that they want to use to actually help them get their job done. This has actually changed our traditional model of thinking in that we have to supply all of our applications and activity tools not just through a PC but over different devices as well. We are looking at things such as user experience, which is another thing that is getting traction in the market place. Take the role of some of the people in the field sales organisation for example, we have looked at how they interact with Intel back at the office rather than when they have got their laptop open. It has actually changed our working practice so that we do more now in the mobility space. The one thing that is always crucial for Intel and for many other customers is assurances around security. The security elements of mobile and “bring your own device” along with what we have been able to bring with us through the acquisition of McAfee has enabled us to design in capability’s that we can put on the silicon of the mobile devices that we create. So that in conjunction with what IT can do is an advantage of that security feature and ensures that the mobile applications that we provide our workforce are secure and more secure than on any other platform. We are creating a foundational framework with which to do that and now developers around the world in Intel can utilise that to land new mobile applications securely and in an agile fashion.

Obviously this report is a great way for Intel to shout about its successes but how do you use some of the lessons learnt from this report moving forward?

There is a lot of data as you say in there and there are a lot of measures that we are held accountable for as a result of our revenue and how much we were spending on our key resources. There was pressure on that as there is with any company. We look at that and think about how can we take the advantages of some of the technology out there and also how we can even encourage some of our design and manufacturing arms to bring us new features that allow us to do things more cost effectively. We have looked at things like data centres where we have even increased the frequency of the refresh of products in our data centres. Whereby it used to be maybe a 4 or 5 year cycle because of some of the power efficiencies that are now coming through the products that we are selling, we are able to do that refresh earlier bringing more performance. The power consumption savings that we are making in those data centres offsets all of the cost of that. It is allowing us to hit multiple vectors by taking advantage admittedly of a lot of what Intel provides but in many ways it is a circular discussion because it is only really valuable to the market place if we can prove within IT and Intel that we can also take advantage of it. Otherwise it is like you say too much of a perceived feature that an organisation is trying to sell rather than something that has an actually meaningful business benefit.

For more information and for businesses who want to look at this report in a bit more detail where can they go to have a closer look for themselves?

We have got a number of different websites around the world and you can start with Intel.com and Intel.co.uk there is an IT centre part of the Intel.co.uk site where we encourage IT decision makers, people involved in IT activities and hardware procurement.  We encourage them to go to those sites and you have a variety of not only annual report information but some white papers that we are producing that indentify in far more detail than we have got the opportunity to talk about today. There is far more detail about how we have gone about utilising new technologies and there are some articles there about how we are working with Apache for the cloud environment and people can see what our journey has been in adopting this and exploring what benefits it can provide and actually implementing it in the environment and making use of it to business value.

Looking forward may be 1,2,even 3 year time what would you like those future reports into accelerated business growth through IT to show, how would you see things developing?

That’s a very interesting question. From my perspective if we put things in a report like this that don’t have any relevance to any IT organisations out there in the market place then it is not going to be useful and people are not going to read it. What I think is the more enjoyable aspects about working in IT in Intel is that we do have the opportunity to work with the design and manufacturing arm so if we think there is a feature that we think as an IT organisation we could influence the designers in manufacturing to implement in the hardware then that is something that we take a great focus on and we try to develop. Now sharing that sort of thing in the annual report is I think, a great way of showing how we can feed our IT learning back into the big manufacturing part of this organisation. I would hope that through connections with peer organisations out there that are experiencing many of the same problems as us, we can share that and demonstrate some partnership within the organisations that help lead to that innovation. Some of the things that our IT department are demanding have then led to innovations within our hardware and I would like to see even more of that.

For related articles and podcasts visit http://www.itproportal.com

Introduce us what the Dispute and Resolution Department of Oxley and Coward solicitors LLP do on a day to day basis?

We deal with disputes surrounding most areas including commercial contracts and specifically employment contracts, so we also deal with copyright issues, contract dispute issues etc.

So this case in particular where this employer challenged an ex-employee to hand over his emails when he left employment.  The first question would be – did he have to hand them over and if not why?

No, he did not have to hand over the emails because there were no contractual obligations to do so.  This case in particular was a Dutch case, it may have slightly different implications in the UK but we do take the points that were made in this case as reported. In the employment contract there was not adequate protection to have contractual obligation for him to hand them over and basically the Court decided that there were no proprietary rights in any email. Because of the difficulty in actually enforcing those rights they had a number of questions, such as who actually owns it the sender or the recipient and how do you police and control that.

So in light of that ruling then what are you advising businesses that they do now to ensure the ownership of their emails?

Just make sure that they have contractual rights. For example, if it is an employer and employee relationship then ensure in the employment contract that there is a contractual obligation in there regarding the use and retention of emails in there, particularly in relation to emails that should be handed over and also from an operational point of view that emails of archived on a daily basis. If you do have personal email accounts make sure that emails are not sent from those accounts and that they are sent from the company accounts where other people have access to it if needed.

What were the worries here of the company regarding these emails and in particular what was to stop him handing them over but keeping a copy for himself?

Confidentiality in itself if you have confidentiality provisions in the contract you would then have potential claims if those were breached after termination of the employment.  I think in this case they were actually looking at the specifics of the emails. They had got no record of the dealings that had gone on and because the employee was not obliged to hand them over they then potentially would have had to have gone back to the other party to ask them for copies of these emails, which if a dispute has arisen is unlikely to have happened so, it does make it more difficult really to see what has actually gone on between the parties.  In the UK if you had that then you ended up with a Court case over the dispute of a contract for example there are provisions in the UK law where you can actually ask for those emails from the other party but it is something you should really have at the start so, it is better to have these contractual obligations in place.

So what are the practical implications for employees, should this change the way employees use work emails?

Potentially yes, more so not using personal email accounts and there may be additional obligations that they have to copy for example, if they do use a personal email account they have to copy in somebody within the company. They may have central IT department in that company for example. It may be that there is an obligation to copy them in or copy the company in to the company email account. Other than that it really is down to the employer to deal with all the other practicalities such as having them backed up and stored daily.  I don’t think there is anything further for the employee to do other than if there are specific obligations.

Having used emails in businesses for many years already why are these issues only coming forward now do you think?

Unfortunately, I think more and more people are looking to litigate now, it seems to be the case especially in the times we are in at the moment. Particularly as employees are becoming more aware of the rights that they have and perhaps previously employees would not have thought twice about handing these things over.

Could this be extended to other sorts of communications like text messaging or instant messaging maybe even iChat and Skype for instance?

I think there is scope for that yes, particularly as people have smart phones and use emails on those as well. Again, its a contractual thing and normally with commercial contracts you would have the ability to negotiate those contracts at the outset but not necessarily with an employment contract, unless you are more of senior manager where you may have a little bit more leeway to negotiate things like that.

Well something for businesses to consider then, but good archiving and data management practices would go a long way to solve a lot of these issues wouldn't they Dawn?

Yes and also looking specifically at anything that is written down in the form of a contract making sure that you have sufficient terms and conditions there to start with rather than trying to rely on something towards the end that you do not have in your contract. Review employment contracts or, if you do have standard agreements that you use for commercial purposes perhaps review the terms in that as well.

For those listening now thinking that they should perhaps address this in their own organisations what would your final piece of advice be to both employers and employees in the light of the outcome of this case study?

For employers I would say check your employment contracts. From an employee’s perspective there is not much to say other than they know their employment rights so if they don’t want to hand them over they do not necessarily have to, unless there is something in their contract.

To help us answer this Fabio Torlini, VP of Rackspace joins us to talk about what their clients are experiencing and how they are helping the industry address and solve the skills shortage created by the rapid pace of change.

For related articles and podcasts visit http://www.itproportal.com

Let’s set this into context first of all. We hear a lot about the growth of cloud technology within business but what are the levels of usage at the moment?

In terms of cloud, recent research by IDC reports that about two-thirds of companies are starting to implement some kind of cloud solution already, so it’s becoming more and more popular. And it's something which is growing if you look at all of the forecasts, whether they are from Gartner, IDC or Forrester, or whoever, cloud is going through the roof and will continue to be a main part of IT technology for the nearer long term.

What we are finding is, as people have started to implement cloud they are utilising it in a similar way to previous technology - like dedicated servers - and so are not gaining or utilising its full potential and capability to ensure they are maximising their cost saving and improving performance. As companies are starting to become more and more cloud savvy, they want to utilise the technology in much more depth and to its full potential. This is where they are starting to encounter issues and problems in terms of skills sets and resourcing.

So do most of these businesses manage these in-house already?

Well, cloud is a technology platform and whether you are building your own private cloud platform in-house or whether you are utilising a public cloud platform - be it Amazon or our own Rackspace platform - before you get involved you need be aware of the toolsets out there and whether you need to develop API’s for that particular cloud in order to tell it what to do. You need to become familiar with these tools so you can understand how to architect it properly and scale it up, so your it is as flexible as you need it to be.

What we are finding, now, is that certain companies, which have been utilising the cloud for a while, are starting to realise that public cloud is just one aspect. To really get the optimum performance level and cost saving, you actually need to start integrating different cloud infrastructures, be it private cloud with public cloud or maybe even utilising some of the more traditional technologies with cloud. To do that, you really need to know what you are doing and IT companies are running into a few issues here.

Is the shortage of expertise within cloud driving up costs for businesses and is this proving to be a barrier for organisations looking to migrate?

If you employ cloud experts, I think an increase in staff costs can be expected, but the other option is of course to train your internal IT teams. This won't raise costs massively and will drive employee engagement - all IT staff and developers want to learn about the latest technology and [with the right engagement] they can develop themselves and be better IT personnel while improving their job prospects. So if you want to invest in your staff in this manner, I think you will actually reduce employee churn.

So what is Rackspace doing to bridge this knowledge gap within the UK?

Two different routes. First, we have launched the cloud academy in the US and we will be looking to bring that across to the UK at some point. But in the short term, we are offering OpenStack training and will be flying out our people from the US on a regular basis to provide OpenTrack training sessions in our offices, which people can come along to.

Second, we are also developing a team, here, called a 'Customer Success Team' and their only role is to work with our cloud customers to actually give them help and advice as to how to develop their applications on top of our API platform, and to really make sure they're getting the most out of our infrastructure. So we're actually helping customers looking to develop a cloud infrastructure as well as those who are already using our cloud infrastructure. Both customers can get the most out of it while making sure it's as cost-effective as possible.

Is there a lack of awareness among companies of how to get support and expertise into their teams in order to support cloud technology in their businesses?

I do think it is a young industry and the UK is slightly behind the US. If you look at the US and the number of companies that actually do OpenStack implementation and OpenStack training, it is quite a large number and they are getting significant amounts of funding as well. If you look where we are today, Amazon was the first from a cloud perspective but since we launched OpenStack you have companies like HP, Red Hat, Dell and IBM all supporting OpenStack and allowing people to download it - and their own versions of it - from their websites or actually creating OpenStack public clouds. So, there's a lot of momentum there but it's early and a lot of these companies are cropping up and they are getting the funding but of course it will take some time [for adoption and distribution]. We are doing what we can to help ease the situation.

Cloud is going to continue to grow – what can we do to start addressing the skill shortage for the future?

There is a lot that can be done and we've been reaching out to universities to see what we can do to get cloud computing on the curriculum. The more we can do and invest, earlier; the more our IT personnel in this country will be ready to handle these new technologies. And the more we can get out of these new technologies as a country; the more it will benefit us and help us grow. I think it is very important that we get to the grassroots level to actually help the universities get ready to train their staff on cloud technologies.

Surely other areas of new technology within IT must be seeing a similar skill shortage due to the rapid pace that everything changes at?

In general, yes. IT has always had that issue. IT changes on a continual basis and there are always new technologies and versions coming out. Once upon a time, Lotus Notes was massive; then it was Exchange, and now those services have become old and technology has moved on. Technology changes a lot and obviously IT staffing, internally, needs to keep up with those new technologies. From that perspective, I think it is very important that investment always needs to go into your staff.

For related articles and podcasts visit http://www.itproportal.com

Firstly give us some of the background on SSH?

SSH are the inventors of the SSH protocol. The SSH protocol has been used for remote log on for Unix admins for a long period of time. However it is also a very well known method of secure file transfer. The company has evolved itself over the last year or two and in terms of moving more closely into the identity access space. In particular, we see that a lot of our customers are having challenges in managing the complexities around their environment. This goes into the areas of access control, auditing SSH usage, how we manage host keys in the environment and a very hot topic, which we are touching upon with our customers is how SSH user keys are managed in the environment to date.

So, explain what we mean by Secure Shell Environments?

As mentioned earlier, secure shell is primarily used by remote administrators for remote logging in to Unix environments. That is one use case that we have. The other use case is secure file transfer.  This is machine to machine connectivity and data transfer from machine to machine. When we look at environments today we see that SSH probation is everywhere it comes pre-installed in all Unix and Linux environments it is basically to a large degree on all web servers and it is essentially the plumbing of the most critical infrastructure inside the network environment of organisations and it is where the most critical data of organisations is running through quite often.

What are your typical clients?

I would say those organisations which say have the greatest risk to date in terms of their key management but SSH is used everywhere and we see it widely used in financial organisations and widely used in government and in the retail space. If you think of any transaction that comes from a front pointed sale system, that data has to be transferred to a back end server somewhere and that is quite often being transferred through SSH. We see this machine to machine file transfer as making up 90% of automated file transfers within the automated access environment.

Quite vulnerable data then what sort of risks threaten these kinds of environments?

I think the challenges that organisations are facing around managing their SSH user access has been that historically there have been no processes in place to manage the SSH user key operatives. So we see in most environments that admins have had the possibility to set up the user keys on an ad hoc basis and there has been no inventory kept. Basically, you end up with the situation where potentially that admin leaves the organisation at some point and they still have their keys because there has not been a process in place to have the ability to easily remove these keys when an administrator leaves the organisation. The same goes for automated file transfers. We see very often see a situation where an administrator comes into a development environment and does the work there and everything works fine. They then implement this into the production environment instead of going out and coming back in through the production set up. What they will often do is use SSH and some of the nice things that SSH and tunnel into the production environment directly from a development environment and set up their own key pairs there. Now, they can work in the production environment and after that leave but that key pair allowing access from the non production environment to the production environment is actually left in place. This is of tremendous risk to organisations where these key pairs are left for years on years and you basically have the possibility of un-vetted access. Over time, these key pairs add up and you are basically left with a very complex mesh in the environment of trust relationships that are becoming more and more difficult to match.

So, the key is quick detection and quick assessment. Does your tool help clients make decisions on what action to take?

Exactly. What we are trying to do is give our customers a potential path to remediating their SSH environment. I think for any customer to have the possibility to do this, they first need to know what the size of the issue is in their environment. What SSH has done is build a very light weight risk assessment tool for our customers which is easy to employ in their environment to give them visibility as to the size of the issue.

You mention the various layers of compliance, can you explain more on what compliance measures are met?

We see if you take PCI as an example you see a lack of connection between authentication and access management so we see a lot of phraseology around the need to rotate your passwords, you need to have passwords of a certain length. Now we see the movement in the direction that will also have this type of language related to user keys as well. If you think about it in terms of what we mentioned earlier, keys are actually making up a much higher percentage of the authentication from machine to machine. So these are starting to get the same level of visibility as user name and password within the cloud standards and if you take a look across such compliance as CCI you do get to see more and more visibility coming in to SSH access management user keys.  Of particular interest is some of the work we have doing together with the ITS standards board around SSH access management and access user key management.

Are you seeing out in the industry and in your market place increased interest in these kind of threats?

Absolutely, we are seeing a wide interest especially in the financial sector and the government sectors around this topic because it has been a very nasty secret for a long time meaning that the administrator has had the visibility of this for some time. They often say that at the end of the day it is not their responsibility to remediate this issue so it has been definitely an education process bringing this more to the light of the organisations out there.

What threats are you seeing as the biggest problems in the future?

I think the biggest issue is that people who have the most privileged access in the environment are usually already on the inside of the organisation and it is more about how to build better processing standards to manage access on a need to have access type of basis. In particular what we see is how do we create that delineation and segregation inside critical environments between non production and production type of host. We see a great trend moving to the cloud we see a lot of outsourcing where third party vendors will come in and they will be able to do work on a customer’s production server and testing environments. These people from the outside also set up key pairs. How do we monitor how those keys are being used when they come into the environment and how do we have the ability to remove those when that outsource provider is no longer needed? It's about getting visibility of who has access to what and when on a need basis.

For related articles and podcasts visit http://www.itproportal.com

How did Silicon Mechanics start and where has this latest storage solutions range come from?

Silicon Mechanics was founded in 2001 as a rack integrator offering alternatives to what was traditionally known as 'White Box'. That was actually the core business today general purpose compute we are very very strong in that market. We branched off into a more of solutions focus over the last 3 years or so where we have got involved with high performance computing in the HPC world and we were selling a lot of HP feed clusters but were only having a patch rate for HPC clusters in the way of storage. We came on board and launched this storage solution which we called zStack as a way to compliment not only HPC but also  a much broader market. What we have today from a storage prospective is basically a new paradigm in storage and it is about decoupling software from the hardware and delivering it through an open solution.

What were the gaps in your offerings before zStax Storcore that led to the development of this product?

There was basically a solution that we were offering that really was not a true great enterprise solution. It was software that we were deploying in respect of hardware but it really was not what would have been considered a true enterprise grade solution to take on the likes of NetApp, Isilon, Dell Compellant and some of the legacy storage vendors. So, we took a look at the landscape and the changing market to see how things have evolved on the compute side where it was a very proprietary world you know you could go all the way back to AS400. Then you get into proprietary Unix and then eventually the evolution of Linux. Really, what we are doing on the storage side, is delivering an enterprise grade storage solution that is very similar to that methodology. What we are doing is actually taking enterprise class storage software and deploying it on industry standard hardware and delivering a complete branded product that we call zStax to the end user that is absolutely a challenge for a competitor for that tier one legacy storage area that has traditionally been dominated by the legacy storage vendors.

So, one of the key benefits is that it doesn’t require any specialist hardware?

That is absolutely correct and the way that the software is licensed is another key benefit. In that it is perpetual so when you buy a licence it is basically just a capacity based licence and that licence is transferable forever and deployed on industry based hardware so when the next generation hardware becomes available, the end user has the opportunity to just pick up that software and drop it on the new platform with no re-licensing or no additional charges. The benefit to that being as end users you will know that basically the legacy storage vendors tell the customers when they need to upgrade. They do it through raising support and maintenance prices. There are a lot of things that legacy storage vendors do in order to get customers to attack. If they need a different feature set then that is an opportunity for them to evolve to a newer platform that in turn requires them to re-license the software.  In our model that will never happen. We are never going to go down the user enforcement route and that puts the power and the decision back in their hands about what they want to do and when. They can then upgrade because they need too or because they want to go to newer technology that actually has a warranty associated with it and so on. It really empowers the customer to make those types of decisions and not the storage vendor.

What are the sort of business and associated data is this aimed at the most?

It really is a horizontal solution but really what it gets down to is back end storage for virtualisation. Net App became a multi- billion dollar company essentially providing storage for VMware and now we are seeing the likes of KDM coming into play, HyperV is gaining momentum, there is quite a bit of Zenserver out there and we play extremely well on all of those Hypervisors. We just did a case study with a company called Global Legal Discovery and it is a very interesting case study about how they are doing e -discovery which is a very demanding high performance application. But, they also needed to tier up that storage meaning that their high performance requirements but they also have long term archive requirements and what we can do is we can tier out our storage so that we can meet both of those requirements on the same platform whereas with the legacy vendor they really might only be able to afford the storage on the net app for their tier one environment and then go out and look for another vendor to look at their long term archiving. Then they still need back up. What we can do is we can tier up that storage and deal within the same platform or we can set up another site for disaster recovery and replicate it and again there is no additional charge for that, it is all included in the base product.

You were talking to a lot of people I understand at the Bio IT Show about the storage of medical records and research data?

There is a tremendous amount of data being collected in that industry. We are not talking about terabytes now we are talking about petabytes. We are changing the thought process in that, the arena has been dominated by Isilon where they scale architecture where they feel they need very expensive multi-node cluster storage file systems. So, you might have 10, 12 16, 28 node clusters on your storage and that just gets remarkably expensive. Because of the way our underlying file system for storage handles data we can actually accelerate read and write performance giving us the ability to do what Isilon can do on but on just a 2 node cluster.  We can do it very efficiently and we are doing a proof of concept right now with a major university on the west coast of America where we are in the process of replacing the 7 node Isilon cluster for their back-end storage.

We also have the ability to sequence directly to the platform on industry standard hardware which is very affordable. Traditionally it may be a Linux server with maybe a bunch of discs that we have been able to make into a very large, high performance storage cluster which is also affordable.  We are able to take whole genomes off sequencers that are anywhere from 100 – 140 gigabytes. I think some sequencers are able to do 7 genomes at a time so you are looking at terabytes a week per sequencer. This was traditionally sitting on what we would call JBOD (Just a Bunch Of Discs) storage but now that we are able to make that highly available and be high performance so we no longer have to move data between tiers. We are able to put data in a high performance storage cluster and pipe that over to an HPC cluster for post process statistical analysis.

Was the ability to work with shared storage important as well?

Exactly since the industry was unified the ability to do multi protocol on the same file system is critical.

The technical spec details and ingenious inbuilt system for monitoring failures as well  - tell us a bit more about that?

It does and built into the platform is what we call "phone home support" as default which is 24/7 response. What it actually does is it sends emails out if we loose a power supply, a hard drive or whether the cluster lost a heartbeat. We particularly know if there is a problem with the platform before the customer actually knows so we pro-actively monitor the hardware and we can actually get parts moving even before the customer calls us.

I understand you are having a working partnership with Seagate as well?

We do. Seagate is a wonderful vendor and they do represent the entire product line and everything from solid state discs to 15000 rpm, large form factor drives and 2.5 inch form factor drives. Then there are our favourites which are the 3 and 4 terabyte near line SAS drives. So we are able to deploy an entire range of storage tiers from a single vendor. That gives us a single point of contact and also gives us similarities in firmware so we really understand the drive characteristics throughout the different tiers of Seagate.

We are actually part of that Seagate Alliance programme which is very valuable to us. What that gives us is access to Seagate Technical Engineering where we can actually advance samples of not yet released products and we can do performance testing and benchmarking by working directly with Seagate technical staff. There is a tremendous advantage to be a part of that Seagate Alliance and we rely heavily on Seagate as our storage vendor to satisfy those requirements.

Talking about new product development then what were the changes in the storage industry that have really driven your journey to developing this new product range?

This goes back a little and I spent 22 years at Hewlett Packard selling a very high end mission critical proprietary solution that still runs today. It runs the New York Stock Exchange and electronic transfer networks. Those proprietary solutions were extremely reliable and highly available but as other solutions came into play and the linux evolved then that proprietary solution became harder and harder to sell. So, from a personal perspective that was what set me out looking for different landscaping. What happened over here on the compute side and in what I experienced in my 22 years at Hewlett Packard is that there is a transformation taking place on the storage side. Storage today is truly the last bastion of proprietary data and if you look at what has happened at Isilon and the other storage vendors, really all they are are software companies. They have developed storage software and they deploy it on their hardware so they lock you into that environment.

What we have done is partner with a company called Nexenter who actually took the open source DSS code when it was released to the community back in 2005 and started developing a product around that. They actually put some really nice management tools around it that gave us the ability to actually cluster it with a very reliable highly available cluster plug. We can actually use that to cluster our nodes to deliver a true 59 type of storage solution and that is really the evolution of storage. It’s called software defined storage and what that does is give us the ability to end vendor locking by partnering with our software vendor Nexenter and actually bundling that but with what we deliver to the end user as an appliance. All the customer then has to do is rack, stack and plumb while we figure out the rest of the configuration with them on the phone. We will figure out exactly what the storage is up to, whatever their environment is and whatever protocol they want to use.

Historically storing data in the volumes we are talking about here was hugely expensive, given that we are living in times of global recession have you found that the recession and the need to cut costs has opened up more opportunities like Silicon Mechanics?

Absolutely, that is the number 1 driving force. You would be hard pressed right now to find any company big or small that does not have some type of storage initiative in place now and they are evaluating how can they drive down the cost of storage it is killing them in IT. They are all looking at it ,take for instance on the compute side or even the desktops or laptops those decisions in a recession can be put off, you can basically say we need to replace those servers because they are not on maintenance anymore because they are still doing the job - we can delay that purchase. You don’t have that option with storage when you are out of storage you are out of storage. So what companies are doing is they are looking for alternatives and what we are doing is we are providing an alternative that can deliver 50,60,70% cost savings over what they are currently spending with the legacy storage vendor.

Looking forward what are the challenges that you will be facing with your next products and what are the challenges the storage industry as a whole will be facing do you think in the next two to three years?

Now we are talking about object storage and what we have is an ideal solution and hopefully I was able to clearly define where our market really resides it really is with our zStax Storcore offering and it think it is a horizontal solution that fits multiple verticals. So we will be considering what do we do with that product, and that is back to virtualisation. Now we are moving into how we can move into the HDC world but there is also an extreme demand for what we call big data and what are we going to do with these massive volumes of data. This data is basically unstructured as it’s not in oracle databases.

Coming from Bio IT World Expo we are starting to see some pretty advanced software that can decode an entire Genome on a laptop in about 5 or 6 hours. It is significantly faster on something like Silcon server and now what they are wanting to do is do bigger and bigger data sets. How do you find genetic mutations in thousands of Genome? So now we are talking about huge data sets each Genome is about 100 gigs so now we are looking at some sort of scale out database. The ability to scale the data across several nodes is something we are looking very closely at to actually bring some statistical analysis beyond the box and include parallel processing on massive data sets.

For related articles and podcasts visit http://www.itproportal.com

So there are few products that you are announcing what have you unveiled at the Retail, Business and Technology Expo?

One of the big announcements is that we are focusing very much on the High Street in particular and looking at the way that consumers are buying more and more products on line. We are looking at retail sales on line and that is predicted to rise to 30% by 2020. So we are looking at helping the High Street by giving better customer service to their consumers, and to have more information, better information and more accurate information available in store and to the managers and owners of those stores as well. So, for the retail show this week we are launching the CBMS Cloud Reporting and CBMS Casio Business Management Solutions that take our ECOS hardware and connects it up to our own cloud service. It is aimed at retailers who are small and large tiers 1, 2, 3, and 4 from your multiples to your small independents and we allowing them to access their retail data in real time on line through account services.

What impact do you hope this product will have on the day to day work of a retail manager then – what are your aims?

It allows managers to look at things like pricing and control. It allows the retailer to monitor their profit on a daily, weekly or monthly basis. It allows them to do things like enter price changes on special offers so if they are overstocked on a particular item they can order a promotion such a multi-buy or similar. They can do that remotely and access the cloud service in real time very quickly. For example, a restaurant could do special price meal deals for where they are quiet between the hours of 7-8 on a particular day for instance.

How is the retail market seeing the development of cloud? What are the uses, impact and changes in business that you’re seeing it bring?

Cloud is used by individuals as we all know, with things like iTunes and for the Kindle where you are buying eBook and storing them in the cloud and pulling them down as you want to read them. What we want to do in retail is make use of cloud services to allow retailers to get better and more accurate data in real time. Taking that from B2C into a B2B situation is where we are finding the exciting way forward in the High Street. To give you an example for a fashion retailer, a customer might choose an item of clothing that they like but if the retailer has not got their size in stock or the colour they want they tend to walk out of the store and the sale is lost. With the cloud services using the VR100 ethos and the tablet, you can go in and see the product and if they have not got it in stock you can, (in real time) go into the cloud and see which store you can order it from and have it delivered to your home address or arrange to have it picked up while the customer is still inside the shop. That way you don’t loose the order you don’t loose the customer. Help for the customer helps increase sales and overall increases their business.

How do you present cloud technologies to make them easy to use and understand for the retail market – it has to be simple to implement doesn’t it?

It is really supplying a service to a consumer so the consumer does not really see the cloud being used. To the consumer it is just another service provided by the retailer to make their life easier. So actually the term cloud is very much targeted at the retailer and how it can help their business and to the consumer buying goods it is invisible to them. That means the consumer can get a product at the price they want to pay for it, without having to look online. They can get the colour and the size they want and they can buy it now. If they can’t take it away from the shop right now they can pick it up from the shop later today or they can have it home delivered tomorrow. It is all about helping the High Street retailer grow their sales again with consumers.  We see this targeted very much at fashion shops, shoe shops, accessory shops and that kind of retailer. Also for the hospitality sector such as restaurants and pubs who are using it to look at getting the public along.

This time last year you were releasing the Android based EPOS Terminal and Tablet based systems. What impact have they managed to have over the last 12 months?

 Quite phenomenal actually. The VR100 got a lot of interest and we targeted it specifically at the tier 4 retailer. To give you some examples, 'The Men’s Room' is a Liverpool barbers and they used our VR100 within their salon business for booking appointments and managing commissions for their staff. It made quite considerable savings to their business.  We have a fashion store up in the north of England and they reckon they have saved a lot of electricity by using the android operating system as it has reduced their overheads and has opened doors to a host of new retail apps that they say is providing their customers with a real enhanced customer service.  Other examples include a restaurant in London and the Soho Hill bar who are finding it much easier to break down their menu into individual items to see where the profit is coming from whether it is teas, coffees, foods etc This helps them to create menus and it makes it easier to monitor their stock in and stock out so they can reduce perishable items and make sure that they deliver the freshest food to their customers. Another example is a grocery retailer and they are using it to target special promotions and use it for email shots and targeted messaging for their customers who opt in for special offer promotions. So yes, we have got a huge range of retailers coming on board using the technology already and it is an exciting time.

What is the vision for the future at Casio then for how systems like this will change the customer experience in store? How would you like to see this changing retail for the future?

I think that there will always be the online business growth and with using the big on line suppliers like Amazon we know why they are successful. I think if you look at the retail High Street today we can bring back the excitement of buying items like clothing where you have that touchy feely type of product where you need to see the goods, where you need to look at the quality where you need to look at the price in relation to what you are buying and I think we can help bring customers  back into shops using this technology. The technology is of quite considerable benefit to the consumer by providing a much better service from the retailer. I think the way forward actually is that we will find that consumers will buy products like books and CD’s as seen today more and more on line, but I think for items like fashion for example we will see the retailer becoming much more popular.