HOME EUROPEAN NEWS EDITOR’S COMMENT ALL QUIET ON THE WI-FI SECURITY FRONT ITU MEDICS USE TABLET DEVICES TO CONDUCT ‘VIRTUAL CLINICS’ FLEET CONTROL SYSTEM GATHERS GLOBAL DATA SWISS HAVEN FOR CLOUD DATA AFTER PRISM SCANDAL FLASH STORAGE SPLITS SUPPLIERS’ ROADMAPS MAKE SENSE OF OUTSOURCING OPTIONS CW THE DIGITAL MAGAZINE FROM COMPUTER WEEKLY FOR EUROPEAN IT LEADERS AUGUST 2013 THINKSTOCK Securing your Wi - Fi data network BEST PRACTICE IN MITIGATING THREATS TO THE BUSINESS’S WIRELESS DATA FLOWS
Transcript
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
CWThe DIGITAL mAGAzIne FROm COmpuTeR WeekLy FOR euROpeAn IT LeADeRs AuGusT 2013
Thin
ksTo
ck
Securing your Wi-Fi data network
best practice in mitigating tHreats to tHe business’s wireless data Flows
CW Europe August 2013 2
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
EuropEan nEws
Tougher EU penalties for cyber crime not enough, say experts
The European Parliament has adopted a draft directive to toughen up European Union (EU) penalties for cyber crime, but security experts point out that tougher sanctions are meaningless if law enforce-ment authorities cannot identify and apprehend the criminals.
Germany to push for better internet data protection
chancellor Angela Merkel has said she wants German internet firms to be more transparent about how they use personal data. in a recent TV interview, Merkel said she will push for tougher EU laws to protect personal data on the internet. her comments follow revelations about the Us Prism internet surveillance programme.
UK joins demands for Google to rewrite privacy policy
The Uk’s privacy watchdog has joined data protection authorities in France, spain, Germany and italy in demanding changes to Google’s privacy policy.
Dutch retailer picks IBM cloud for merchandise data analytics
netherlands online fashion retailer Wehkamp has chosen iBM’s cloud-based merchandise analytics tool to manage clearance sales. At the end of every sea-son the business faces the challenge of planning markdowns to clear stock and make room for next season’s merchandise.
The 25 most influential women in UK computing in 2013
computer Weekly recently held an event to recognise the most influential women in iT. click here to find out the results of the Women in Technology Awards.
Mobile operators cut roaming costs across European Union
The cost of using a mobile phone across the EU falls as European commission (Ec) regulations come into force. Another roaming price cut will come into force across EU member states in July 2014. n
AdditionAl resources
› gadget guide: tablets
› uk startups: essential guide
› guide to soFtware-deFined networks
› big data storage: How to build it
› a guide to saas integration
› vdi storage: preparation and use
› cw500: key trends For it leaders in 2013
› ltFs tape nas: How to build it
› computer weekly supplier directory
Azure powers eu cAmpAign to combAt counterfeit drugsmicrosoft Azure will be used to power a cloud platform built to combat the counterfeit pharmaceutical black market across the european union (eu).
The eu-wide european medicines Verification system (emVs) will be developed and operated by solidsoft.
The system will involve collaboration across the pharmaceutical supply chain from manufacture to dispensing, said paul mills, customer implementation service manager at The european Federation of pharmaceutical Industries and Associations (eFpIA).
Behind the benefits and pitfalls of the wireless network
Did the 2007 assault on the Wi-Fi network of the TJX retail group shock European corpo-rations enough to lead them to mend their
ways and tighten up the security of their networks? since the incident seven years ago there have
been no further high-profile Wi-Fi breaches and it does appear companies bucked their ideas up around the security of their Wi-Fi channels. But the very success of the Europe-wide effort should not be taken as a sign that the threat no longer exists. cW Europe’s security editor looks into network configuration best practice to mitigate the risk.
in this August edition of cW Europe you will find out why most corporate wireless networks are now under the control of the iT department.
The cost of Wi-Fi is an expenses time bomb, according to a report from iPass. A survey of more than 1,000 mobile workers reveals that 75% occa-sionally need to work remotely from hotels; 40% from aeroplanes and coffee shops; and 29% on public transport - all of which mounts up to a hefty Wi-Fi expenses bill.
in addition, read about the Uk hospital which implemented a Wi-Fi network, to help seriously ill patients communicate with consultants and rela-tives using tablet devices.
Read how enterprises are using swiss cloud pro-viders to host data – because of the swiss culture of privacy – following revelations over a Us govern-ment surveillance programme. cW Europe’s data-centre editor investigates how switzerland is turn-ing into a cloud haven after the Prism scandal.
Find out who won the computer Weekly Euro-pean User Awards for Enterprise software and read one of the winning case studies. congratulations to all of the winners. There will be more winning case studies to follow on computerWeekly.com. n
Kayleigh Bateman Editor of CW Europe Special projects editor at Computer Weekly
Since the assault on the Wi-Fi network of the TJX retail group in 2007, there have been no further high-profile Wi-Fi
data breaches. Does this mean the TJX breach was enough to shock European firms into ensuring the security of their Wi-Fi net-works, proving the axiom that it usually takes a big breach to spur action across the board?
on the surface of it, the answer appears to be “yes” in the absence of any headline-grabbing data leak incidents involving Wi-Fi communications.
since 2007, Wi-Fi products have matured and most European businesses have switched to the latest and most secure wire-less security protocol WPA2, instead of its
less secure predecessors WPA and WEP.Better out-of-the-box security, widespread
adoption of WPA2 and, more recently, encryption for Wi-Fi data transmissions have much improved the overall situation.
Most corporate wireless networks are now under the control of the iT department or information security, says Adrian Davis, principal research analyst at the information security Forum (isF).
he says the development has led to a marked difference, in that those networks are configured better – providing an improved level of security – and wireless networks, protocols and associated equipment are now just more secure.
Thin
ksTo
ck
While maturing wireless technology has tightened security the risks remain and must be mitigated with policy and user education, says Warwick Ashford
All quiet on the Wi-Fi security front
CW Europe August 2013 5
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
sensitive corporate data to cyber criminals tapping into the Wi-Fi network.
Encryption is essential and there should be no access to corporate systems over public Wi-Fi that is not though a virtual private net-work (VPn) connection, says novikov.
consequently, open Wi-Fi connections at hotels, airports and coffee shops are becom-ing the weak links in security for many organ-isations in pursuit of greater productivity.
These connections are typically unsecured, making users vulnerable to WiPhishing and man-in-the-middle attacks.
The cost of a data breach – either directly or indirectly through credentials sniffed on a Wi-Fi network – is likely to outweigh the cost of mandating a VPn, says novikov.
Access pointsAlongside the use of VPns, organisations should consider providing staff with mobile hotspots that use a connection to a 3G network to create a personal Wi-Fi network for them.
According to David Emm, senior regional researcher for kaspersky Lab Uk, using a 3G connection is inherently more secure as the connection is encrypted.
in the corporate world, the expertise to set up and configure secure wireless networks is also more widely distributed, says Davis.
“Wireless networks are no longer a prime route for hackers to attack and infiltrate a corporate network,” he says.
Davis believes organisations are more likely to be attacked via the internet or a compro-mised device, as these provide a richer envi-ronment in which to attack and compromise an organisation.
Encryption and VPNshowever, that does not mean that every business is immune from Wi-Fi attack, particularly small and medium-sized enter-prises (sMEs) that typically lack the exper-tise and resources of larger corporations.
The fact remains that as the use of Wi-Fi connections increases, so does the poten-tial exposure to data theft if the appropriate technological controls, policies and proce-dures are not in place.
Although compromises are not making the headlines on a regular basis, this does not mean they are not happening, particularly in smaller organisations, according to security firm kaspersky Lab.
For both large and small organisations, some common Wi-Fi security failings persist.
Encryption is still not used in all instances for the transmission of data across Wi-Fi networks, says sergey novikov, deputy direc-tor of kaspersky Lab’s global research and analysis team.
With the proliferation of consumer devices in the enterprise, the use of these to connect to corporate email and other systems using public Wi-Fi is also common, he says.
in both cases, bad practices are exposing
wi-Fi sEcurity
best prActice for wi-fi security
n encrypt all traffic; n enforce access controls; n set up a guest wireless network physically and logically separate from the corporate network; n place an edge device, such as a firewall, between the corporate wireless and wired networks; n enforce acceptable use policies for Wi-Fi access; n educate users about the risks of using unprotected Wi-Fi access; n ensure all Wi-Fi router and access point default passwords are changed; n update all security protocols to WpA2.
“The old Trick of creaTing a fake Wi-fi access poinT is sTill very common”sandeep kumar, consulTanT
CW Europe August 2013 6
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
wi-Fi sEcurity
and making them aware of the dangers of this practice.
“The proliferation of the mobile device makes it very difficult – especially given the current budgetary environment – to techni-cally control this behaviour. The best way for-ward is to take the user on the journey with you,” he says.
in the case of targeted attacks, kaspersky’s novikov says it is the top executives who are most at risk.
“Yet, it is the top executives who are often not included in corporate security awareness training programmes,” he says.
The future of Wi-Fi securityWi-Fi security may have slipped down the agenda in Europe because of increased attention on the security and privacy chal-lenges of cloud computing and consumeri-sation of enterprise iT, yet it remains impor-tant and should not be overlooked.
Despite growing maturity in Wi-Fi implementations, increased out-of-the-box security capabilities of Wi-Fi products and greater use of WPA2 and encryption, security challenges remain.
While some of these threats can be mitigated through technical controls and other measures, user education and awareness remains key in ensuring Wi-Fi security. n
This approach reduces the risks associated with open Wi-Fi connections as well as rogue Wi-Fi access points.
These are access points deliberately set up by attackers to mimic a genuine hotspot in the hope that prospective victims’ mobile devices will connect to it by mistake.
The sign-up page typically looks like a genuine one to trick users into entering their credentials or credit card details.
A similar type of attack uses an ad hoc peer-to-peer network masquerading as a legitimate network. Unwary users connecting to a malicious Wi-Fi network can still access the internet, but all their traffic will be visible to the attacker.
“The old trick of creating a fake access point (AP) is still very common, as naïve users still connect to these without giving it a second thought,” says sandeep kumar, a London-based security consultant. “now, with a proliferation of Wi-Fi networks, rogue APs can easily hide among all the legitimate ones and convince people to connect.”
The default passwords of all Wi-Fi routers and APs should be changed on installation, says kumar, to stop attackers exploiting industry default passwords.
Allied to the problem of rogue APs is the increasing use of personal Wi-Fi spots.
“This is possibly the main Wi-Fi security pain point for many European organisations today,” says Amar singh, chairman of isaca Uk security Group.
historically these hotspots had to be cre-ated using a router, he says, but today they can be set up very easily using a smartphone.
The increasing use of smart devices in European organisations exacerbates this problem because most mobile operating systems (oss) remember the last 10 or more Wi-Fi hotspots.
“This ‘feature’ is a weakness as it enables attackers to clone trusted hotspots and carry out man-in-the-middle attacks,” says singh.
Policy and educationAs in most cases, technology alone is not enough and must be supported by a clear and comprehensive set of policies and user educa-tion about the risks and how to mitigate them.
in tackling personal Wi-Fi hotspots, singh says his main focus is on educating the user Warwick Ashford is the security editor of Computer Weekly
“The proliferaTion of The mobile device makes iT very difficulT – especially given The currenT budgeTary environmenT – To Technically conTrol risky behaviour”amar singh,
isaca uk securiTy group
CW Europe August 2013 7
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
casE study
Intensive care consultants hold ‘virtual clinics’ with Apple iPads
The Walton centre nhs Foundation Trust in Liverpool is renowned for its specialist neurological care, taking
patients from across the Uk who need the medical staff’s expertise.
But coming from far and wide, the experi-ence can be more difficult for patients who travel long distances from friends and family.
The Liverpool hospital’s intensive therapy unit (iTU) is dedicated to patients who need continuous supervision and care following life-threatening injuries, serious surgery or acute illnesses.
consultant neurological anaesthetist Will Loh once tried to help a patient use his own iPad to contact family members, but due to the patient’s medical condition, found they were unable to hold the device. But this inspired him to approach the iT department
to come up with a workable and more per-manent solution to benefit patients coming through the iTU.
Andrew Evison, technical project man-ager at The Walton centre nhs Foundation Trust, became the programme lead. Together, they decided video calling func-tionality would be beneficial, both for patients to spend time with relatives and for consultants to run “virtual clinics” to get updates on patients’ conditions.
They also agreed to source software for patients unable to speak, to make sure they could address questions to their medical team and, in turn, the doctors could find out how patients felt during their stay.
The tools were already there from Apple and it was very simple to keep expanding into other areas, says Evison.
A robust Wi-Fi network in a hospital in Liverpool allows remote conference with patients and relatives using mobile tablet devices, reports Jennifer Scott
Thin
ksTo
ck
CW Europe August 2013 8
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
Wi-Fi connectivityThe project relied on a suitable guest Wi-Fi network to provide the connectivity.
“We could have used the internal Wi-Fi, but because we go through the nhs net-work, we felt there could be bandwidth and security issues,” says Evison.
however, the trust already had a public Wi-Fi network and believed this might pro-vide the answer.
“We have quite high bandwidth through that network, at around 10-12Mbps, so we had a quick conversation with our Wi-Fi sup-plier, Wi-Fi spark,” he says.
The supplier suggested the devices for use on the free Wi-Fi could be segregated and given a specific amount of bandwidth.
iPads fit the billEvison decided to go with Apple iPads for the project, as the tablet devices were in use elsewhere in the hospital and support was already in place.
“The Trust has about 70 to 80 iPads, used in various ways, such as executives using an iPad with secure email software or a project called ePatient, where we are pushing out our risk assessments and documents that would traditionally be paper-based into electronic form and onto the iPad,” says Evison.
“We are looking at other devices, but the easiest for us at the first stage was the iPad. others don’t fit the bill for security, configu-ration and controlling the device. The tools were already there from Apple and it was simple to keep expanding into other areas.”
Using the tablets’ Mac addresses, Wi-Fi spark cordoned off the devices from the rest of the network, ensuring they had the neces-sary bandwidth.
Apple’s built-in video-calling tool, FaceTime, was adopted for patients to con-tact relatives who also have Apple products, but skype was also installed to ensure wider compatibility for personal conversations or consultations with doctors.
casE study
temporAry wi-fi provision: An expenses timebomb
The cost of Wi-Fi is an expenses timebomb, warns a report from ipass. In a survey of 1,148 mobile workers, 75% of respondents say they occasionally work remotely from hotels; 40% from aeroplanes and coffee shops; and 29% on public transport.
Almost all the mobile workers surveyed say they have personal experience with costly Wi-Fi. The survey reports that 88% of mobile workers say they pay at least ¤8 to access Wi-Fi for a short period of time, such as purchasing a day pass.
many respondents say they pay ¤15 for a Wi-Fi day pass, but some respondents encounter even higher fees. According to the survey, 34% of workers say they pay at least ¤23 for one-time Wi-Fi access, while some pay as much as ¤38 or more for temporary Wi-Fi access (see pie chart below).
What is the most you pay for a one-time Wi-Fi pass?
Source: iPass
23.5%
¤8
¤30¤23
NothingMore than ¤38¤38
¤15
30.8%21%
11.7%
11.4%
0.7%
0.9%
CW Europe August 2013 9
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
For patients unable to speak because of their condition, the team decided to install AssistiveWare’s Proloquo2Go. The software allows patients to type what they want to say, assisted by predictive text, which then converts to audio to relay the message.
“The only issue we initially came across was how we would give it to the patient, in terms of being hands-free, mobile and secu-rity conscious, locking it to a stand in some way,” says Evison.
The Trust had already worked with a com-pany called RDP health to tackle some of these issues for its “computers on wheels” project, which enabled staff to move a laptop around the hospital and input data when next to the patient, rather than back in their offices on desktops.
The same basic stand was adopted, with the addition of an Ergotron flexible arm and kensington secureback case, which locks the iPad to the bed, keeping it in reach of the patient, safe from harm and easy to clean.
“it was a case of bringing different com-ponents together and thinking of a configu-ration we could apply to this project,” says Evison. “The elements were already there, it was just a case of pulling them together.
Rewarding resultsEvison and his team completed the whole project in just four months to a budget of £10,000, delivering the system to five rooms in the iTU. once the team saw it in action, the benefits became clear.
“We trialled it with one patient who was so excited when he got it,” says Evison.
“When he spoke to his daughter – who lives in the isle of Man – he was extremely happy and his daughter was in tears. it was quite an emotional moment.
“From an iT perspective, we don’t often get to see an end result that is quite so great. We were down in iTU with the gentleman when he was using it and we got to see an end result that was of real benefit.”
Future possibilitiesnow, Evison and his team are looking to the future. The first thing they are examining is whether they can try out the same pro-gramme using other tablet devices.
“We are looking at Windows tablets, but it is very early days. We have to think around things like security, using them on a ward and keeping them clean all the time,” he says.
“it is very difficult. Because Windows tab-lets are so new, buying these enclosures and different pieces for them is really tough.”
But the success of the initial roll-out has led the team to think how the systems could be used elsewhere in the hospital.
“i could see other uses for this because we are not just using it for patients. There is the opportunity to use it for more virtual clinics, such as when a patient’s relatives can’t get to an appointment or it is a cost to people travelling. if they can access a computer, we can create a clinic where they can speak to each other. There is definitely potential for expansion,” says Evison.
“in iT, there are lots of buzzwords and phrases about being for people’s benefit, but you don’t often see it. With these systems it is nice to see the benefit at the coalface.” n
“There is The opporTuniTy To use The sysTem for more virTual clinics, such as When a paTienT’s relaTives can’T geT To an appoinTmenT”andreW evison,
WalTon cenTre hospiTalJennifer Scott is the networking editor of Computer Weekly
casE study
CW Europe August 2013 10
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
BusinEss applications
Toyota Material handling Europe has developed an operational fleet manage-ment system that monitors and controls fork-lift trucks globally. The system – which the company uses at its manufacturing plants in sweden, France and italy, and offers as service to its customers – is built using Microsoft technology.
it won two awards in the computer Weekly European User Awards for Enterprise software – one as the best private sector entry, the other for best of show.
cio håkan Borglund (pictured below right) describes the company’s Toyota i_site ser-vice as “a fleet management system – which is very interesting, especially if you have a big fleet of fork-lift trucks”.
he says its business intelligence functionality is built into the business logic: “You can have triggers for various things. For example, if a truck touches something and that sug-gests goods are damaged, you can see details about the event: When it happened, who was driving. it can indicate what training is needed for the driver. it is really alive. it is not something you download once a month.”
Fleet management system gathers global truck dataToyota has pioneered a system that gathers data from black boxes in all its fork-lift trucks around the world for business processes. Brian McKenna reports
Clockwise from left: A Toyota fork-lift truck; The Toyota I_site service in action; CIO håkan Borglund accepts a CW european user Award for enterprise software
CW Europe August 2013 11
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
BusinEss applications
Black box gathers data for analysisAt the heart of the system is a black box on the fork-lift truck. Toyota i_site collects data from the fork-lift truck and transmits it to a central database using wireless technology and the regular mobile networks, without the need to install software or hardware. The data can then be analysed over a web interface.
“originally, we wanted to predict when a service was needed for the trucks – that then enabled other functions, such as safety,” says Borglund. “it is a global system and can be deployed anywhere using a mobile network, including in our own factories.”
Toyota Material handling Europe’s fleet management system is designed to address the problems material handling companies experience in optimising their truck fleets, improving the logistics process and reducing overall energy consumption.
The division makes Toyota fork-lift trucks and acquired BT Warehouse Equipment in 2000, which makes industrial equipment for material handling. As well as its three European factories, it has sales and marketing companies in 30 countries.
IT and business relationshipsBorglund, who is based in sweden, runs an iT department of 200, comprising two teams – information systems and iT infrastructure.
The information systems team has a business relationship management structure, with a business systems manager for each process. “We have close co-operation with the business,” says Borglund. “i am glad that we have that. it works well as a set-up.”
The i_site system, built on Microsoft’s .net framework, is now in its third version. Borglund confirms it is being used in the company’s own factories and that there are some 10,000 black boxes beaming back data from fork-lift trucks worldwide.
“We have a fair mix of standard and custom-built systems,” he says. “M3 is our enterprise resource planning software, which is standard. But we are not
afraid to build things ourselves.”Borglund, who came to Toyota from the airline industry, says the key performance indi-
cator service culture of that industry has informed his work at the Japanese automotive company which, he says, is well known for its culture of continuous improvement – the “Toyota Way”. n
Brian McKenna is the business applications editor of Computer Weekly
europeAn user AwArds for enterprise softwAre
Toyota material handling europe won Best private sector project and Best of show at the Computer Weekly european user Awards for enterprise software recently.
The winners were: n Best Technology Innovation: Taylor Wimpeyn Supplier of the Year: huddlen Private Sector: Toyota material handling europen Public Sector: Aintree university hospital nhs Foundation Trustn Cloud Innovation: nhs england and pA Consultingn Cloud Innovation honorable mention: Virgin media n Best of Show: Toyota material handling europe
Click here to read about the winnersAward nominations are open for storage and datacentre categories – click here for more details
F irst it was a money-haven, now switzerland’s privacy laws and data protection regulations are turning it into a cloud-haven in the wake of revelations about Us government surveillance. That is the claim of switzerland’s biggest offshore host-ing company, Artmotion.
Recent leaks about the Us national security Agency’s (nsA) Prism surveillance pro-gramme have sparked growing concern over data privacy, with implications for global corporations using Us-controlled cloud services, such as AWs (Amazon Web services) and Azure. As a result, businesses are now turning to switzerland for their data hosting needs. Artmotion says it has witnessed a 45% growth in revenue amid this demand for heightened privacy.
Surge in demand following surveillance revelationsThe substantial growth in demand for hosting data stems from the fact that, in switzerland, privacy is enshrined in law. As the country is outside of the European Union (EU), it is not bound by EU agreements to share data with other member states or with the Us.
Before Prism, the Us was at the forefront of the cloud computing industry and compa-nies flocked to take advantage of the scalable benefits of hosting in a cloud, as well as the cost savings it offered.
“The scandal has unearthed significant risks to data for businesses, as well as for their customers,” says Mateo Meier, Artmotion’s director.
“With Us cloud service providers subject to Us laws, the government can request business information under the Foreign intelligence surveillance Act (FisA) without the company in question ever knowing its data has been accessed.”
several large technology companies – including Microsoft, Google, Yahoo, Apple and Facebook – have admitted the nsA sought access to their systems.
Following the revelations about the Us government’s surveillance programme, ques-tions have also been raised about the safety of employees using file-sharing software such as Dropbox and online office resources such as office 365, which are hosted in the Us and the EU, Meier claims.
Thin
ksTo
ck
Switzerland becomes haven for cloud after Prism scandalEuropean enterprises are turning to Swiss cloud providers to host data because of their focus on privacy, writes Archana Venkatraman
CW Europe August 2013 13
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
privacy & data protEction
Switzerland’s privacy cultureThe desire for data confidentiality has seen a surge in large corporations turning to switzerland to take advantage of its privacy culture. Enterprises can host data in swiss clouds without fear of it being accessed by foreign governments.
“Unlike the Us or the rest of Europe, switzerland offers many data security benefits. it is not a member of the EU and the only way to gain access to the data hosted in a swiss datacentre is if the company receives an official court order, proving guilt or liability,” says Amar singh, ciso of news international and chair of the isaca security Advisory Group (sAG).
“no doubt switzerland has much tighter laws, but if you don’t encrypt data, it is always open. More importantly, you need to hold the keys to your encrypted data.”
European commission (Ec) vice-president neelie kroes has warned that Us cloud service providers could suffer loss of business following the data-collection revelations. Data protection is becoming even more critical as organisations move to the cloud and increase their awareness of how to best protect themselves from surveillance activities, says Dave Anderson, senior director at cloud security company Voltage security.
“Enterprise and consumer customers care deeply about securing their sensitive infor-mation and protecting the data that helps govern their business and delivers their goods and services to employees, partners and other stakeholders,” he says.
“This focus is becoming even stronger as enterprises deepen their beliefs that security, privacy and compliance are not just a tactical, ‘check the box’ activity, but rather a stra-tegic process.”
Specific needsBut datacentre and hosting services expert clive Longbottom says that turning to switzerland’s cloud services may not be for every organisation.
“if i am an oil company, i’d be a tad more worried that information i have may be of interest to governments but, if i am just a small business selling everyday goods, it doesn’t matter,” he says.
“But if you are a company siphoning profit off to offshore countries, then you may have real worries, so moving data to switzerland could make sense.”
Longbottom adds that it is all down to the chief executive. “if there is a perception that the EU may buckle to others’ data laws, then by all means,
they will look to go elsewhere. calligo offers datacentre capabilities in the channel islands outside of the scope of the EU as well. it’s down to the feelings of the cEo.”
“Regardless of where you are – you could be anywhere on the planet – if you don’t want anyone to look at your data and you don’t encrypt it, you have no assurance it is safe from prying eyes,” warns news international’s singh. n
Archana Venkatraman is the datacentre editor for Computer Weekly
colt extends dAtAcentre fAcilities in the netherlAnds
Datacentre and colocation service provider Colt is adding an additional 1,000m2 and 1.65mW of datacentre capacity to its network-neutral facility in the netherlands to meet the growth in the colocation market.
The additional capacity will be fully deployed by the end of september and the site will go live in the fourth quarter of 2013. It marks Colt’s second expansion this year, after it initially deployed 3.3mW earlier this year. The facility is located in Roosendaal, between the major cities of Rotterdam and Antwerp, where it acts as a hub to deliver low-latency services to enterprises in both the netherlands and Belgium.
CW Europe August 2013 14
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
storagE
F lash storage and what to do with it have been among the hottest topics in the world of storage for a couple of years now. That trend has been driven by a small set of startup companies offering all-flash array products. These have met the needs of organisations that want to supercharge desktop and server virtualisation
projects, as well as the needs of business-critical transactional operations.The mainstream top six storage suppliers have had to respond to customers’ needs and
to the efforts of the startups that have begun to take market share from them.The challenge for the incumbent suppliers has been to meet the performance needs of
flash in a dedicated array. These include the need for faster backplanes and processing capability in the hardware controller than was required with spinning hard disk drives (hDDs), as well as operating system (os) software that is optimised to manage the mul-tiple voltage, garbage collection, wear levelling and so on, that flash memory requires.
Big storage takes two routes in flash array shakedownThe big storage companies have responded differently to the advent of the flash array. Antony Adshead considers their responses so far
CW Europe August 2013 15
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
storagE
Broadly speaking, the storage giants have responded in one of two ways.
They have either bought a flash array startup (as EMc and iBM have done) and rebranded its products to fit their roadmap; or they have adapted existing storage products to accom-modate flash (as with hP, netApp and Dell). The one exception is hitachi Data systems (hDs), which has developed a flash-optimised hardware/software module for an existing sAn system.
clearly, the different approaches have their pros and cons. While those that have bought startups mostly have the edge in terms of performance, they buy this at the price of having flash arrays that don’t integrate with their other storage prod-ucts and management frameworks.
so how have each of the big six storage sup-pliers reacted to the all-flash array? Let us take a look at where their efforts have got so far, although the picture will evolve as some are clearly ahead of the game while others lag.
EMCEMc bought in its flash array offering with the purchase of israeli startup Xtremio in May 2012. in early 2013, it rebranded all its flash offerings (Pcie server flash and flash caching software too) around the Xtrem prefix and announced the Xtremio flash array would be generally available from this July.
The Xtremio flash array is an iscsi- and Fibre channel-connected all-MLc array that comes in 10TB X-Bricks. customers can add capacity and i/o performance as they add X-Bricks, from 250,000 4k random reads with one unit, up to one million ioPs with a four X-Brick cluster.
The Xios os has inline data deduplication to boost actual capacities.While Xtremio is clearly an array developed from the ground up to work with flash
memory, it is effectively a standalone product with its own os that cannot work in the management EMc storage family. This will be addressed in due course, says EMc.
HPhP first announced an all-flash version of its 3Par P10000 array in July 2012, but recently added to that with the 3Par storeserv 7450 array with upgraded controller hardware with faster intel sandy Bridge cPUs.
Despite not being a ground-up flash design, the 3Par os and controller Asic possess some flash-friendly features, such as data striping that helps reduce wear
and fine levels of granularity suited to flash cell block sizes.
hP claims i/o performance of 548,000 ioPs with 48 400GB MLc drives. sLc drives are also available
in 100GB and 200GB capaci-ties despite sLc falling from favour somewhat with enter-prise storage makers.
“While emc’s XTremio is clearly developed from The ground up To Work WiTh flash memory, iT is a sTandalone producT WiTh iTs oWn os ThaT cannoT Work in The managemenT emc sTorage family”
CW Europe August 2013 16
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
storagE
NetAppnetApp has, to date, only released a flash-equipped retrofit of an existing array, the EF540, which is the (formerly Engenio) E5424 array, with either 9.6TB or 19.2TB of eMLc ssD in 12 or 24 drive slots, and which will deliver around 300,000 ioPs.
Despite being something of a laggard in the flash array stakes, netApp has given hints of a forthcoming clustered os that will be tailored to flash. called FlashRay, it is being developed by an R&D team led by former netApp cTo Brian Pawlowski.
solid facts are scarce, but netApp says it will deliver: low latency; high ioPs; premium features such as data deduplication, compression, snap-shots and replication; object data management; and scale-out clustering capability.
A beta version of FlashRay is due in mid-2013.
IBMiBM took the acquisition route and bought Texas Memory systems in 2012. in April 2013, it rebranded the TMs Ramsan systems as iBM Flashsystem and integrated them with its sAn Volume controller (sVc) storage virtualisation device.
Flashsystem 820 and 810 use MLc flash, while the 710 and 720 use sLc, the latter despite iBM planning to drop sLc.
iBM promises to invest $1bn in its flash products over the next three years.
Hitachi Data SystemshDs announced the availability of the hitachi Accelerated Flash storage (hAFs) module for its enterprise sAn VsP platforms in november 2012. The hAFs module comprises a controller with software developed around MLc flash.
it can scale from 6.4TB up to 76.8TB and hDs claims it can provide up to one million ioPs and up to four flash enclosures can be housed
in a VsP array to provide more than 300TB of flash. VsP can also treat hAFs as a distinct tier of storage using its hitachi
Dynamic Tiering.
DellDell has taken the route of modifying existing products to
meet the need for flash performance. namely, it has upgraded its Dell compellent storage center os to version 6.4 and previewed the
availability of an all-flash compellent array, the Flash optimised solution.The Flash optimised solution will be powered by storage center 6.4 and com-
prise sLc and MLc drives in one of its sc220 expansion enclosures. Dell says it will get 300,000 ioPs for this mixed sLc/MLc bundle, which is quite low, especially with sLc on board, and suggests Dell has not optimised storage center to deal with the back-end tasks of managing flash memory.
instead, Dell focuses on autotiering to try to get the most from flash. here, the com-pany places the emphasis on storage center’s ability to move data at sub-LUn level, with different parts of the same LUn living on different classes of storage media. n
Antony Adshead is the storage editor of Computer Weekly
“dell has upgraded iTs compellenT sTorage cenTer os To version 6.4 and previeWed The availabiliTy of an all-flash compellenT array, The flash opTimised soluTion”
CW Europe August 2013 17
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
outsourcing
Once upon a time, iT outsourcing was a choice between doing it or not, but – with maturing cloud-based services and the arrival of new suppliers – the European cio now faces many more options to consider and hurdles to overcome.
At the same time, the stakes have risen as iT becomes ever more critical to the efficiency and competitiveness of the business. As iT outsourcing increases, procurement teams grow and iT departments shrink.
cost, consumerisation, commoditisation and digitisation are all considerations today. And there are many more departments involved. Procurement teams, supplier relationship man-agement operations, the chief financial officer (cFo) and the iT users of the business can all exert their influence in outsourcing programmes now.
in the past, outsourcing was purely about cutting fixed costs. But while contracting a sup-plier to run a service at a lower cost might remain the biggest reason, its importance is now diminishing. Do you want to cut costs or do you want to innovate? or do you want both?
Decisions, decisions, decisionsToday, executives involved in outsourcing have several options for every aspect of iT. Mark Lewis, outsourcing lawyer at Berwin Leighton Paisner, says the biggest decision facing European businesses is whether to move to the cloud or use traditional iT outsourcing.
if a traditional iT outsourcing model is chosen, decisions about the shape and scope of the deal are always a challenge, says Lewis. But the options are now better known, as are the suppliers’ offerings, the suppliers themselves and their delivery models.
Thin
ksTo
ck
How to make sense of your outsourcing options
With the advent of cloud, commoditisation and third
party innovation, the options for outsourcing your IT services can prove
bewilderingly complex. Karl Flinders looks at how to devise a strategy
CW Europe August 2013 18
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
outsourcing
But the cloud brings different challenges. “With cloud, the decision process is still complex and difficult for buyers,” says Lewis. “First,
do they understand cloud offerings? Then, public or private? how do they manage the data risks and the other risks of public cloud they keep hearing about? how easy will it be for them to integrate cloud in their iT environment? And who are the best cloud suppliers for them?”
he adds that the cloud advisory and integrator market is not as developed as in the iT out-sourcing market in Europe, so there is still a high level of complexity for buyers.
The digitisation of business – itself driven by cloud computing – is another example of a technology in flux that, while promising substantial benefits, is giving sourcing professionals a headache. new technologies in the digital arena, such as mobile and business intelligence (Bi), add complexity to the sourcing process.
According to a Forrester survey of global sourcing executives, 65% of respondents say they are excited about the changes these digital technologies will bring; but 62% say their busi-nesses lack the requisite skills to make the change; and 68% believe they do not have the right policies and business practices.
Forrester analyst Liz herbert says supplier manage-ment teams need a new approach if they are to harness the skills of the abundance of little-known suppliers. she says businesses must change the rules of engagement with suppliers, by rebalancing risk and value.
Tridip saha, head of sales in Europe at indian iT ser-vices firm Mindtree, blogged recently about the confu-sion caused for cios by digitisation, because of the different approaches iT services providers take.
he says large, consulting-led iT service providers see digitisation as being “all about the strategy to transform your business, with iT on top; the digital agencies view it as being all about user experience/customer journey, and they don’t bother about technology.
“The platform providers see it as all about having the right underlying technology platform, with no need for writing custom code ever again. Domain-centric iT service providers believe they have the golden solution, created exactly for your industry, and ask the customer how much of it they want.” he says most of the other suppliers take one of these approaches, depending on who you talk to.
Managing multiplesDigitisation and cloud computing stimulate competition between suppliers. Today, it is highly unlikely that a business will sign an all-encompassing, long-term contract with one supplier or even a small consortium of suppliers.
Today, a big European business might have thousands of suppliers, many of which are unof-ficial and arrive through users’ choices.
not every business has the resources available to micro-manage a huge, multisourced iT delivery model in the same vein as a company such as BP. The oil giant has the financial clout to not only make multiple suppliers deliver over and above expectations, but also has the resources to make sure they do.
BP cut $800m in costs in a couple of years, while retaining a multisupplier iT outsourcing environment. Most of the savings on iT was the result of the company’s sourcing strategy.
The company wanted to reduce the cost and complexity of working with thousands of iT suppliers. it now has seven iT service providers and has shaken up its supplier management capabilities to ensure it gets the most it can from them.
“procuremenT funcTions ofTen deTermine The services conTracTed and ThaT is noT alWays helpful”mark leWis, berWin
leighTon paisner
CW Europe August 2013 19
Home
european news
editor’s comment
all quiet on tHe wi-Fi
security Front
itu medics use tablet devices
to conduct ‘virtual clinics’
Fleet control system gatHers
global data
swiss Haven For cloud data aFter
prism scandal
FlasH storage splits suppliers’
roadmaps
make sense oF outsourcing
options
outsourcing
BP has a big stick to keep suppliers in line and a huge resource to manage them. not all businesses have this and there is a growing trend for businesses to outsource the service integration role. “We have several service integrator templates ourselves,” says Lewis at Berwin Leighton Paisner. “so, in a relatively short time, i would expect to see service integra-tor/management contracts becoming standardised as well.”
Forrester analyst Lutz Peichert says service integration is usually an internal responsibility.“service integration is not a new thing because it has been done by in-house teams for
years,” Peichert says, adding that there is now a trend to outsource the role.
Do you know what you want?All suppliers have different stories. This is making it tough for businesses to get exactly what they want but it is critical businesses do so: According to Forrester, 69% of cios do not believe they get what they asked for.
“But it is not that the supplier is not delivering, but the contract does not reflect reality,” says Peichert.
Understanding what you want and getting this supported in a contract is vital if the service is to live up to expectations. Part of the problem is a disconnect between the business and the buyers. Lewis says iT and the wider business functions are not joined-up enough and iT services procurement is often divorced from the aims of the business.
“Procurement functions often determine the services contracted and that may introduce another element into the buying process that is not always helpful, especially where cost is the only driver. change as the ultimate good in iT services contracts is overestimated. The problem is more basic - actually getting what the customer thought it was buying in the first place,” he says.
Even iT experts and not just business buyers are to blame, according to Lewis. “in some cases, even iT professionals on the customer side go fishing for possible solutions to their business problems without knowing what they want or what is out there in the market,” he says. “They then accept the most approximate solution and struggle to adapt it to their busi-ness needs.”
But standardisation is helping. “We have started seeing a level of standardisation in both the legal and commercial terms of iT outsourcing contracts, as well as the service descrip-tions, service levels and even charges schedules. This makes drafting and negotiating deals shorter and less complex,” says Lewis.
The other side is feeling changeiT buyers are not alone in feeling change. suppliers are experiencing a massive shift in outsourcing behaviour and are transforming in response. sam kingston, Uk head at T-systems, says there are buying trends that are shaking up iT outsourcing.
Businesses are buying smaller modules of service to help them control and lower costs. “services are being broken up and suppliers are being asked to take on specific parts of iT,
rather than end-to-end services,” says kingston. This is increasing the number of suppliers used and committing less to individual companies.
kingston also says there has been a shift in the key discussion with customers. Although he says the trend for suppliers to take on a service at a substantial discount is still alive and well, there is more importance put on improving the user experience.
kingston says emerging trends – such as the increased involvement of business and break-ing up services – is seeing procurement departments grow as iT departments shrink.
There are more people involved in the iT services procurement and there are more options available. But there is also more noise, not all of which is helpful.
sourcing skills are valuable assets to any organisation, but even the best are being put to the test when it comes to iT outsourcing in Europe today. n
Karl Flinders is the services editor of Computer Weekly
Make VDI a Reality
Download the new white paper:
Efficient and Adaptive Flash-OptimisedStorage for Virtual Desktop Infrastructure
Nimble Storage hybrid arrays provide affordable capacity and performance for virtual desktop (VDI) environments based on VMware View and Citrix XenDesktop. With a flexible mix of flash and disk storage, Nimble Storage systems provide:
Adaptive PerformanceMaintain a consistent user experience regardless of activity spikes, boot storms, or anti-virus scans.
Efficient Capacity Inline compression and zero-copy clones reduce footprint by 30 to 75 percent.
Integrated Data ProtectionCapacity-efficient snapshots eliminate backup windows and provide WAN-efficient replication for DR.
Application-Consistent ManagementPre-validated VDI reference architectures with VMware, Citrix, and Cisco reduce risk and accelerate deployments.
