may 2012, volume 1, issue 5 IT in Europe -...

IT in Europemay 2012, volume 1, issue 5

Gain a complete overview of European IT in today’s marketplace.

NAC TeChNology evolves iN A ByoD PoliCy WorlD TAkiNg CoNTrol of smArTPhoNe ProliferATioN

hoW To sTrATegise eNTerPrise DeviCe mANAgemeNT

Plus:

TeChTArgeT’s euroPeAN PArTNers

ToP euroPeAN sTorAge PrioriTies

river mANAgers Delve iNTo kNoWleDge mANAgemeNT

ADDiTioNAl resourCes

IT In EuropE • May 2012, Vol. 1 2

home

eDiTor’s leTTer

NAC TeChNology evolves iN A ByoD PoliCy WorlDs

TAkiNg CoNTrol of smArTPhoNe ProliferATioN






editor’s letter

EuropEan IT managErs have always been pioneers in mobile technol-ogy. The continent took a global lead in rolling out 3G networks, and—while progress to 4G is still patchy—the introduction of mobile working in European organisations is moving ahead rapidly.

But the IT leaders who have been at the forefront of mobile suddenly face a whole new set of challenges.

The balance of power in IT is changing, away from process-oriented IT departments and going instead to users. The consum-erisation of IT is breaking down the traditional command-and-control structure of corporate IT as employees demand to use their own computer devices to access corporate applications.

Increasingly, workers find they prefer the technology they use at home to that provided for their job. The highly secure company Blackberry might tick all the boxes for a locked-down mobile IT strat-egy, but users believe they can be more productive using the familiar

smartphones they use everyday.As a result, IT managers across

Europe are being forced to consider so-called “bring your own device” (BYOD) schemes that allow staff to use the smartphones, tablets, netbooks and lightweight note-books they prefer, instead of clunky desktops or shoulder-straining lap-tops.

Suddenly, all that careful corpo-rate security infrastructure needs a major rethink. How can you ensure the protection of vital corporate data when it is being accessed, downloaded and communicated via a variety of iPhones, Android devices, iPads and more? How can IT managers cope when users can choose almost any device they want to log in to key business soft-ware? And what does consumeri-sation mean for overall IT strategy?

After all, once users get their way, it’s not going to stop at smart-phones: many organisations are seeing users creating a “shadow” IT operation based on pay-as-you-go services in the cloud for storage,

NoW’s The Time To mAke The moBile move


home

eDiTor’s leTTer








editor’s letter

computer processing and applica-tions such as email and wordpro-cessing.

There is little doubt that we are entering a new phase in the development of IT, as the internet, handheld computing and the cloud commoditise many traditional aspects of technology and create a platform for rapid innovation. There is no room for digital King Canutes, striving to keep back the tide of consumer-driven change from the corporate IT environ-ment. The organisations that will thrive through and beyond the European economic downturn are those whose IT leaders embrace the potential of consumerisation and innovate their companies into market-leading positions.

In this month’s IT in Europe, we try to give a helping hand with arti-cles examining the strategies and technologies that will help meet users’ demands and maintain the right balance between flexibility and security.

Key considerations include iden-

tity management and network access control; mobile device man-agement tools; and desktop virtual-isation—you can read the views of the industry experts in this month’s articles.

For the sake of Europe’s global competitiveness, embracing con-sumerisation is a vital strategy. According to one survey featured in these pages, only one in four workplaces in the UK allow more than 10% of employees to use their own devices for work; yet according to another study, 60% of US companies support BYOD schemes.

That’s a worrying comparison for the continent with perhaps the most mobile, internationally focused employees in the world.

Mobile technology and consum-erisation represent a great oppor-tunity for smart European IT lead-ers. Don’t leave it too late to make your move to mobile. n

BrYAN GliCK Computer Weekly Editor in Chief


home

eDiTor’s leTTer








NAC teChNoloGY evolves iN A BYod PoliCY World

ETwork accEss conTrol

(NAC) technology seemed all but dead a year ago. After dominating network

security headlines for years, the technology eventually fizzled when users found that its features just didn’t go deep enough. But enter-prise IT consumerisation—spe-cifically the need to better control access for personal devices on the corporate network—is resurrecting the need for better NAC solutions. Though it is difficult to quantify what percentage of organisations today allow users to access the network using personal devices, a recent survey by mobile service provider iPass, shows 91% of work-ers conduct business from their own smartphones.

To enable these users, compa-nies are finding themselves seeking ways to protect an environment that is more virtual and therefore

more porous. Since NAC technol-ogy has always promised to merge authentication, end point security and access policy enforcement, it could be just the solution for these new protection needs. A broad spectrum of vendors is now prom-ising new NAC features meant to handle a bring your own device (BYOD) policy, and the changes have already boosted NAC sales. Infonetics Research reports that revenues of NAC appliances actu-ally increased 8% in Q2 2011 ver-sus Q1 2012 after years of lacklus-ter sales.

a spEcTrum of VEndors wITh nac TEchnology fEaTurEsNAC technology solution vendors today fit into one of three general categories: Network security gen-eralists, overall network equipment vendors, and an emerging class of vendors specialising only in NAC.

NAC TeChNology evolves iN A ByoD PoliCy WorlDJust when we thought NAC had fizzled, the technology may make a comeback as IT managers seek new ways of controlling personal mobile device access to corporate networks. By Amy Larsen DeCarlo

N


home

eDiTor’s leTTer









Though there are many differences among the individual vendors, pro-viders in each category also tend to share some common traits.

Network security vendors, such as McAfee, Symantec and Still Secure, concentrate on expanding elements already in their wheel-house, such as intrusion prevention or virtual private network (VPN)

technology. In some cases, they’ll incorporate NAC functionality into these broader solution sets, as is the case with Symantec’s inte-gration of NAC into its endpoint security product. Switching ven-dors such as Cisco and Enterasys, have traditionally provided NAC to existing customers as an extension of their network equipment offer-

NAC feATures To CoNsiDer for ByoDIdentity awareness: Many NAC solutions seek to gather information on the user and device, then use it to direct routers and switches on how much access to grant based on enterprise policy. in some cases, the NAC technology can consider loca-tion of user, date, time, authentication type and device to make those decisions. it can also gather Active directory, ldAP and sQl information.

Guest networking: NAC solutions can be used to enforce multiple levels of guest networking. this makes it so that users can be shuttled into cordoned-off areas of the network that have varying levels of access to enterprise resources.

Threat management: some NAC technologies act almost as unified threat man-agement devices using a variation of features. such features include port disable, vlAN control, vPN disconnect and access control list (ACl) to block or quarantine network devices until remediation takes place.

Integration with Intrusion prevention systems (IPS): some NAC solutions inte-grate with iPs technology so that NAC can authenticate and grant access based on the same corporate compliance and security mandates used by the latter system.

Support for multiple mobile OS platforms: NAC solutions were once built for laptops running Windows. however, that can’t be the case anymore considering iPads, iPhones and multiple Android-based devices that are being brought onto the network must be managed. n


home

eDiTor’s leTTer









ings. While these solutions have often provided very granular access controls to customers using their equipment, network equipment vendor-backed NAC solutions hit a big stumbling block in how to enforce NAC policies across both a wired and wireless network.

Now that’s an issue these ven-dors are addressing head on. Final-ly, a group of NAC specialists have arrived on the scene with solutions that aim to support a broad mix of platforms in a highly standardised way. These solutions have been more aggressive than their coun-terparts in addressing the unman-aged device element that a BYOD policy model brings. These up and coming companies include ForeS-cout and Bradford Networks.

ThE problEm wITh “old” nac TEchnologyThe original class of NAC prod-ucts that emerged nearly a decade ago aimed to protect the network from malware and other threats that were introduced when laptops plugged onto the network. The technology focused largely on end point security, with an emphasis on updating device configuration to meet corporate security poli-cies. With only limited interoper-ability between NAC products and networking gear, however, this approach was difficult to make work and manage.

Over time, what has changed in NAC solutions is a greater focus on safeguarding the network from unmanaged devices, by using a combination of policy manage-ment, profiling and access control. NAC solutions today increasingly apply an approach in which they create a guest network where non-corporate devices are segregated from the main network. Once devices are on this limited access network, the NAC solution can assess them based on their con-figuration and whether they comply with corporate security policies. n

amy larsen decarlo is a principal analyst at Current analysis, where her research focuses on assessing managed and cloud-based data centre and security services.

The Network Administrators GuideAs a network administrator, it’s your job to install, config-ure and maintain PCs, network operating systems and network equipment. In our network administrator all-in-one guide, learn about network security and network management. By KaylEigh BatEman

http://www.computerweekly.com/guides/The-network-administrators-guide

http://www.computerweekly.com/guides/The-network-administrators-guide

http://itknowledgeexchange.techtarget.com/network-administrator/

http://searchnetworking.techtarget.com/definition/network-operating-system

http://searchnetworking.techtarget.com/definition/network-operating-system


home

eDiTor’s leTTer








tAKiNG CoNtrol of sMArtPhoNe ProliferAtioN

or many companIEs, users are demanding to attach their new smart-phones and tablets to the corporate network.

Some companies welcome this tab-let and smartphone proliferation, seeing it as a sign of employees wanting to improve their productiv-ity and work long hours. Others see the trend as an unwelcome addi-tion to network complexity and a potential security risk.

According to a survey carried out at the end of 2011by Berkshire-based Star Technology Services of UK, firms with 100 to 1,000 employees found acceptance of user-owned devices is still low. Only one in four workplaces sur-veyed allowed more than a tenth of workers to use their own devices for work. The BlackBerry was still seen as the safest and easiest to integrate, followed by Apple’s iPhone and iPad devices, while

Android trailed behind, with Win-dows Mobile bringing up the rear.

But are companies right to be so cautious about what are undoubt-edly becoming the users’ devices of choice over the traditional Win-dows laptop?

sEcurITy rIsks of mobIlE dEVIcEsThe virus threat to new mobile devices is still small. Kaspersky Lab has seen just two viruses aimed at Apple’s iOS, and although the total number of viruses targeted at Android has now reached 1,000, that is a drop in the ocean against the vast flood of Windows-based malware.

So the worry is not about mal-ware, not yet anyway. The bigger concern for most companies grap-pling with mobile devices is data loss. What if a device containing confidential information is left in a taxi or in a bar? Or what if an

TAkiNg CoNTrol of smArTPhoNe ProliferATioNWith smartphone proliferation raging through companies, IT teams are turning to MDMs to keep corporate data safe. Are current MDMs up to the task? By Ron Condon

F

http://searchsecurity.techtarget.co.uk/news/2240038810/Smartphone-malware-Infections-will-hit-one-in-20-study-predicts

http://searchsecurity.techtarget.co.uk/tip/Enterprise-data-management-Prevent-data-loss-and-insider-threats

http://searchsecurity.techtarget.co.uk/tip/Enterprise-data-management-Prevent-data-loss-and-insider-threats


home

eDiTor’s leTTer









employee leaves the company with all that data on their personal prop-erty? What rights does the com-pany have to remove the informa-tion, and how would the company enforce its rights?

Furthermore, how does the IT department control which apps users download on to their phone or tablet? Apps are fairly well regu-lated on the Apple App Store, but the Android Market is currently a free-for-all; unregulated apps can perform all kinds of unforeseen tasks, such as calling premium-rate numbers and racking up huge call charges, or installing spyware that can exfiltrate information to a remote server.

For hard-pressed IT administra-tors, the sheer variety and com-plexity of the new technical land-scape, with its different hardware and operating systems, may be just too hard to support. Fortunately, new tools are now becoming avail-able to help them manage the task, and in some cases allow the users to support themselves.

mobIlE dEVIcE managEmEnT ToolsIf a device is being used for work purposes, the IT team will want to ensure corporate data on the device is correctly handled. This usually means setting some ground rules, often by some kind of con-tract with the user, underpinned by the use of technology to enforce those rules.

Some more cautious companies have chosen to implement a vir-

tual desktop on the mobile device, in effect turning the device into a Windows terminal. But while that delivers security and can prevent any corporate data from being

stored on the device, it means the look and feel of the iPad or Android tablet is lost. So that method may not be popular with users.

It is more likely that companies will choose from the growing range of mobile device management (MDM) systems to help enforce their policies. MDM features vary from vendor to vendor (and are developing fast in line with the market), but they will generally perform a couple of important functions: enforcing encryption by the use of strong passwords, and enabling the ability to remotely lock or wipe devices.

Using an MDM can ensure that if a phone or tablet goes missing, nobody can read its contents with-out the password. If necessary, the IT team can wipe the data remotely and disable the device.

However, if the company decides to give users freedom of choice,

usiNg AN mDm CAN eNsure ThAT if A PhoNe or TABleT goes missiNg, NoBoDy CAN reAD iTs CoNTeNTs WiThouT The PAss-WorD.

http://searchsecurity.techtarget.com/news/2240111501/Mobile-device-management-market-offers-mobile-device-security-options


home

eDiTor’s leTTer









then it will have to deal with a range of device platforms, and this can make the job of managing them—and securing them—more challenging. Apple’s iOS is mark-edly different from Android, and implementations of Android vary between handset manufacturers, so any MDM product must be able to cope with them all.

TablET and smarTphonE prolIfEraTIonAlthough Google is constantly improving Android and adding new enterprise-friendly features, it can take a long time for the features to be implemented by the handset manufacturers, and sometimes even longer for the telecommu-nications provider to send down the updates to the device itself. Considering, the company could be supporting multiple versions of multiple operation systems at the same time, including older versions that do not support encryption.

“All these different devices and operating systems make the situation very complicated for IT because they have no idea if the user has encryption or not,” said Ojas Rege, vice president of prod-ucts for Calif.-based MDM vendor MobileIron. “And they don’t have the time or resources to figure that out. So it is very confusing, which tends to slow deployment.”

Axelle Apvrille, a malware researcher with network security vendor Fortinet in France, has also observed that updates of mobile

device software can take a while to reach users.

“The operating system has to be implemented by the handset man-ufacturers, and that can take time,” Aprville said. “Then the operators don’t send the new firmware to their customers. It’s a complicated process. You often have security of one or two years ago on your phone.”

MobileIron has come up with a solution to the problem of mul-tiple devices and operating sys-tems with version MobileIron 4.5, which it says provides a single management platform for all fla-vours of Android, as well as Apple, Windows Mobile and BlackBerry smartphones, so that mobile poli-cies can be centrally managed.

Another MDM vendor, Good Technology, goes one step further and allows the company to create a secure encrypted partition—or “container,” as Good Technol-ogy calls it—on the user’s mobile device. According to Andy Jacques, the company’s general manager for EMEA, Good for Enterprise allows

“ The oPerATiNg sysTem hAs To Be imPlemeNTeD By The hANDseT mANufAC-Turers, AND ThAT CAN TAke Time.”—Axelle Apvrille, malware researcher, Fortinet


home

eDiTor’s leTTer









a company to protect its data on the user’s phone without interfer-ing with the “personal” part of the phone or tablet. “Within the con-tainer, business and security rules apply; outside the container, users can do what they want, within rea-son.”

Good has also worked with sup-pliers of cloud-based storage ser-vices, such as DropBox, to produce a secure version of the Good app that will sit in the container.

“The biggest security risk comes from the well-intentioned user,” Jacques said. “Cloud storage apps are popular because they allow users to store data easily in the cloud and then pick it up at home. It’s great for the well-intentioned user, but a nightmare for the CISO. It’s outside his control.”

According to Jacques, the Good Technology product allows users to continue using their favourite cloud service to store files, but now the cloud storage process comes under overall corporate control. This means, for example, if a user saves an Excel file with corporate data to the cloud, Good’s technol-ogy ensures it is saved using the secure version of the cloud service app, such as DropBox.

Oxford-based security vendor Sophos has also entered the mar-ket with Sophos Mobile Control

that, as well as doing basic MDM functions, allows companies to set up an Enterprise App Store. The aim is to create a self-service model for users, under company control.

The company’s head of data protection product management, Matthias Pankert, said Sophos has decided against the containerisa-tion approach.

“You can do containerisation on the Android or Apple device, so all corporate information is contained in the sandbox,” Pankert said, “but users want the same look and feel as the rest of their applications, with interaction between the phone book and apps, and between email and making phone calls.”

In any case, Pankert said Apple’s latest iOS 5 operating system sup-ports a “dual persona” approach on a single device, with enterprise apps, enterprise email, and VPN connections all under the control of the company. If the company wants to withdraw access for any reason, it doesn’t have to wipe the entire device. It can just withdraw the company certificate and the company’s data becomes unusable. Those same features, however, are not yet available for Android. n

ron condon is the uK bureau chief for SearchSecurity.co.UK.

http://searchsecurity.techtarget.co.uk/news/2240110737/SNW-Europe-2011-Cloud-location-matters-to-secure-cloud-data-storage

http://searchsecurity.techtarget.co.uk/news/2240110737/SNW-Europe-2011-Cloud-location-matters-to-secure-cloud-data-storage

http://searchsecurity.techtarget.co.uk/


home

eDiTor’s leTTer








hoW to strAteGise eNterPrise deviCe MANAGeMeNt

ITh ThE growIng popularity of mobile commu-

nication devices and consumerisa-

tion of IT, the traditional “one-size-fits-all” enterprise device strategy is likely to fail. In this tip, business and technology expert Clive Long-bottom explains why it is important now more than ever to revise your IT strategy and to develop a sound plan for managing devices. Life used to be so easy when certain computer workloads were carried out on a central device (a server) and the results of the workload were accessed through an endpoint that did very little itself (a terminal).

Personal computers didn’t radi-cally change how information was managed. Although the end-point device became intelligent and was able to store information, it remained “tethered” to a fixed position.

Then we saw the development of ever-smaller mobile devices. First, it was the luggable; then the laptop; then the rise—and fall—of personal digital assistants (PDAs); and now the evolution and rise of smart-phones and tablets.

Problems introduced with those devices, such as the wide distribu-tion of data, loss and theft of devic-es and the fact that data tended to be taken by ex-employees along with the device are compounded as prices have dropped to levels that relegate them to almost being dis-posable items. When laptops cost an average of £2,500, few employ-ees would dream of buying one themselves if the company weren’t offering them one for free. But with tablets costing less than £500 now, they are well within the purchasing power of employees.

Amid the growing mix of device ecosystems and their entry into the enterprise, any attempt by an

hoW To sTrATegise eNTer-Prise DeviCe mANAgemeNTAmid the rising consumerisation of IT, the traditional “one-size- fits-all” strategy can fail. According to this expert IT must develop an open approach to consumerisation. By Clive Longbottom

W


home

eDiTor’s leTTer









organisation to maintain a “one-size-fits-all” device strategy—in order to validate existing applica-tions to work across a known set of IT devices—will be doomed for failure. We have seen companies purchase and provision laptops and mobile phones for their employees, just to find out that employees then strip the licence codes from the laptop onto their preferred make—such as buying a Sony Vaio rather than using the provided Lenovo ThinkPad—and transfer the SIM card from the provided phone into their choice of smartphone.

Chaos ensues, and now that many organisations have moved away from a standard, Windows-based platform to iOS, Android or another operating system, it is difficult to track application usage and ensure standardisation across document formats and workflows. At the smartphone level, individu-als go for their own contracts and expense them to the business, so the business is not given preferen-tial business tariffs nor the ability to aggregate bills and to benefit from discounts for large usage. Pre-tending that consumerisation of IT is not happening can be expensive in real terms and in business pro-ductivity terms.

sTEps To managE consumErIsaTIon of ITWhen putting into place a well-managed approach to such mixed-device environments, the key is to embrace the dynamic evolution of

technology. Do not create a strat-egy that is dependent on certain device types. For example, having a strategy that sounds modern, in as much as it supports the Apple iPad, is OK for a moment in time, but with Android tablets becom-ing competitive, you will need to

review capabilities and continually re-code device apps just to keep up. Any strategy, therefore, must be “open.” The good news is that strong industry standards—such as HTML5, Java, virtual private net-work (VPN) security—are making this easier than it used to be.

You can define a minimum plat-form capability that a user-sourced device must have and then specify things like support for Java or the capability to support certain VPN technologies [not vendor-specific, but industry standard, such as Secure Shell (SSH)]. This base platform will define a set of capa-bilities—not the device itself—so new devices can be embraced as they come along with only mini-mum need for testing and valida-tion. Any device that does not

PreTeNDiNg ThAT CoNsumerisATioN of iT is NoT hAPPeNiNg CAN Be exPeNsive iN reAl Terms AND iN BusiNess ProDuC-TiviTy Terms.

http://www.computerweekly.com/news/2240105608/Report-reveals-concerns-over-consumerisation-of-IT

http://searchsoa.techtarget.com/definition/HTML-5

http://searchenterprisewan.techtarget.com/definition/virtual-private-network

http://searchsecurity.techtarget.com/definition/Secure-Shell


home

eDiTor’s leTTer









meet these basic requirements can be locked out from accessing the business network. However, the IT

team may have to assist the gen-eral users who may not understand how well a certain device aligns with the corporate requirements.

Next, you’ll want to adjust the application and data access strat-egy in order to protect the business in the best possible way. It is bet-ter to have a strategy that is built around each device being seen as a “terminal” rather than as a hyper-intelligent device in its own right.

Virtualisation is the key here; a virtual desktop infrastructure (VDI) brings all the business logic and data back into the data centre where appropriate controls can be applied.

The majority of VDI approach-es, such as those by Citrix and VMware, support standard access approaches through a browser or through a functional device app that ensures a good user experi-ence in terms of usability and speed of response. Virtualisation can also “sandbox” the corporate environment from the consumer

one. By fencing the corporate environment within its own vir-tual space, interaction between the access device and the virtual space can be controlled or even completely blocked. And by block-ing interaction, no data can be transferred outside of the corpo-rate space, and the access device remains only as valuable as the device itself—it will not hold cor-porate data that may have com-mercial or legal value if the device is lost or stolen.

Also, no matter how poor the user’s understanding of Internet security is, the corporate environ-ment can remain “clean”. Even if a device is riddled with viruses, worms and other malware, there cannot be any transfers of malware between the device and the corpo-rate network.

an opEn approach To consumErIsaTIon of ITAn open approach to consumeri-sation of devices, combined with the use of VDI, gives enterprises a means of dealing with their users’ desires to embrace the device of their own choice. However, IT teams must implement tools that will make the devices work for the business. Vendors such as Check Point, Cisco Systems, Landesk Software and Symantec provide asset management software, network access controls and end-point management systems that deal with occasionally connected devices and should be able to iden-

No mATTer hoW Poor The user’s uNDer-sTANDiNg of iNTerNeTseCuriTy is, The CorPo-rATe eNviroNmeNTCAN remAiN “CleAN”.

http://searchservervirtualization.techtarget.com/definition/virtual-desktop-infrastructure-VDI


home

eDiTor’s leTTer









tify when new devices touch the network.

The device will then need to be interrogated to ensure that its base capabilities meet the corpo-rate needs and, where possible, geo-locational tools show that the person is accessing the network from an allowable location. It may then need certain functions such as VPN capabilities or specific access apps which should be automated to allow the user to get on with his work quickly and efficiently. Tools should be able to lock out devices

that do not meet requirements and should be able to identify and lock devices that have been reported as lost or stolen to safeguard the cor-porate network.

Finally, tools must be able to provide comprehensive reports on the user’s activity and be able to advise the user in real time if he is attempting to carry out activi-ties that are counter to corporate strategy, such as accessing highly secure data over an open public WiFi connection. For example, Check Point’s solutions give an

key sTePs To mANAgiNg CoNsumerisATioN iTn �Prepare for a mixed-device environment. do not create a strategy that is depen-

dent on certain types of devices, but instead is open to a mixture. Create a base platform which will define a set of capabilities, not the device itself.

n Protect the business in the best way possible. ensure you adjust the application and data access strategy so it is built around each device being seen as a ‘termi-nal’ instead of a hyper-intelligent device in its own right. virtualisation and vdi are key here.

n interrogate each device to ensure it meets corporate needs. each device needs capabilities that meet the corporate needs and geo-location tools, which show the employee is accessing the network from an allowable location. it may need vPN capabilities or specific access apps, so tools will be needed to lock out devices that do not meet the requirements.

n Generating reports on user’s activity. tools are needed to provide comprehen-sive reports on user’s activity and be able to advise the user, in real time, on how to carry out corporate activities. for example accessing highly secure data over an open public Wifi connection. n


home

eDiTor’s leTTer









organisation the ability to use data leak prevention to identify if some-one is trying to carry out an action that is against corporate policies. Users can be completely blocked from performing the action and be presented with a bespoke message stating why they are being blocked.

Or, the user can be presented with a “Do you really mean to do this?” option—again, along with reasons why it is not recommended and an input box for them to put in the reason they still want to carry out the action. This will allow them to carry out the action—but under full audit of the tools so the organ-isation knows who has done what, when, where and why.

Such advice is presented in understandable terms (as opposed to technical terms such as “Error 612: Action counter to profile 164/2012”) informing users why such an action must be avoided. Whenever possible, it must give alternative options for users to meet their requirements. For example, a message along the lines of “You are currently connected to the network via an insecure public

wireless access point; transmitting customer details as in the attached document may be open to others capturing the information. Are you sure you want to continue?” This

is definitely more meaningful and empowers the end user to make an informed decision.

Consumerisation of IT is unstop-pable and has major implications for how corporate applications and data have to be dealt with, which will have a knock-on effect on the data centre itself. Embrace the change, and the organisation will benefit from it. Fight it, and your competitor will overtake you. n

clive longbottom is a service director at uK analyst Quocirca ltd. and a contributor to SearchVirtualDataCentre.co.UK.

emBrACe The ChANge, AND The orgANisATioN Will BeNefiT from iT. fighT iT, AND your ComPeTiTor Will overTAke you.

http://searchvirtualdatacentre.techtarget.co.uk/


home

eDiTor’s leTTer








teChtArGet’s euroPeAN PArtNers

francEMWC 2012: “BYod” at the heart of enterprise mobilityAt Mobile World Congress 2012, in Barcelona, enterprise mobility was not limited to security. Find out if BYOD is the new marketing trick for publishers?rEad ThE full sTory hErE.

gErmanyBring Your own device technical and legal fundamentals: the most important checks before implementing BYodEmployee use of private mobile devices in business IT is growing increasingly common. Bring Your Own Device (BYOD) is attrac-tive for staff who want to use their modern, multifunctional and flex-ible mobile devices not only for

private but also for business pur-poses. Therefore companies are trying harder to attract highly quali-fied staff through incentives such as flexible and mobile working.rEad ThE full sTory hErE.

ITalyCrM on the move likes the pharmaceutical iPadImportant companies are adopting tablet solutions with a strong focus on training and marketing, in order to expand knowledge on products and support.rEad ThE full sTory hErE.

two out of three italian Cios invest one fifth of budget in mobile solutions An Accenture study of 240 IT managers found mobility is already a priority in most Italian companies. rEad ThE full sTory hErE. n

TeChTArgeT’s euroPeAN PArTNers Read more on mobile networking from our European partners.

http://www.lemagit.fr/article/mobilite-atos-ibm-ubuntu-android-gemalto-ios-entreprise-byod/10592/1/mwc-2012-byod-mobilite-entreprise/




http://www.searchcloudcomputing.de/services/unified-communications-und-collaboration/articles/354163/





http://www.01net.it/crm-in-mobilita-al-farmaceutico-piace-su-ipad/0,1254,1_ART_146476,00.html



http://www.01net.it/due-cio-su-tre-investono-un-quinto-del-budget-nel/0,1254,1_ART_146443,00.html





home

eDiTor’s leTTer








toP euroPeAN storAGe Priorities

hE Two joInT highest pri-orities in storage and backup among Euro-pean IT departments

this year will be virtual machine backup and disaster recovery. With a score of 39% each from 225 European IT professionals in the TechTarget worldwide IT priori-ties survey conducted in late 2011, these two fields emerged as top of the storage to-do list for 2012.

Third in the list of storage-related IT department priorities is storage virtualisation, which 28% of those questioned say they will deploy in 2012. Fourth-, fifth- and sixth-placed priorities are cloud storage or backup (21%), data deduplication for backup (20%), and data reduction for primary storage (17%).

Cloud computing also emerged as a “broad initiative” for a signifi-cant portion of those questioned

(27%). Of those, 28% said they would use the cloud for storage and 30% for disaster recovery. By way of perspective, 58% said they would use the cloud for application provision.

The survey also asked peoples’ main reservations about working with external cloud services provid-ers. Security was ranked highest as a worry, with reliability and protec-tion of data behind that.

So, what’s driving these priori-ties? There are two key constraints in play: the need to cut costs and the needs of legal and regulatory compliance.

We know those questioned are feeling the recessionary pinch because they told us so. A majority of respondents said they were in recession (28%) or are now slowly recovering from it (40%).

We also know that compliance is a driver. Just under a quarter of respondents, 24.5%, said comply-

ToP euroPeAN sTorAge PrioriTies Virtual machine backup and disaster recovery top the storage priorities of European IT departments, according to TechTarget’s IT Priorities Survey. By Antony Adshead

T

http://searchstorage.techtarget.co.uk/tutorial/Virtual-machine-backup-Backup-application-product-enhancements

http://searchstorage.techtarget.co.uk/tutorial/Virtual-machine-backup-Backup-application-product-enhancements

http://searchstorage.techtarget.co.uk/feature/How-to-write-a-disaster-recovery-plan-and-define-disaster-recovery-strategies

http://searchstorage.techtarget.co.uk/podcast/Private-cloud-storage-vs-storage-virtualisation

http://searchcloudstorage.techtarget.com/definition/cloud-storage

http://searchcloudstorage.techtarget.com/definition/cloud-storage

http://searchstorage.techtarget.com/definition/data-deduplication

http://searchstorage.techtarget.com/definition/data-deduplication


home

eDiTor’s leTTer








toP euroPeAN storAGe Priorities

ing with legal and industry regula-tion—large chunks of which dictate data protection and disaster recov-ery standards—is a priority.

Server virtualisation is also a high priority for those questioned (58%). This too is arguably ulti-mately an exercise in cost cutting as it aims to vastly reduce numbers of physical servers in the data centre.

But, once embarked upon, server virtualisation brings the need for a number of associated projects that cost money, such as optimis-ing storage and backup for virtual machines.

Some questions must be raised regarding storage virtualisation, which emerged as the third high-est storage priority among respon-dents. Storage virtualisation is where heterogeneous storage capacity is pooled to provide one shared reservoir of capacity. Inter-est in it has been spurred by server virtualisation, but its actual take-up has not been very widespread.

In fact, SearchStorage.co.UK Purchasing Intentions surveys of the past two years have found stor-age virtualisation adoption stuck at around the 30% mark. So, it is possible that in the survey respon-dents were trying to indicate they planned storage for server virtu-alisation, a project that would fit extremely well with the on-going widespread deployment of virtual servers.

The survey’s findings were often echoed when we spoke to UK stor-age professionals from a variety of

organisations.For Roger Bearpark, assistant

head of ICT at Hillingdon coun-cil, traditional disaster recovery is receding in importance as the organisation moves to the cloud, but VM backup is an on-going priority. He said, “I can’t echo the priority given to disaster recovery as we’re moving to a cloud services environment with email and Office applications using Google Apps for Business. All of which makes tradi-tional DR a thing of the past.”

Wayne Morris, project imple-mentation manager with animal welfare charity The Blue Cross, reflected the experience of a much smaller organisation at the start of the journey towards server virtuali-sation. He said, “Our IT infrastruc-ture is under review right now, and we’re looking at server virtualisa-tion. We recognise that we will need shared storage capacity and that backup is a major thing we’ll need to tackle as part of that project.”

Meanwhile, Aaron Wilson, senior systems administrator at Oxford University Computing Services, talked of how DR is an on-going concern in a large and complex organisation. He said, “DR is impor-tant to us. We have solutions in place, but we constantly review those as developments in the infra-structure occur. We already have equipment in dual locations for many aspects of our services.” n

antony adshead is the uK bureau chief for SearchStorage.co.UK.

http://searchstorage.techtarget.co.uk/survey/8-Gbps-Fibre-Channel-levels-off-green-storage-peaks-DR-storage-spending-shifts

http://searchstorage.techtarget.co.uk/survey/8-Gbps-Fibre-Channel-levels-off-green-storage-peaks-DR-storage-spending-shifts

http://searchstorage.techtarget.co.uk/news/1379175/Training-and-education-key-to-IT-compliance-says-Hillingdons-Bearpark

http://searchstorage.techtarget.co.uk/news/1302708/Animal-charity-opts-for-clustered-NAS-over-iSCSI-SAN

http://searchstorage.techtarget.co.uk/


home

eDiTor’s leTTer








euroPeAN river MANAGers delve iNto KNoWledGe MANAGeMeNt

hE uk EnVIronmEnT

Agency is looking to a semantic-wiki-based knowledge manage-ment (KM) system

to improve the flow of informa-tion about river restoration across Europe.

The open source system, sup-plied by Woking-based IT services company SFW, is in the midst of an agile development process in consultation with water manag-ers, engineers and ecologists. The system is due to be completed in June and will belong to Restore, a partnership for river restoration in Europe comprising six fluvial organisations: the UK Environ-ment Agency, River Restoration; Wetlands International and Dienst Landelijk Gebied in the Nether-lands; the Finnish SYKE and Italian CIRF.

Antonia Scarr, the Restore proj-ect manager at the Environment

Agency said the main problem the system will address is less the lack of river management knowledge as the lack of searchability.

Restore aims to help “manage rivers so that we cope better with climate change,” she said. “Rivers have been declining, getting worse, and people don’t realise that.

“Historically, [river managers] took the view that [they] wanted to move the water as fast as pos-sible, so [authorities] put in place a lot of concrete, which made things worse. We are now trying to work more with nature. For example, in London flood protection in a park can be [inappropriately] set at the same level as a hospital. We are also looking at the whole river catchment, taking an overview and managing [rivers] more strategi-cally.”

The 2000 EU Water Framework Directive and its mandating of river basin management plans is part of

river mANAgers Delve iNTo kNoWleDge mANAgemeNT The UK’s Environment Agency has procured a semantic wiki based knowledge management system to aid river restoration across Europe. By Brian McKenna

T

http://www.restorerivers.eu/

http://ec.europa.eu/environment/water/water-framework/index_en.html

http://ec.europa.eu/environment/water/water-framework/index_en.html


home

eDiTor’s leTTer








euroPeAN river MANAGers delve iNto KNoWledGe MANAGeMeNt

the wider context for Restore and the KM system, she said.

The knowledge management system will compile and share information on around 500 river restoration projects throughout Europe, as well as connecting proj-ect supporters and workers, includ-ing European government agencies, engineers, ecologists and planners.

It is based on open source Medi-aWiki, running on a MySQL data-base, an SFW representative said, and will apply extensions which include Semantic MediaWiki, used to associate semantic data within the pages.

“This information can then be queried allowing the wiki knowl-edge base to be properly exploit-ed,” the representative said.

The system also applies, said the representative, a “Format Semantic MediaWiki extension”, for data entry and collaboration, and a “Maps MediaWiki extension” which permits geographic visuali-sation. The SFW project team com-prises 6.5 full-time employees.

The problem at present, said the Environment Agency’s Scarr, is that the knowledge accumulated in past river restoration schemes is not easily available. “In the UK we have done a lot of river restoration proj-ects and some economic analysis. But, as the Environment Agency, we want to get the information out there.

“It would be very useful to search

for, let us say, any project that restored rivers for under £10,000. We can’t do that just now.”

The pan-European nature of the Restore project, and the knowledge management system that is under development, is crucial, she said. “Sometimes we don’t look around Europe enough.”

The Environment Agency opted for the Web-based, semantic wiki system that SFW is supplying because of its imposition of “struc-ture through prescribed columns,” it’s agile, user-consultative devel-opment model, and its transferabil-ity, she said. “We did not want to be too prescriptive. And we wanted it to be open source because we don’t want to hold the tool as the Environment Agency. We want to give it to the centre for river res-toration to hold it centrally.” The Restore website is hosted by Wet-lands International, not the Envi-ronment Agency.

The project has taken search requirements feedback from a river restoration event held in Ljubljana, Slovenia, with 125 delegates from 25 countries. “We’ve also recently spoken to policy makers in Paris to see what they might search for on the database.”

The system is due to go live in June. It is due to be delivered in June at www.restorerivers.eu. n

brian mckenna is the site and news editor for searchdataManagement.co.uK.

http://www.restorerivers.eu


home

eDiTor’s leTTer








ADDiTioNAl resourCesn 100 Days to the 2012

London Olympics

n Cloud Expo Europe 2012

n Cisco Live Europe 2012 Coverage

n SNW Europe 2011: Conference coverage

n VMworld Europe 2011 conference coverage

n VMworld Europe 2011: All the channel news from the VMware show

n RSA Europe 2011: IT security conference coverage

n How to comply with the EU cookie law

n InfoSec Europe 2012: Conference coverage

n A UK guide to government and public sector IT

n The UK Budget 2012: Are you better or worse off?

n A guide to embracing IT consumerisation

it in Europe E-zine is a joint e-publication of SearchSecurity.co.UK,

SearchVirtualDataCentre.co.UK, SearchStorage.co.UK,

SearchDataManagement.co.UK, SearchNetworking.co.UK,

ComputerWeekly.com and Microscope.co.uk.

Cathleen Gagne Editorial Director

Kayleigh Bateman Special Projects Editor

Christine Casatelli Managing Editor

linda Koury Director of Online Design

techtarget 3-4a Little Portland Street, 1st Floor

London W1W 7JB

techtarget 275 Grove Street, Newton, MA 02466

www.techtarget.com

© 2012 TechTarget Inc. No part of this publication may be transmitted or reproduced in any form or by any means without written permission from the publisher. TechTarget reprints are available through

The YGS Group.

About�TechTarget: techtarget publishes media for information technology professionals. more than 100 focused websites enable quick access to a deep store of news, advice and analysis about the technologies, products and processes crucial to your job. Our live and virtual events give you direct access to indepen-dent expert commentary and advice. at it Knowledge Exchange, our social community, you can get advice

and share solutions with peers and experts.

AdditioNAl resourCes

http://www.computerweekly.com/guides/100-Days-to-go-to-the-2012-London-Olympics

http://www.computerweekly.com/guides/100-Days-to-go-to-the-2012-London-Olympics

http://www.computerweekly.com/photostory/2240114463/Cloud-Expo-Europe-2012/1/How-the-stalls-looked-from-above

http://www.computerweekly.com/Cisco-Live-Europe-2012-Coverage

http://www.computerweekly.com/Cisco-Live-Europe-2012-Coverage

http://searchstorage.techtarget.co.uk/news/2240106638/SNW-Europe-2011-Conference-coverage

http://searchstorage.techtarget.co.uk/news/2240106638/SNW-Europe-2011-Conference-coverage

http://searchvirtualdatacentre.techtarget.co.uk/VMworld-Europe-2011-conference-coverage

http://searchvirtualdatacentre.techtarget.co.uk/VMworld-Europe-2011-conference-coverage

http://www.microscope.co.uk/technology/cloud-computing/vmworld-europe-2011-all-the-news-from-the-vmware-show/



http://searchsecurity.techtarget.co.uk/tip/RSA-Europe-2011-IT-security-conference-coverage



http://www.computerweekly.com/guides/How-to-comply-with-the-EU-cookie-law

http://www.computerweekly.com/guides/How-to-comply-with-the-EU-cookie-law

http://www.computerweekly.com/guides/InfoSec-Europe-2012-Conference-coverage

http://www.computerweekly.com/guides/InfoSec-Europe-2012-Conference-coverage

http://www.computerweekly.com/guides/A-UK-guide-to-government-and-public-sector-IT

http://www.computerweekly.com/guides/A-UK-guide-to-government-and-public-sector-IT

http://www.computerweekly.com/guides/Inside-the-Budget-2012-Are-you-better-or-worse-off

http://www.computerweekly.com/guides/Inside-the-Budget-2012-Are-you-better-or-worse-off

http://www.computerweekly.com/guides/IT-Consumerisation

http://www.computerweekly.com/guides/IT-Consumerisation

http://searchsecurity.techtarget.co.uk/

http://searchvirtualdatacentre.techtarget.co.uk/

http://searchstorage.techtarget.co.uk/

http://searchdatamanagement.techtarget.co.uk/

searchnetworking.co.uk

http://ComputerWeekly.com

http://Microscope.co.uk

http://reprints.ygsgroup.com/m/techtarget

may 2012, volume 1, issue 5 IT in Europe -...

Documents

Transcript of may 2012, volume 1, issue 5 IT in Europe -...