We’re there for you
NeW NeWtec M6100 Broadcast satellite Modulator Technologies ThaT help you go furTher newtec technologies allow billions of people to connect to the world, their families and each other. you can find our innovations and technologies anywhere. Whether we work for government agencies or private companies, we always see innovation as a way to reduce your costs and optimize your efficiency. our global experience in multiple markets helps us in achieving our ultimate goal: taking care of your satellite communications while you can focus on your core activities. We’re there for you. always and everywhere.
Visit us at www.newtec.eu
Belgium – uSA – SingApore – DuBAi – ChinA – BrAzil
Broadcast GoVerNmeNt aNd deFeNce IP trUNKING BUsINess aNd coNsUmer Vsat All articles are available for download at www.connect-world.com CONTENTS
Cloud opportunities Improving business fluidity with the Cloud 5 by Andrew Dobbins, Verizon’s vice president of Asia-Pacific
5 7 10 12 From video-communication to machine-to-machine - Cloud turns to business 7 by Karim Taga, managing partner and global practice leader, TIME, Arthur D. Little
Enterprise adoption of Cloud computing: The next five years for IT 10 15 17 19 22 by Bernard Golden, CEO, HyperStratus Shore to shore: IT, the fifth utility 12 by Jim Fagan, VP and managing director, Rackspace Asia-Pacific Cloud security 24 26 29 31 Spear phishing in the Cloud 15 by GOH Hock Beng, vice president, Channel Sales Asia, TrustSphere
Who Owns Security In The Cloud? 17 by Jim Reavis, founder and executive director, Cloud security Alliance; and Dave 33 36 39 42 Asprey, vice president of Cloud security, Trend Micro Data breach and risk in the Cloud - the legal response 19 by Thomas J. Shaw, Esq, attorney at law, and CEO, CloudRisk Asia
Pragmatic tradeoffs in enterprise adoption of public Cloud 22 44 46 by Dr Steve Hodgkinson, research director - public sector, Ovum Australia and New Zealand Special Cloud applications Asia: leaders in technology adoption 24 by Matthew Tonkin, area vice president, Asia-Pacific, Sybase 365
Connections Social care in the Cloud 26 From the Editor’s desk 2 by Dennis Juul Poulsen, CEO, Tweakker by Rebecca Copeland Online video monetisation made simple 29 Imprint 2 by Dennis Rose, vice president, APAC, Brightcove Advertorial The benefits of using Cloud computing in VoIP 31; ALOE Systems 3 Cloud services: a minor technological advancement, a revolution for VoIP wholesale business Advertisements by Konstantin Nikashov, CEO, ALOE SystemsCorporation Newtec IFC DragonWave 4 Cloud implementation CommunicAsia 9 Head for the Cloud - see the reality 33 by Alastair McAulay, IT expert, PA Consulting Group ITU World 2012 14 SMAU Expocomm 21 Cloudonomics: achieving cost-efficiency and agility through Futurecom 28 Broadband World Forum hybridization 36 35 by Raj Dutt, senior vice president of technology, Internap IBC 38 Connect-World 41 Open Cloud for open business 39 O3B Networks IBC by Dirk-Peter van Leeuwen, vice president & general manager, Red Hat, Asia-Pacific Ericsson OBC Building the right Cloud for your business 42 by Chip Salyards, vice president Asia-Pacific, BMC Software Federating interworking Clouds Opening up the federated Cloud in Asia 44 by Ditlev Bredahl, CEO, OnApp
Examining the Asia Cloud 46 by Samuel Lee, president, Equinix Asia-Pacific CONNECTIONS
Connections
It is time to get our heads out of the Clearly, security versus convenience is a question of trade-offs and hype Cloud and examine the reality. balances, which the IT department needs to define in their new In this edition, we look at Cloud role in the Cloud-era. In fact, free from the cumbersome in-house opportunities and applications, Cloud infrastructure management, the world of IT is promising to blossom, implementation issues, Cloud value exploiting the new possibilities opened up by the Cloud accessibility, chain and business models and we even the richness of components and the speed to launch services. dream future blue-sky Cloud offerings... The idea of the hosted services is not Cloud seems to offer something for everybody. IT global players, new and the technology is already there, Telcos, wholesale service providers, application integrators and but somehow everything has come OTT startups - they all see opportunities for new business. In the together now: smarter devices, faster APAC region, local Cloud providers are now emerging. They need fixed and mobile pipes, easier mobility, to collaborate in order to match the global coverage and the range of global business and most of all - users’ offerings of the IT giants. This is achieved by the federation of smaller determination to communicate Internet-style at Internet-speed. Cloud providers that pool together ‘ideal’ headroom capacity to facilitate global reach, thus forming a viable alternative. The consumer in us all is already ‘spoilt’ by ready Internet services wherever we are. Now the enterprise is set to succumb. IT departments These Cloud connectivity solutions are generally described as IaaS usually resist this loss of control, but they must act before business lines (Infrastructure as a Service), and they leverage the existing infrastructure simply bypass them and go to the public Cloud anyway. It is better for the of service providers and network carriers. There is also a whole range of IT departments to investigate the real requirements, wisely select Cloud SaaS (Software as a Service) spawned by the Cloud, offering on-tap open partners and carefully assess what can benefit from the open Cloud and software applications or carefully crafted, fully integrated, multi-tenanted what should remain protected within the private domain. For this to work packages of functionality that most enterprises want to have, at a lower efficiently, hybrid solutions are now proposed that enable internal systems cost than can be achieved in-house. The Cloud is enticing in its elastic to operate alongside applications on the public Cloud. This provides capacity, ubiquity and resilience through distributed architecture. In this better utilisation of existing assets and a smoother transition. edition, you can read about offered Cloud IPX, Cloud CRM and self-care, mCommerce assistance, video advertising via Cloud delivery and even Much of the enterprise resistance to the public Cloud is to do with security. Cloud-based VoIP softswitch. Some argue that the risks of Clouds are exaggerated, and can be mitigated by choosing a trustworthy provider who will not jeopardise its reputation Best of all, analysts expect that Cloud will not just be a delivery with bad service. They also argue that the main risks, such as fraud and DoS mechanism for cheaper Internet applications on multiple devices, but a attacks, exist anyway, and what is needed is implementation of adequate vehicle for innovative services that were not practical before, not cost- security measures, whether the perimeter is within the enterprise or on the effective before or simply not conceived of before. Cloud platform. Cloud providers need to respond to these requirements. Enterprises need greater visibility of who is accessing its data and need to improve authentication control. Data must be fully secure when it is encrypted ‘at rest’ as well as ‘in motion’. If security breaches do occur, the enterprise must be prepared to comply with notification rules and regulations. Rebecca Copeland, However, the levels of security should match the type of activity and the Editor, sensitivity of the data, at the discretion of the IT management. Connect-World [email protected]
Editor-in-Chief: Fredric J. Morris [email protected]
Publisher: David Nunes [email protected]
Editorial Department: [email protected]
Production Department: [email protected] Connect-World is published under licence by INFOCOMMS MEDIA LTD Sales Department: [email protected]
email: [email protected] Administration Department: [email protected] URL: www.connect-world.com
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means elec- tronical, mechanical, photocopying, recording or otherwise, without prior permission from the publishers. The content of this publication is-based on best knowledge and information available at the time of publication. No responsibility for any injury, death, loss, damage or delay, however caused, resulting from the use of the material can be accepted by the publishers or others associated with its preparation. The publishers neither accept responsibility for, nor necessarily agree with, the views expressed by contributors.
ISSN 1462-2939
2 n Asia-Pacific II 2012 ALOE Systems
Profit Protection and Security for Wholesale VoIP Carriers
The VoIP wholesale market is developing fast and has expanded in independent, carriers can benefit from renting the switch to size greatly over the last years. ALOE Systems is a VoIP network other providers. For start-ups, MVTS II is a cost-effective way software vendor that has been in the market for over 10 years. How to enter the VoIP wholesale market is ALOE Systems different from other vendors? The company has • Route quality control - if route quality falls below a certain rich experience of customizing products to meet the needs of a point, the route can be blocked and reconfigured to guarantee particular carrier; however, the key advantage of ALOE Systems is SLA parameters to end clients the company’s unique know-how - Profit Protection. With this feature • Distributed modular architecture of the system allows easy carriers can route traffic literally in any way they want, assuring set scalability of the system and its overall flexibility along with profit margins. high levels of fault tolerance and network redundancy • Integrated prepaid/postpaid billing helps the carriers manage MVTS II is a four-in-one platform for running VoIP wholesale finances more efficiently business, combining switching, routing, billing, and border-control functionality. 2011 saw a significant increase in performance of MVTS ALOE Systems’ other products are ALOE Transit SBC and II - the concurrent calls’ rate rose to 150 000, along with the CPS rate. MVTS Pro. The system fully meets the demands of large-scale carriers, being capable of routing large amounts of traffic. ALOE Transit SBC is a session border controller that combines security, media management, and transcoding services in a single, MVTS II is one of the most efficient softswitches in the market: the highly scalable software platform. concurrent calls rate is 150 000.
The product can be easily deployed in complex network structures and MVTS II Key Features features network topology hiding and distributed architecture, which makes the network less vulnerable to malicious attacks. • The Profit Protection feature allows the carrier to create a set of routing algorithms for customers with different needs in traffic ALOE Transit SBC Key Features handling/transit. The carrier can set routing algorithms-based on »» Route cost (LCR) • Secure entry point into the carrier’s VoIP network »» Route quality (ASR, ACD, ABR, PDD) »» Call authorization by IP addresses/usernames from system »» Time (time of day, month, year, day of the week) configuration data »» Gateway load »» Control of incoming CPS/RPS value »» Local Number Portability (LNP) »» Privacy support (presentation/screening indicators, RFC3325/ • Maximum difference between incoming and outgoing calls is RFC4497/Cisco Remote-Party-id) established to assure profit margins • Network topology hiding • Powerful switching: MVTS II is a tool for effective protocol • Centralized media traffic management interworking (SIP-H.323 two-way conversion) and transcoding • Media anchoring with a wide range of codecs supported • Protocol interworking • Partitioning capabilities allow creation of hosted softswitches • Transcoding within the main platform. With partitions being fully MVTS Pro is a high-performance class 4 softswitch featuring high capacity, support of a variety of VoIP protocols, and RADIUS for interaction with external billing systems.
Learn more at www.aloe-systems.com. l
PROMOTIONAL FEATURE DRAGONWAVE AVENUE THE ROAD TO 4G JUST GOT EASIER
MICROCELLULAR SOLUTIONS DragonWave’s Avenue portfolio comprises several microcellular solutions ranging from a single microcell backhaul link, to the industry’s first fully-integrated microcellular platform, with multi-beam backhaul and independently-aligned antenna array, Ethernet switching, power supply, battery backup and a slot for a 3G/4G micro base station; all within a single zoning-friendly enclosure. Visit Us At Mobile World Congress - Booth #2A118
www.dragonwaveinc.com
One pager Europe.indd 1 15/02/2012 11:13:12 AM Cloud opportunities DRAGONWAVE AVENUE Improving business fluidity with the Cloud THE ROAD TO 4G JUST GOT EASIER by Andrew Dobbins, Verizon’s vice president of Asia-Pacific
Our perception of what is the working environment and its perimeter in time and space is shaped by the pervasive use of smart mobile devices, and Cloud is a business-enabler, rather than a technical construct, for this transformation. Organisations begin to rely on ‘dispersed expertise’ that can be reached remotely, with information traversing the globe in both directions. Cloud breaks the departmental barriers for data sharing. Merging and cross-referencing data from disparate sources provides new insights in ways that were not previously contemplated. The Cloud allows staff to focus on high-value activities and business goals rather than the mechanics of managing applications and data. There is no doubt that business will be transformed by the Cloud’s enhanced flow of information.
Andrew Dobbins is vice president - Asia-Pacific, in Verizon Business, helming the organisation’s operations in Asia-Pacific. His remit is to focus on the needs of Verizon Business’ multinational enterprise customers, addressing their pan-regional and global requirements.
A seasoned catalyst of change and transformation, Andrew Dobbins has provided leadership at Verizon Business since January 2007. Since then, the company has grown into a key player in the regional network service provider space. Among some of the industry recognitions that Verizon Business has garnered include being ranked in the leaders’ quadrant in Gartner 2007 and 2008 Asia-Pacific Network Service Provider Magic Quadrant, and receiving a ’Strong Positive‘ rating from Gartner in its 2008, 2009 and 2010 Market Scope for Managed Security Services in the Asia-Pacific report. Verizon Business was also ranked a leader in IDC’s latest Asia-Pacific Next-Generation Telecom Service Provider in Asia-Pacific, 2010 report.
MICROCELLULAR SOLUTIONS Prior to this, Andrew Dobbins was Asia-Pacific vice president of sales for Orange Business Services. In this role, he was responsible for the sales organisation across Asia. The group focused on the multinational corporation (MNC) market for international network services DragonWave’s Avenue portfolio comprises several and solutions. His key achievement was to help transform the organisation from a network-only company to a services and solutions provider. In total, Mr Dobbins worked for Orange Business Services for ten years. He held various key appointments including director microcellular solutions ranging from a single microcell of sales, Australia and New Zealand and director of sales Hong Kong, eventually becoming vice president of sales, Asia Pacific. backhaul link, to the industry’s first fully-integrated Prior to this, Mr Dobbins spent five years in Telstra, addressing Telstra’s international MNC customer base during a period a deregulation microcellular platform, with multi-beam backhaul and and significant change. independently-aligned antenna array, Ethernet switching, power supply, battery backup and a slot for a 3G/4G micro base station; all within a single zoning-friendly enclosure. In an economic downturn, improving business to gain competitive advantages to make a real and made available to enterprises on demand. performance often equates to cutting costs. It’s difference to business performance - whether Gartner defines Cloud computing as ‘a style the obvious place to start. In short order, the easy they seek shorter time to market; services that of computing in which massively scalable Visit Us At Mobile World Congress - Booth #2A118 cuts have been made, the hard cuts have been can be quickly turned up or down; or reduced IT-enabled capabilities are delivered ‘as a made, and you can’t move forward by slashing upfront IT costs, to name but a few. Yet despite service’ to multiple customers using Internet any more. As the old adage goes, if you think its continued evolution, concerns remain. Is technologies’. In essence, service providers you’re drowning, stand up and walk out of the Cloud computing secure? Will it provide reliable can leverage economies of scale to provide water. Companies today have an opportunity availability? Can an organisation maintain a highly reliable platform with greater cost to refocus on innovating their processes and control over business-critical systems and and management efficiency. Companies gain offerings, so they can be armed with the ability to data that exist in the Cloud? Above all, is it an flexible access to large amounts of scalable be more aware and agile than ever before. These enterprise-ready solution that can deliver on all computing power, giving them the freedom are critical success factors in competitive markets its promises for better business performance? to adjust capacity up and down to support the that enable them to emerge from the downturn natural cycles of their business. Resources www.dragonwaveinc.com better positioned to grab market share and to lead. The case for Cloud computing can be added, turned off or reassigned whenever necessary. Cloud computing should Adopting Cloud computing is a journey that In the Cloud computing environment, therefore be thought of as a business-enabler companies should embark on, enabling them functionality is transferred out of the network, rather than as a technical construct.
Asia-Pacific II 2012 n 5
One pager Europe.indd 1 15/02/2012 11:13:12 AM Cloud opportunities
The mobile workforce - changing the concept throughout a business’s ecosystem as the Cloud or adopts secure and encrypted public of ‘work’ fluid exchange of information extends to options that enable it to maintain control over its business partners, suppliers, customers, as data, Cloud-based storage will be easier and cost- By 2015, Gartner predicts that the typical well as employees. effective for business to install and maintain over knowledge worker ‘will own several wireless traditional approaches. devices, will be continuously connected and Thanks to the intelligence of the enterprise will communicate and collaborate in a wide Cloud, mobile decision-makers can instantly This will make it easier for business analysis variety of ways without being tied down to access an ever-expanding wealth of data to gauge trends and report on them, and to specific locations and services’. that can be turned into actionable insights. draw from data and merge it from operational This information provides users with greater segments of a business in ways that were not The pervasive use of mobile devices today awareness and understanding of their working previously contemplated. The analyses drawn has already expanded the traditional notion circumstances and the contexts in which they from the robust and cross-referenced data of work so that it includes not only activities are working. As a result, employees will be able sources will give companies new insights into performed by on-site employees during to make better decisions for their organisations the state of their businesses and better capability traditional business hours, but also work that and organisations, in turn, will better serve to anticipate future conditions that might affect is performed at other time periods and from their customers and shareholders. The constant their operations and competitiveness. remote locations. This acceleration of mobile exchange between users and the systems hosted device usage in the work place is fuelling in the enterprise Cloud creates collective business Business processing platforms that facilitate demand for multi-platform applications, intelligence that can be tracked, filtered, analysed, the exchange of Cloud-based data between increased bandwidth, and the computing and turned into useful, actionable information. trusted sources will be used to securely connect power to operate them. IT departments are authorised companies, suppliers, vendors, and already straining to accommodate diverse The impact of this type of awareness - already customers to business data and analytics. This smartphones, tablets and laptops. powerful at an individual level - will be access can improve the quality and pace of amplified when aggregated across an enterprise. decision-making for the participants. When In fact, we should expect further shifts in the When the many individual components in the accomplished on an enterprise scale, this will concept of work when employees can interact organisation share a heightened awareness of help improve overall business functioning. with one another and business information business conditions, they can drive action on from more types of devices and enterprise their business strategies more aggressively and Driving IT change Cloud applications. Companies should thus influence global opportunities accordingly. make an effort to anticipate this conceptual All of these business benefits lead to an shift, the operational changes resulting from Business operational models will change opportunity for IT departments to change this shift, as well as the general changes in their focus from deploying and supporting work culture that are sure to emerge. With the deployment of the enterprise Cloud, applications to managing the services that organisations will begin to develop new and those applications provide. This allows the The enterprise Cloud - an off-premise, public innovative operational models. department to focus on high-value activities utility-type model - will enable organisations that align with and support the enterprise’s to quickly expand their networking, computing One model that will profoundly change how business goals. The CIO can then truly and storage capacity in a way that is secure corporations operate is the concept of ‘dispersed function as a technology strategist, working and reliable. Not only can organisations move expertise’. According to this new model, a with business units to understand their applications, processing, and storage into the company could establish remote teams of high- business needs and advising how best to use Cloud, they can enhance the distribution of data value professional experts. These individuals technology to accomplish their objectives. and information as well - delivering data and could provide customer care services, applications to any connected device, whether it’s engineering expertise, radiological diagnostics, Conclusion a desktop, notebook, tablet, or smartphone. Users or other types of services using a mobile video- receive enriched, real-time information exactly conferencing application. While this is just Undoubtedly, Cloud computing is more when and where they need it. These new ways one operational model that might emerge, it than the driving force behind the next of interacting with information and services will illustrates the type of innovation that will be wave of technology innovation. The help improve decision-making and performance possible with the advancements in Cloud and business will be transformed by a secure at both the individual and organisational level. mobile technology. It highlights the level of flow of information within and around the services that can be obtained, the conveniences organisation, stimulated by enterprise Cloud The fully aware enterprise that can be created for business partners and applications and services that involve a customers, and the cost-control that can be broad range of information sources, access As organisations adopt the enterprise achieved - thus making great business sense in methods and end-points. It will impact Cloud and the new generation of enterprise the near future and the long run. operations, worker behaviour and the applications that it will facilitate, the company’s competitiveness. Recognising culture of the organisation will change. The Data storage and analysis will be easier that transforming an organisation into a organisation as a whole and the individuals business that uses and delivers information within it will become more aware of the The amount of data accumulated by businesses in fundamentally new ways is an ongoing business information the applications and the industry will continue to increase, as process. The process should become part of generate. They will have better capability to remote metering and other various mobile and the overall continuum of business, part of an act on that information in ways that benefit wireless enterprise applications push information organisation’s DNA, and should be pursued the organisation. These benefits will extend to the Cloud. Whether a company uses a private as a core competency. l
6 n Asia-Pacific II 2012 Cloud opportunities
From video-communication to machine-to-machine - Cloud turns to business by Karim Taga, managing partner and global practice leader, TIME, Arthur D. Little
ADL estimates that between ten to twenty per cent of the classic IT market will move to Cloud hosting within the next five to eight years. Additionally, new applications will emerge, due to the enhanced Cloud computing power and reach, superfast broadband and smart devices. Nearly all players can get involved, with the Cloud’s remarkably low entry barriers. The Go-to-Market strategies are split between IaaS, favoured by infrastructure owners, and SaaS, via the app stores models. The latter can be open OTT style or carefully crafted integrated portfolios of services. Either way, the Cloud environment will stimulate service innovations that exploit up-coming technologies with the Cloud’s universal, dynamic and widely distributed delivery capability.
Karim Taga is managing partner and global practice leader TIME (Telecommunications, Information Technology, Media and Electronics) of Arthur D. Little and is-based in the Vienna office. With 20 years’ experience in the industry, he has been in charge of more than 100 assignments in strategy, organization and technology for: fixed and broadband operators, content aggregators, media players and broadcasters, suppliers as well as supported investors in corporate finance, bid management and transaction support. His interests are primarily focused on three functional areas: business transformation, corporate finance and business planning, and the design of innovative business models.
Karim Taga received a Master of Science in 1989 from the Ecole Supérieure de l´Energie et des Matériaux, Orléans France with a master thesis accomplishment at the University of California Berkeley. After his studies he worked as a research assistant at the Vienna University of Technology. He received his PhD in 1992 followed by an MBA in International Business from the Webster University, St Louis Missouri USA, in 1993.
In recent years there has been much trillion dollars is on the move and Cloud is the classic IT market that we know today hype about Cloud computing. Now the ‘oiling’ the wheels of this system. (hardware, software and services) and this dust is settling and a second wave of equilibrium will take five to eight years to business development in Cloud-based Cloud market estimates vary widely from establish globally. services is apparent. For some Information one observer to another but what is clear is Communication Technology (ICT) providers, that a core component of initial Cloud market In parallel and somewhat lagging behind Cloud services are an intuitive growth value is classic IT replacement. Aspects of, the osmotic trend, there are a host of new opportunity. Yet for others, Cloud may hitherto own IT, are replaced with Cloud- services which will be enabled by the appear an all-too-easy way to lose share in based solutions. These are often in the form Cloud-based architecture. These services or established business. of Infrastructure-as-a-service (IaaS) (storage solutions will do something we have not done and servers) or applications with high or widely enjoyed before. These new services Dynamically provisioned and consumed common functionality, sold as Software- will evolve from the convergence that is ICT services built in a Cloud architecture as-a-service (SaaS) - such as business class taking place in all aspects of ICT, TV media, give rise to a vast range of revenue-earning email, collaboration solutions and CRM networks and the Internet. They will exploit opportunities. Previously well-defined (Customer Relationship Management). This smart mobile devices and location, and, most boundaries between software and hardware IT replacement will continue like osmosis usefully, they will exploit the context of the vendors and network providers, system until a new natural equilibrium is established user as understood by the end device - fixed integrators, etc., are blurring, while, at the between the organisations’ own IT (for or mobile. Combine this with computing same time, Over-The-Top (OTT) Internet necessarily individual solutions) and Cloud- power and application sophistication that players are now vying for these cherished based services (for the more generic tasks). were not practical or economic before in infrastructure-based business models. The Our estimate is that this equilibrium point a single tenanted situation, add superfast current global annual IT budget of circa 3.6 is between ten per cent and 20 per cent of always-on IP access, vast power and low unit
Asia-Pacific II 2012 n 7 Cloud opportunities
cost of centralised IT, and all of this together support, and constantly keep ICT spending by the famous Apple App Store and need with a wide array of payment models - and minimised by taking advantage of prevailing to be aware of the strong unifying element a powerful platform for innovative services best pricing. (the iPhone and later the iPad) that led emerges. Applications in the area of, for to its succes. The influence these strong example, mobile/remote worker are explored In terms of designing attractive product differentiating devices have on the app store today but we believe that we will see portfolios, there are wide spread opinions. success cannot be over-stated. significant extension of personal productivity However, two fundamental strategies to and personal enablement to new levels in the product portfolios tend to exist beneath all We started with how the Cloud markets are near future. these opinions: (i) infrastructure-based Cloud forming - initially from the osmotic shift services and (ii) non-network infrastructure- replacing some parts of classic IT and some Moving from the demand to the supply side - who based application stores. Both can be offered, low-hanging fruit of those most obvious has what opportunity in offering Cloud services? of course, but the difference is mainly in how of applications to run in a Cloud-based Essentially there are three clusters of providers: (i) the provider grows the portfolio - from what architecture. Looking forwards, there is a Over The Top (OTT) players (the list is endless); starting point and to what direction. pending change of gear on both fixed and (ii) the physical infrastructure providers - TelCos, mobile access networks (fibre and LTE CableCos, Utility and Municipality network Infrastructure-based strategies, offering respectfully), with continued evolution of operators, etc.; and (iii) the classic IT providers IaaS-dominated portfolios, clearly seek to computing power at both the core and the including hardware manufacturers, software utilise in-house assets and skills that service device ends. This technology evolution vendors, system integrators and IT services providers already have, for example data together with the Cloud environment inspires companies - of all sizes, from global power houses centres, and in the case of TelCos, the fixed those more imaginative companies that push to the one-person IT service provider. The incredible and mobile networks they have. Within the the boundaries of software applications into aspect of the Cloud is that all the technology is infrastructure-based category, we also see new functional areas. Consequently, Cloud- already here, available anywhere, and there are two sub-strategies. One sub-category is of based services will deliver a functionally no significant barriers or time delays for any of those who extend Cloud services to their own richer and more personalised array of these players. Winning growth or losing share is company first, exploiting it and learning what solutions - an array of capabilities that can be essentially a function of imagination, determination is usefully done on Cloud-based architecture ‘dialled up’ as and when needed. and smart and timely decision making! and what sounds nice but is not so practical in real life. The second sub-category is of We have seen experimental demonstrations In terms of driving Cloud solutions to market, those who go directly to the external market of image recognition fitted into sunglasses, many decisions on service portfolio and the with Cloud offerings, skipping the internal linked back to powerful centralised IT, Go-To-Market (GTM) model for these services experience-building time period. connecting to personal data (photos, images need to be made. For larger businesses there in social networks/networking sites, etc.). The are generally accepted and well-established Within the application store approach, application provides real-time audio feedback best practices. At the other end of the spectrum decisions have to be made to focus on a to the wearer of those glasses (via Bluetooth is the vast and dynamic consumer market smaller scope of more usefully integrated ear-piece). Imagine receiving information - currently being mostly served by free or applications or to rapidly build a large (name, current job, etc.) as you greet that freemium models (free entry with modest paid- inventory of applications with little or no familiar face you could not otherwise put a for enhancements) especially from the global application integration. Those ICT players name to... OTT Internet players. The consumer market who go for carefully crafted solutions with is a major battleground worth winning but has useful integration, devise their portfolio Another example of buying intelligence could the additional challenge of how to monetise through extensive market research, customer be the ‘Babel-fish’ application (reference from a free/freemium starting point that grew workshops and end-user evaluations, etc. Douglas Adams’ book The Hitchhikers Guide from the free Internet. The clear challenge here is being confident in to the Galaxy). In this globalising world building something that is broadly attractive where we need to meet, work and trade In between these two extremes lies the small for a wide customer base. with people from many places, it is valuable to medium-sized enterprise (SME) market. to have a ‘Babel-fish’ that enables you to For many ICT providers, the SME segment Those ICT players who go for large inventory converse with anyone in their language with has become a focus area for growth beyond of applications may have less exploitable ease. I know I would be prepared to pay for a their mature business markets. Interest in infrastructure or make a strategic decision ‘dial-up, real-time, two-way audio language SMEs is-based on a general assumption that SaaS and OTT are a better and quicker translator’. With advances in audio analytics, that SMEs have been under-served and left way to build high volumes. Here the goal is digital filtering, speech recognition, language to their own (entrepreneurial) endeavours an application platform, open to third party translators with context-building algorithms, to identify and deploy what they need for Independent Software Vendors (ISVs), with all the technology to do this is here today - their business. This assumption needs to the aim of building a convenient environment just no one has yet packaged it all together. be constantly challenged in anything an for their trade, albeit with the necessary Cloud-based architecture lends itself to deliver ICT provider plans to offer. It is the very revenue share models. Key to this approach is such services. After all, Google already gives word ‘entrepreneurial’ that challenges the rapid growth in terms of number of potential us the ability to read any web page in any assumption. If SMEs can be generalised at sales points and the speed at which a high language. It is only a matter of time before all, then it is their ability to focus on their volume of diverse solutions from ISVs joins someone masters the same with the spoken core business. They only spend on essential the platform; that is, the rate of building language! TelCos gave us the ability to talk ICT, which they generally sort out by the partner’s ecosystem. Followers of this with someone, anywhere - who will give us the themselves or with the help of some local IT approach are almost certainly influenced ability to talk to anyone, everywhere? l
8 n Asia-Pacific II 2012
Cloud opportunities
Enterprise adoption of Cloud computing: the next five years for IT by Bernard Golden, CEO, HyperStratus
While IT departments hold back, many business units move to Cloud computing aggressively, drawn by low cost and capacity elasticity. Like PCs and web content, Cloud has to transition from business-led to central IT management. This requires fundamental changes, not just in the technology but also in re-skilling, resource planning and financing priorities. With Cloud, IT will finally get a place ‘at the table’, but only if it develops deep partnerships with the business units. The organisation must be prepared for variable demand patterns that often occur with innovation, and Cloud computing is both the answer and the catalyst for it. Cloud computing may be the beginning of the true growth phase for IT that transforms traditional, inefficient manual operation into a cost-effective information machine.
Bernard Golden has been called a ‘Cloud guru’ and a ‘Cloud computing rockstar’. He is the CEO of HyperStratus, a Silicon Valley Cloud computing consultancy which works with clients in the US and throughout the world. The firm’s clients include Korea Telecom, Chunghwa Telecom, Pepsi, and BMC Software. HyperStratus provides Cloud computing services in the areas of application security, system architecture and design, TCO analysis, and project implementation.
Mr Golden is the Cloud computing advisor for CIO Magazine. His blog has been called ‘brilliant and incisive’ and is read by tens of thousands of people each month. His blog was named ‘Top 50 Cloud Computing Blog’ by Sys-Con Media, a ‘20 Most Important Cloud Blog’ by AlwaysOn Media, and, in a recent poll by AppDynamics, it was cited as the third most influential Cloud computing blog. In a recent study, he was described as a Top 100 ‘Most Powerful Voice’ in security. His writings on Cloud computing have also been published by the New York Times and the Harvard Business Review.
Bernard Golden is the author or co-author of four books on virtualization and Cloud computing. He is a frequent speaker on Cloud computing. He regularly presents topics on the following Cloud computing topics: strategy; Cloud provider selection; application design; security; ROI and TCO economics; and workforce effects. He has keynoted Cloud computing conferences in the United States, Singapore, Seoul, Taipei, and Moscow.
By now it’s clear that Cloud computing adopting Cloud computing quite rapidly, decision-maker and adoption driver of is gaining enormous momentum. Every unhindered by past decisions or investments. Cloud computing. This makes sense. enterprise is developing a Cloud computing Other business-led initiatives, such as strategy,-based on the clear expectation The inconsistent adoption patterns is not personal computers or the initial adoption that Cloud computing represents the IT confined to geographical regions, however, of content delivery via the web, eventually platform of the future. The pattern of or even within specific industries. We often transitioned from business units to central adoption is different throughout the world, find that individual companies have different IT. This transition process is always driven however. While the North American market adoption across divisions or among different by the desire to implement consistent is the best-established user base of Cloud functional organisational units. In particular, processes, efficient management-based computing, other global regions are emerging it is often the case that individual business on standardization and specialisation by as rapid adopters. This is driven, in part, by units have moved to Cloud computing functional organisational unit. Business units the paradox that existing investments in enthusiastically, drawn by its low cost and recognise their desire to focus on germane traditional data centres hampers enterprises easy availability, while central IT groups business requirements and, at the same time, in the North American markets from have hung back, preferring to concentrate on illuminate the need to provide technical aggressively embracing Cloud computing. a viable long-term solution that aligns with expertise or support. In other regions, particularly in emerging existing products and processes. economies within Asia, South America, and In short, while there can be no doubt that the Middle East, where there has been less There can be little doubt, however, that Cloud computing will, over the next five IT investment in the past, enterprises are ultimately central IT will be the primary years, become the dominant mode of
10 n Asia-Pacific II 2012 Cloud opportunities
providing enterprise data services, it will be 3. Skill building units and mutually plan business offerings central IT groups that eventually take on the that offer customers rich data and desirable responsibility of managing and operating Closely associated with the need to develop functionality as a complement to the base those services. Given that, what are the things and implement new application architectures service or product that is purchased. In a we should expect to see in IT organisations as is the fact that IT personnel will need new world of commodity IT resource availability, they take on that responsibility? Here are five skills to achieve their new objectives. It’s what IT can bring to the table is deep key action items that enterprise IT groups will a mistake to think that the only employees contextual knowledge and intimate working need to address as they accept the charter of who need skill development are software relationships. Using those as the foundation ‘making Cloud computing happen’: engineers. New skills will be required for mutual initiatives will be a pre-requisite throughout the IT organisation. Other groups for the future role of IT. 1. Greenfield application architectures that will need skill development are: 5. Managing explosive growth Many IT organisations eagerly covet • IT operations: Operating rapidly flexible application characteristics like scalability application topologies in a shared resource One thing humans are very bad at is and elasticity. The vision that applications pool is quite different than administering foreseeing the implications of innovation. can grow and shrink automatically in static application topologies on dedicated Many IT organisations assume that Cloud response to changing conditions like servers. Operations personnel will need computing will just speed up resource user numbers, traffic, or heavy batch significant skill development regarding availability at a lower cost, but will leave processing is tantalizing, indeed. What automation, dynamic resource configuration, demand patterns unchanged. The history of these organisations inevitably confront and capacity planning. innovation indicates otherwise. Every other is the recognition that achieving these • Finance: Most IT finance groups follow innovation that made a product or service application characteristics requires new processes appropriate to a static, dedicated easier to access and cheaper to buy has application architectures. By contrast, resource infrastructure. Moving to a dynamic resulted in explosive growth. Therefore, the established application architectures assume environment that charges according to fine- biggest challenge of all that IT organisations a static environment and require manual grained resource use (e.g. cents per server- will face regarding Cloud computing is how operations work to expand, shrink, or hour) is a significant disruption to IT finance. to respond to enormous success. All things modify the application topology. Retro- Most finance groups will realise the need to considered, this is the right kind of problem fitting Cloud computing characteristics upgrade their skills and become more like a to have, but one should not trivialise the fact into existing applications is neither commercial sales organisation, capable of that it is a problem nonetheless. easy nor cheap. Consequently, most IT providing immediate pricing, responding to organisations will focus on new applications changing market conditions, and delivering Managing exponential growth when when implementing Cloud application real-time analytics of use and cost patterns. assumptions and processes are scoped at linear architectures. This is consistent with every • Customer service personnel: Most IT rates along the lines of ten per cent per annum IT innovation - the innovation is typically interaction with user organisations within the can be daunting, indeed. Unlike many in the applied to new projects-based on the need to company has been transactional and quota industry, I predict overall IT employment will avoid disruption or incremental investment imposing - in other words, in a resource- skyrocket as Cloud computing becomes more in existing applications. constrained, quasi-monopoly environment IT widely adopted. Far from Cloud computing tried to reduce demand and didn’t have to do representing the end of IT organisations, we 2. Legacy decisions much relationship management. In the new will someday see Cloud computing as the world, where external Cloud resources are beginning of the true growth phase for IT. I This is not to say, however, that Cloud easily available, IT will need to sharpen its always encourage senior IT management that computing will not impact the legacy relationship skills and implement what is in I interact with to evaluate what they would portions of an IT organisation. Another effect product management. Look for a whole have to do if demand doubled year-over-year widely touted benefit of Cloud computing new type of personnel to join IT to avoid for five or ten years. What kinds of systems is its ability to reduce costs. Leaving legacy ‘shadow IT’ efforts by external business units and personnel would need to be available? applications and infrastructure unchanged (see next item for further discussion). What kinds of vendor relationships and service implies carrying forward a legacy cost partnerships could help in that environment? structure as well. Longer-term, it’s unlikely 4. IT gets a ‘seat at the table’ that most IT organisations will be able Conclusion to continue devoting 80 per cent of their For years, IT groups have longed for a ‘seat yearly budget to operating high-cost legacy at the table’, recognising that in an IT-as-cost- Adopting Cloud computing represents, to my applications. There will be significant centre world they were always going to be mind, the maturing of IT. IT is evolving from pressure to identify better solutions for excluded from important business decisions. an inefficient, error-prone, manual operation existing applications. These may take the Typical advice to CIOs ran along the lines to an automated, cost-effective information form of re-architecting them or migrating of ‘learn to speak the language of business’. factory environment. Every transition is to SaaS alternatives. One can expect that The good news is, with Cloud computing, IT difficult - witness the travails of adolescents the relationship of legacy applications is implementing customer-facing, revenue- becoming adults - and Cloud computing and Cloud computing will become more generating applications. The bad news is will be no different. The long-term benefits important once most IT organisations have that, in that position, it’s not nearly enough of Cloud computing will be well worth the set their long-term direction regarding to use the right words at the ‘table’ - actions struggle, as IT finally fulfils its promise and Cloud choice. speak louder than words. IT is going to have companies finally find IT a sturdy partner to develop deep partnerships with business rather than a burdensome fellow traveller. l
Asia-Pacific II 2012 n 11 Cloud opportunities
Shore to shore: IT, the fifth utility by Jim Fagan, VP and managing director, Rackspace Asia-Pacific
Cloud computing provides more than managed services, it brings new business environment where entrepreneurship can flourish. It dramatically lowers the entry barrier for start-up businesses or for business expansion. It allows building proof of concept to show potential investors a live version of the new business model. It allows innovators to focus on their products and marketing. This new ‘Cloud Economics’ considerably lowers the opportunity costs, shifts financing from CAPEX to OPEX and provides capacious headroom and flexible scalability at minimal cost, on a per use fee.
Jim Fagan, VP and managing director for Rackspace Asia-Pacific, oversees Rackspace Hosting and Fanatical Support in the APAC while managing sales, marketing, channel and data centre operations. Jim Fagan has spearheaded the company’s expansion since 2008 (when Rackspace first entered Asia), and his commitment to industry-leading SLAs, new partnerships and achieving unparalleled customer experience have helped Rackspace become a popular and well-regarded leader in the region. He joined Rackspace in July 2006 as the director of financial operations where he built an organisation of financial professionals and assisted the company with its rapid growth as well as its IPO on the New York Stock Exchange.
Prior to joining Rackspace, Jim Fagan served as finance controller for Dell’s Managed Service business and was responsible for the financial management and pricing structure of Dell’s newly formed services division. He spent nine years at Dell, primarily providing finance planning, pricing and operational finance support to Dell’s global Fortune 500 business. He brings more than 13 years of financial and operational IT product and service industry experience.
Jim Fagan holds a BS in Finance from Villanova University as well as an MBA from Arizona State University’s WP Carey School of Business. He was a Division I competitive swimmer and team captain of the Villanova University Big East Conference Champion men’s swim team.
From time to time, when I’m sitting in circumstance, no matter where they Delete wasn’t enough. Thankfully, IT an aeroplane, I think about the movie are sitting, they can build an empire or is no longer about the office IT guy. IT “Up in the Air”. I’m not thinking about change the world. What I’m truly proud has grown-up, left the back rooms and how the main character feels most of is that I work in an industry that became something that is part of our comfortable jetting from city to city, or offers anyone, no matter their station, daily lives. IT is now about us. how he’s racking up millions of frequent the ability to better their lives and the flier air-miles, or how he has the awful lives of others. From our private email accounts to the task of firing good people on the ground. websites we surf, to the connectivity we No, from time to time, I’m thinking of a You see, I work for an IT company during crave, to the apps we download, IT is certain scene where the lead, played by a time where IT is no longer about the now an in-demand commodity - much actor George Clooney, informs a person office IT guy. You remember the office like the water we drink, the electricity he’s just sacked that “anybody who ever IT guy, the colleague cast to the Siberia and gas we consume, and the telephones built an empire or changed the world of your office, left alone in an air- we dial. Thanks to the phenomenon sat where you are now”. Some people conditioned, server-filled room situated known as Cloud computing, IT has might find that line glib or offensive, near the company toilet. Yup, that IT arrived, and opened its arms to everyone and I can understand that, but I’m taken guy, the person we’d beckon when our around the planet. with the idea that no matter a person’s computers crashed and Control-Alt-
12 n Asia-Pacific II 2012 Cloud opportunities
Cloud computing is an IT innovation that Today, it’s different. Entrepreneurs are are gone. Now, you’re just paying for a forgets no one. It pools together all IT having a field day. They can go out and per use fee. Whether you’re a professional resources (applications, platforms, and put their dream on a Cloud server for a in Sydney, an artist in Hong Kong or a IT infrastructure), places them on shared few 100 bucks. Now, they already have dreamer in Singapore, you don’t have to servers and gives any user access to all your proof of concept out and, with that, wait. Your time is now. Thanks to IT and of it online. Cloud offers ease, scalability you can show people a live version of Cloud Economics, no matter where you’re and pennies-on-the-dollar affordability. your business model that’s already out sitting or how you got there, you can build One example of Cloud computing is in the marketplace with features and an empire, change the world - or better your free email account, which is stored functionality. When start-ups ask for still, do both. l on a shared server and retrieved over the money, it’s no longer focused on IT. The Internet. With Cloud, IT is now easily conversation has changed to marketing consumable, low cost and available to all, potential, possible partnership deals and making it truly the fifth utility. other business opportunities. If you’re a private investor, a venture capitalist Around APAC, Cloud has already or a bank, that changes the discussion. created opportunities for a new class of Sinking half a million dollars into IT entrepreneurs and start-ups. For example, infrastructure that doesn’t differentiate if you want to open five shops in one your investment, that just gets a business APAC country, you no longer have to up-and-running, that’s scary. buy multiple servers and pay a system administrator to fix any problems. Accordingly, over the past few years, the Instead you can sign up with a Cloud traditional business economic model is Connect-World now on provider, spin up a server quickly and changing into one-based on Cloud. Many Facebook & Twitter begin your IT journey. You could even industry leaders call it ‘Cloud Economics’ save more costs by deciding to sell your - and here’s all you need to know: merchandise solely online. Connect-World, the world’s 1. Cloud is lowering opportunity costs foremost discussion forum for Cloud spawns a brave new world of and making businesses more efficient. It’s leaders in the ICT industry, is now entrepreneurship - with no prohibitions critical to have a website up, to have a available on Facebook and Twitter. attached. Local companies have blossomed site that runs well, and to have a site that online without having to pay tens of can scale. IT is a commodity, and while The world’s top ICT decision- thousands of dollars for servers and you’re not going to get a competitive makers express their opinions in expensive bandwidth costs. By sharing advantage with the technology it’s a must Connect-World. They use clear, servers, these new companies pay only for do, it’s a cost for entry that must be as non-technical, English to discuss what they use and do so with international low as possible. bandwidth and easy scalability. They’re how ICT helps shape regional carving out a name for themselves - both 2. Cloud is shifting all business models and global development. The at home and abroad. from capital expenditures to operating articles essentially examine the ones. With little IT costs, there’s extra influence that ICT products and That’s great, but what about folks looking flexibility in any business model and services have on the way people to expand start-ups and needing more additional cash to spend. live and do business. With money to grow their enterprise? Well, separate editions for each of Cloud helps here, too. Businesspeople 3. Cloud has allowed businesses to drop the world’s regions, the reports wishing to create empires have great all worries about spikes in online traffic. highlight the most important ICT courage and they’re chasing their ideas, For years, this was a major headache from but they undoubtedly need cash. It a budgeting perspective as businesses trends and issues influencing doesn’t have to be much, but they need didn’t know how many servers were socio-economic growth. it. Five to ten years ago, visionaries needed for operation. The dilemma was had to have even more cash because whether to spend millions of dollars on Connect-World is now available creating a company’s IT framework hardware that may not fully be used or to to follow on Twitter (http://twitter. was outrageously expensive. You had worry about spending too little and deal com/#!/ConnectWorldICT) and to buy servers yourself, create big with outages. Now, extra Cloud servers Facebook http://www.facebook. physical infrastructures or a collocated can be used on demand at little cost. com/connectworld.ict environment with a big upfront cost. So, not only were you selling it to investors By living and practising Cloud Economics, or asking the bank to loan you money, you have a roadmap to creating, expanding Also, it is still possible, for FREE, saying, “Hey, this can work - I can make and improving your business. Right off to directly access all past and money; it’s great”, you were also sitting the bat, you’re saving 30 to 70 per cent of present Connect-World articles, there thinking, “I need a half million your IT costs, and shifting those funds to ICT Industry press releases, dollars in IT infrastructure costs to even new equipment, salaries, administrative eLetters, ICT News and more at show you that this can work”. costs, what have you. With Cloud www.connect-world.com. Economics, many of your fixed IT costs
Asia-Pacific II 2012 n 13 SEE YOU IN DUBAI 20
ITU TELECOM WORLD 2012 Dubai, UAE, 14-18 October YOUR OPPORTUNITY TO CONNECT, Drawing on ITU Telecom’s unique cross-sector COLLABORATE AND CREATE CHANGE. reach, World 2012 is where the international ICT community meets to debate, share 1 2knowledge, network and seek real-life solutions to real-world challenges - creating change for the betterment of global citizens everywhere. world2012.itu.int Cloud security
Spear phishing in the Cloud by GOH Hock Beng, vice president, Channel Sales Asia, TrustSphere
The high potential of the Cloud is marred by the prospects of cyber-crime-made-easy. Phishing is perpetrated by masquerading as a trustworthy entity via emails that request sensitive, valuable information, later used for fraud. While mass-email phishing can be easily ‘unmasked’, ‘spear phishing’ is harder to recognise. This is individual targeted attacks on chosen victims, using social engineering techniques to build highly credible and relevant emails. It may take just one employee slipping up to let in the scammers, as happened at SecureID, and can result in large losses, for example US$8 million fraud at the Vogue publishers. Advanced techniques to authenticate incoming emails must be deployed and constantly updated as both users and cyber-criminals are getting more sophisticated.
GOH Hock Beng is vice president, Channel Sales Asia in TrustSphere. Mr Beng brings over 15 years of experience in Information Technology management in the private sector and Asian government roles.
Prior to joining TrustSphere, Mr Beng served as the sales lead for Oracle Singapore, where he was responsible for the first deployed SOA suite in Southeast Asia markets.
Mr Beng’s experience includes serving as client director for Singapore Computer Systems, where he oversaw the successful deployment of several national database systems for the Singapore government, and served as CSC Singapore’s principal consultant for Homeland Defense.
It seems that everyone is buzzing about A recent series of high-profile spear Consequences for National Security, a must- ‘The Cloud’. If the hype is to be believed - phishing attacks originated last year in the have report for the criminals’ intended targets. and there is no reason not to - it represents a city of Jinan in Eastern China, which is Not only did the email appear legitimate tremendous business opportunity valued in the quickly becoming ground zero for Chinese and not only was it sent to people who tens of billions of dollars, and the promise of cyber-attacks. The targets of these attacks might actually want such a report, the cyber- changing IT dramatically. However, despite have included Chinese activists, Tibetan criminals were smart enough to use the name the enormous positive potential of the Cloud, independence groups and senior officials in of a real report published by the Center for a it does have a possibly serious downside: the South Korean and US governments. New American Security, a well-known and cyber-crime. In particular, the threat of spear respected US think tank. While the damage phishing looms large. In each case, the method of attack has been of compromised email accounts could be the same: the target receives a legitimate- substantial, no official figures or estimates Specifically, spear phishers have taken looking email offering a free report relevant have been published yet for this attack. advantage of the impeccable reputations to the recipient. All the recipients have to do However, we don’t have to look too far to see of companies like Google to stage their to get the report is fill out a standard-looking the impact of spear phishing. attacks. For instance, criminals have used subscription form - and include their Gmail Google Docs, the company’s Cloud-based login details. With the login details in hand, By the time Quad/Graphics approached collaboration service, to give their attacks the cyber-criminals have access to their Condé Nast, for payment in December 2010, the appearance of authenticity they need to victim’s email accounts. the media giant (publishers of Vogue, Golf dupe victims into opening a malware-laden Digest, GQ, Vanity Fair, The New Yorker, document. Spear phishing is a very real threat A recent attack launched from targeted US Wired, etc.) had already paid nearly US$8 with very real and serious consequences for government and military officials with an million into the account of a spear phisher. businesses, governments and even non-profit email offering a free copy of Blinded: The The company’s accounts payable department organisations the world over. Decline of U.S. Monitoring Capabilities and its had received a single email claiming to be
Asia-Pacific II 2012 n 15 Cloud security
from Quad/Graphics, a company that prints the disclosure of commercially sensitive of incoming email can protect against even Condé Nast’s magazines, instructing them to information, manipulation of stock prices, the highly targeted emails crafted by spear send payments to a bank account specified corporate or national espionage, or gaining phishing scammers. in the email, accompanied by an electronic access to secured systems. payment authorisation form. Once the form Clearly The Cloud is still in its infancy and was authorised, Condé Nast effectively gave As the email messages required for security issues are bound to be discovered permission for their bank, JP Morgan Chase, conventional phishing attacks are sent and exploited by cyber-criminals, but as to deposit funds in the account - which turned unsolicited and in bulk, conventional spam the technology matures, these gaps should out to be fake. detection techniques can be used to identify be closed. However, it is necessary to note them relatively successfully. Spear phishing that despite on-going advances in security, The increasing use of email for the attacks, however, are more carefully IT organisations and even individuals must transmission of valuable information and crafted: the attacker studies an individual remain ever-vigilant as spear phishers and the prevalence of online financial and other victim - usually an executive in a large other cyber-criminals will always look for transactions has seen a corresponding organisation or government department - new avenues of attack. l increase in cyber-crimes. As more secure and builds an email message specific to that means of communication are devised, and as victim using social engineering techniques. users become savvier, the criminal element The spear phishing email typically appears has had to develop more sophisticated to be from someone known to the victim deceptions in order to perpetrate online crime. and on a topic that the person and the victim are likely to discuss. Phishing, a way of attempting to acquire sensitive information by masquerading The highly specific nature of the spear as a trustworthy entity in an electronic phishing email makes it particularly difficult Connect-World now on communication, is an often-used technique. to detect. The key to identifying spear phishing Facebook & Twitter Conventional phishing attacks typically attacks is to increase the ability of individuals involve sending messages that purport to be at risk to recognise a potentially fraudulent Connect-World, the world’s from reputable institutions or government email. Training everyone in an organisation foremost discussion forum for departments to a large number of people in to check every incoming email individually leaders in the ICT industry, is now order to fool them into clicking on fraudulent is a resource-intensive and time-consuming available on Facebook and Twitter. links. These links lead to websites that look task. Even so, the risk of even one employee legitimate (e.g. bank or credit card sites) slipping up is significant and can have but are instead designed to harvest the disastrous consequences for the company. The world’s top ICT decision- information (user IDs, credit card numbers, makers express their opinions in passwords, etc.) that is entered into them, or Users need technology that can clearly Connect-World. They use clear, install malware on the unsuspecting user’s identify known, trusted email senders that non-technical, English to discuss computer. Criminals use this technique to combine authentication and reputation how ICT helps shape regional collect credentials which can be used for a technologies to determine if the sender of an and global development. The variety of purposes, notably identity theft or email is legitimate. This information can be articles essentially examine the transferring modest amounts of money out of used by the email client to highlight known influence that ICT products and accounts held by the victims. verified correspondents, perhaps through colour (marking the message in green) or services have on the way people Spear phishing is a more targeted form of with some sort of trust mark displayed against live and do business. With phishing, which refers to targeted attacks on the message. separate editions for each of specific individuals in an organisation designed the world’s regions, the reports to steal valuable data. Recent high-profile If the email purporting to be from Quad/ highlight the most important ICT breaches in several listed corporations and Graphics had not been marked as recognised, trends and issues influencing government departments have caused growing staff in Condé Nast’s accounts payable socio-economic growth. concerns about the use of fraudulent email department would have been alerted to its as part of targeted attacks. RSA, a division suspicious nature, and could perhaps have Connect-World is now available of EMC Corp. and one of the world’s pre- verified its authenticity through a phone call eminent security and encryption companies, or other means - and would likely have saved to follow on Twitter (http://twitter. was hacked in March 2011, rendering many the company millions of dollars. com/#!/ConnectWorldICT) and of its popular SecurID tags rather less secure. Facebook http://www.facebook. Attackers simply sent emails with the subject The application of identity verification com/connectworld.ict line ‘2011 Recruitment Plans’ to selected RSA technology to email would go a long way employees. One of the targeted employees towards mitigating the spear phishing Also, it is still possible, for FREE, opened the Excel file attached to the email problem. Senior executives or staff in to directly access all past and setting loose a program that let the attacker sensitive areas (IT or security, for example) present Connect-World articles, control the employee’s PC. could be trained to treat with caution a ICT Industry press releases, regular correspondent’s email which suddenly In general, spear phishing attacks aim ceases to be marked as recognised. Using eLetters, ICT News and more at to achieve high-value outcomes such as advanced techniques to verify the authenticity www.connect-world.com.
16 n Asia-Pacific II 2012 Cloud security
Who owns security in the Cloud? by Jim Reavis, founder and executive director, Cloud Security Alliance and Dave Asprey, vice president of Cloud Security, Trend Micro
In the case of public Cloud, enterprise security perimeter simply doesn’t exist. One option is to extend the perimeter into the Cloud. This allows using existing management tools, but the link with the Cloud must be closely monitored. The second option is to extend the Cloud into the enterprise perimeter by installing security servers within the enterprise, which are managed by Managed Security Service Providers (MSSPs). They must be highly trusted, since they are given full access to the enterprise internal systems. In both cases the enterprise must still protect its data by all the available security tools. IT managers should demand visibility of data access logs and seek to establish better access control. It is important to use encryption for data ‘at rest’ as well as ‘in motion’, and negotiate strict SLAs with standard compliance.
Jim Reavis is founder and executive director of the Cloud security Alliance. He is also the president of Reavis Consulting Group, LLC, where he advises security companies, large enterprises and other organisations on the implications of new trends such as Cloud. He is also a partner with the MetroSITE Group. Previously, he has been a board member and an executive director of the ISSA, a global not-for-profit association of information security professionals. He was also a co-founder of the Alliance for Enterprise Security Risk Management, a partnership between the ISSA, ISACA and ASIS that was formed to address enterprise risk issues associated with the convergence of logical and traditional security.
Jim Reavis is widely quoted in the press and has worked with hundreds of corporations on their information security strategy and technology roadmap. His innovative thinking about emerging security trends has been published and presented widely throughout the industry. He was recently named as one of the top ten Cloud computing leaders by SearchCloudComputing.com. He has a background in networking technologies, marketing, product management and systems integration. He received a BA in Business Administration/ Computer Science from Western Washington University in 1987 and serves on WWU’s alumni board.
Dave Asprey is vice president of Cloud security in Trend Micro. He is responsible for thought leadership and technology evangelism for Trend Micro’s Cloud computing and virtualization businesses. He created and launched two early Cloud computing service offerings. His writing on the Cloud has been published by the New York Times, GigaOm, Fortune and CNNmoney. PriceWaterhouseCoopers published his book-length piece on systems management. He co-chairs the Cloud security Alliance Virtualization Working Group and sits on RSA China’s Program Committee. He is a sought-after speaker and panel moderator who has presented at more than 100 Cloud, virtualization, and security conferences globally.
Mr Asprey joined Trend Micro after spending most of 2010 as an Entrepreneur in Residence at venture capital firm Trinity Ventures, co-founding a Cloud startup and selling a web-based virtual desktop startup. He was previously VP of Technology and VP of Business & Corporate Development at Blue Coat Systems. He spent two years as VP Technology & Marketing at Cloud networking vendor Zeus Technologies. Earlier, he ran strategic planning for Citrix’s Virtualization Business Unit and began his career in the Cloud as a co- founder of the professional services group at Exodus Communications, then as senior director of product management at Speedera, now part of Akamai. He also ran the Web & Internet Systems Engineering Program for UC Santa Cruz for five years.
I. Who owns security in the Cloud? and potential areas of data security risk. Here we provision of resources also allows firms to scale attempt to address these issues in the context of the dynamically, vastly improving business agility. Cloud computing is the technology buzzword Infrastructure as a Service (IaaS) - that which allows On the private Cloud front, it is all about increased of the moment. The provision of on-demand IT IT managers to rent networking, storage, servers and flexibility and responsiveness to internal customers’ software and infrastructure services via the Internet other operational elements. It also offers enterprises needs. With these kinds of benefits it’s unsurprising can provide IT teams with unparalleled benefits in greater autonomy to put more security controls in to see such interest in the new computing paradigm. efficiencies, cost savings and scalability. However, place than in other models, such as SaaS. A poll from security body ISACA (March 2010) with these game-changing benefits come a whole found that a third of European organisations are new set of challenges which invalidate most II. Why the Cloud? already using Cloud computing systems, while traditional approaches to security. While the Cloud global consultancy Accenture revealed (July 2010) offers a vision of simplified, pay-per-use IT, in On the public Cloud side it comes down to scaling that half of its clients are running some mission- which much of the heavy lifting is outsourced, it also and the ability to use OPEX (Operating Expense) critical applications (apps) in the Cloud. introduces numerous new compliance headaches instead of CAPEX (Capital Expense). On-demand
Asia-Pacific II 2012 n 17 Cloud security
III. Perimeter security isn’t dead - two a competitor’s data. Some public Cloud providers Prevention System), DLP (Data Loss Prevention) approaches to securing the Cloud simply aren’t as transparent as they should be. As a tools, bi-directional firewall, and encryption. starting point, if you’re putting mission-critical data Much has been made of the fact that when it comes into the Cloud you need to look for strict adherence You could run into problems on the network to the public Cloud model, the traditional enterprise to security best practices, like ISO 27001 and SAS70 security front in the Cloud environment, as few security perimeter simply doesn’t exist anymore. II, and rigorously examine your provider’s SLAs public Cloud providers are likely to allow you to Firewalls and other standard security functionality (Service Level Agreements) and security policy. monitor network traffic as closely as you’d like. can’t extend to the Cloud and instead firms have to This may rule out the Cloud from a compliance rely on the basic level of perimeter protection offered Another risk is that most Cloud providers are point of view, so it’s vital you find out how much by their Cloud provider. From another perspective, the likely only to reimburse in the case of a breach network monitoring and access your provider will perimeter-based security model has become a useful up to the cost of the service they provide, even allow. Encryption of data ‘at rest’ (stored) and in part of the security architecture, but not the only part. if it was their fault. A data breach which leads to transit (transmitted) becomes extremely important When dealing with the Cloud, enterprises still have untold reputational damage, fines and financial because of the lack of visibility into network traffic the notion of a perimeter. The choice is whether they loss will have to be absorbed by the customer. and your provider’s admin access logs. extend that perimeter into the Cloud or extend their Cloud inside their perimeter, or both. In either case, Extending the Cloud into the enterprise Many Cloud providers also offer a worrying lack of role- additional security layers are necessary. However, based access controls at an admin level. In the private both scenarios have similar drawbacks concerning This scenario allows the Cloud to effectively Cloud, ownership of security by the IT department is the potential lack of visibility and control. CISOs extend inside the enterprise perimeter, and involves being challenged thanks to the speed at which servers (Chief Information Security Officers) must be vigilant, agreeing to an IaaS public Cloud provider or Cloud- can be created. All the business needs today is to know conduct due diligence and be aware of the risks based MSSP (Managed Security Service Provider) it can cover the cost of a licence, and in a private Cloud involved. installing a Cloud node on site. The benefit of this environment a business unit could have a server up set-up is that it is a relatively well understood model. and running in one or two days, rather than six weeks. Extending enterprise perimeter to the Cloud MSSPs such as Integralis have been providing However, each request for a new server has to be properly remote firewall management services ‘from the managed because the security risks will increase as the This scenario involves setting up an IPSec (IP Security Cloud’ for years. Other examples include the Trend number of boxes to manage increases. It’s important that protocol) VPN (Virtual Private Network) tunnel to Micro Smart Protection Network, which links IT managers put in place a central authorising process your public Cloud provider’s servers, and putting security servers inside an enterprise network to a which ensures any requests must pass through IT first. enterprise-grade security on the public Cloud server, security network of thousands of servers in the Cloud. usually in the form of security software and virtual V. Call to action appliances. The benefit of this set-up is that you won’t However, for all the simplicity of having one of these have to reconfigure Active Directory and most other boxes located in the data centre or branch office and Enterprises: existing management tools should work with your managed or updated centrally by the Cloud provider, - Encrypt data at rest and in motion and be Cloud set-up, as your Cloud severs are effectively the main disadvantage is that it is still essentially careful to store encryption keys in a location inside your ‘perimeter’. On the disadvantage side, a Cloud service and as such could present the IT separate from the data, that is, not where they depending on how well you secured your Cloud manager with many of the same risks of the first set- are easily accessible to the Cloud provider. server, you may have introduced the risks associated up. This includes risks presented by lack of visibility - Deploy every security tool you deploy with the Cloud to your architecture, as outlined below. into physical and/or admin access logs. Liability for on your physical servers in the Cloud as well To help mitigate these risks, it is important that the negligence leading to loss of mission-critical data will because all the Cloud providers will give link between Cloud and internal server is monitored still only go as far as reimbursement for the cost of the you is a naked OS without adequate security. for suspicious traffic. Another option is to add an service. Although can be turned on and off, when the Cloud providers: extra DMZ (Data Management Zone) and firewall, Cloud extending to the enterprise is ‘on’ - the Cloud - Be more open and transparent about security although that creates another perimeter that needs provider is given full access to your network and to the policies and procedures around access controls and securing. application data, so the Cloud provider must be trusted. network traffic. Customers need to know who did what If that provider is focused on security and is transparent and when, and they need to be allowed to see the logs. Many firms forget or ignore this step in their rush to with its SLAs, this should be less worrying. - Clarify SLAs so customers are clear what the Cloud, especially those in smaller organizations security features you offer and what they will without the time and IT resources to architect in these It’s about differentiating between ‘good enough’ need to do to ensure their data is secured to safety barriers. It’s also essential to put enough security security and ‘optimal’ security. A Cloud-based their own and their regulators’ standards. on those Cloud servers so you can trust them, to protect email service set up in your perimeter by a them from malicious attacks etc. CIOs must be aware managed security service provider, for example, Private Cloud environments: that their Cloud servers will be subject to different is likely to be more trustworthy than one - Create a central authorisation process, if there threats from those that threaten internal systems. A provided by a typical public Cloud vendor. is not one there already, for all new Cloud server major concern is that firms are not likely to be given requests from the business. You need to know why their Cloud provider’s physical or admin access logs. IV. Who owns security in the Cloud and they need a server, what will be running on the How will they know if an IT admin working for their where are the gaps? server, how long it will exist and how much traffic Cloud provider has accessed their data? This lack of will flow through it. You also need to have regular visibility in the Cloud should necessitate widespread The unpalatable truth here is that if you’re looking check-ups on these requirements. adoption of data encryption as standard. for help from the Cloud provider you’re likely to be - Be prepared....IT is being forced to accelerate the disappointed. You should secure your Cloud servers speed at which it works. For the good of the business, Shared storage also presents an area of risk to firms as you secure your internal servers. This includes: you must be prepared to support these requirements in anxious that their data is not safe if stored alongside IDS (Intrusion Detection System), IPS (Intrusion a timely manner without compromising the security. l
18 n Asia-Pacific II 2012 Cloud security
Data breach and risk in the Cloud - the legal response by Thomas J. Shaw, Esq, attorney at law, and CEO, CloudRisk Asia
With increasing likelihood of a serious data security breach, enterprises moving to the Cloud need to consider their responses - technical response with data recovery; response to business and reputation damage-limitation; and legal responses. Organisations whose systems are breached must notify customers when ‘real risk of harm is reasonably foreseeable’. Data breaches notifications are prescribed by regulations or guidelines in most Asia-Pacific (APAC) countries. These regulations specify who should notify whom, in what circumstances, what was breached, whose data was breached, etc. Enterprises should prepare for such eventuality, assess the risk and manage them continually.
Thomas J. Shaw, Esq. is an attorney at law, CPA, CRISC, CIP, CIPP, CISM, ERMP, CISA, CGEIT and CCSK. He is-based in Asia and works with organisations globally on data privacy, information security, e-discovery/litigation readiness, Cloud computing, social networking, e-commerce, intellectual property, transactional law, compliance, information governance, outsourcing and technology risk assessment. He speaks and writes frequently on information and Internet law and technology.
Mr Shaw is the author of several books. In 2012: Children and the Internet - A Global Guide for Lawyers and Parents; in 2011: Cloud Computing for Lawyers and Executives - A Global Approach; and in 2011: Information Security and Privacy - A Practical Guide for Global Executives, Lawyers and Technologists. He is editor/frequent author of the American Bar Association publications covering the latest developments in technology and law: the Information Security and Privacy News and the E-Discovery and Digital Evidence Journal.
Mr Shaw runs CloudRisk Asia, which provides risk assessment to corporations and their Cloud service providers. He develops and delivers Cloud computing risk workshops.
There is growing excitement about the benefits control. It is these risks of Cloud computing - Legal: the sum total of all legal obligations of Cloud computing, which are visible every services that the article addresses. an organisation is subject to, from all Cloud- time one sends an Internet email, saves a file related statutes around the world. in their Internet storage, participates in a social Governments across the Asia-Pacific region are - Data protection: how prepared are those network, or outsources processing resources. making efforts to promote the use of the Cloud, responsible for keeping Cloud data safeguarded. So why is not every organisation committed through funding infrastructure or deploying - Contracting: how well is the organisation to fully deploying the Cloud? One reason is their own Clouds, encouraging the setting of legally protected against undesired Cloud that there are legacy hardware or software standards and providing awareness education events. resources that have not reached the end of their and training on the Cloud. While there are - Governance: how easily can data be safely economic lifecycle. There are also regulators clearly differences in how far countries have moved within and between CSPs. preventing participants in certain industries gone in developing the Cloud, users of Cloud - Verification: what independent third-party from moving more fully into the Cloud. More computing services will all face a similar of set assurances are provided about the CSP. likely, it comes down to simple FUD (Fear, of risks when utilising the various services of - Response: how prepared is the CSP to Uncertainty and Doubt). The FUD factor Cloud Service Providers (CSPs). This includes handle security-related incidents. predominates partly because Cloud computing both public and private-sector organisations and has been ushered in with such a tidal wave those firms which outsource to the public Cloud Explanation of all of these Cloud-related of marketing hype. Nothing so hyped can be and those which in-source to a private Cloud or risks takes up a whole chapter in my Cloud really this good, can it? Beyond the fear and do both with a hybrid Cloud. computing book, so here I will focus on the hype, experienced IT personnel know part of a single risk, within the category of that there may be new risks when computing These risks of Cloud computing can be response risk, regarding the preparation for capability is moved outside of their direct grouped into six categories: and response to a data breach in the Cloud.
Asia-Pacific II 2012 n 19 Cloud security
Historically, organisational data resided in process voluntary, but the government has - How does the CSP know, in a virtual- closed networks, inaccessible from outside. published guidelines and templates in advance resource multitenant Cloud environment, just With the migration to the Internet and Cloud of those changes. Japan has industry sector whose data has been breached? computing, data is collected over the public regulations regarding data breach notification. In - What type of evidence has to be saved network and stored on devices accessible via Taiwan and South Korea, newer revisions to their for future criminal investigations or civil the Cloud. The growing threats from bad actors privacy laws require data breach notifications. litigation, such as logs of the network and and the vulnerabilities inherent in using an There are local versions of data breach laws system activity or images of before and after open network combine to present a set of risks arising in China, to complement national breach data, and how can this be done in a multi- that have manifested themselves everywhere. notice regulations on service providers. tenant Cloud environment? The list of publicly known organisations (e.g. Sony, Citigroup, Honda), less-well known In Europe, under the e-Privacy Directive, member While a comprehensive example is beyond organisations (e.g. Global Payments, Heartland, states are required to implement local legislation the scope of this article, the guidance from Hannaford Bros.), Cloud-based systems where service providers that are responsible the government of Hong Kong provides (e.g. Nasdaq, Epsilon, CheckFree), and firms for hosting and transmitting customer’s data insights into part of the legal response. The dedicated to security (e.g. RSA, VeriSign, are required to notify the appropriate national guidance suggests that the data custodian DigiNotar) known to have had their data/ authorities upon the event of a data breach. If an first gathers information, including when networks breached in the last several years is end-customer’s breached data can negatively and where the breach occurred, how it was already large and still growing. impact on them, they must be notified as well. detected, what the cause was, what type of By contrast, in the US, while there is no general personal data was affected and the number of While some of the data breaches are of federal data-breach notification requirement, data subjects potentially impacted. It advises more concern than others, the reality that all there are industry sector specific regulations in notifying data subjects when the ‘real risk of organisations should accept is that it is more healthcare and financial services for reporting of harm is reasonably foreseeable’. likely than not that they will experience a data breaches and there are general data-breach data breach of some kind. The question then notification laws in almost every state. The breach notification should include: becomes, how will your organisation respond - date and time of the breach and its discovery; to a data breach event, especially after data These laws require that organisations whose - the cause of the breach, the personal has been migrated to the Cloud? systems are breached and expose their data breached; customer’s data to the risk of harm to notify - the potential risks of harm; There are three distinct aspects to data breach customers if the data could be used maliciously. - the remedial measures to ensure no response: This is most typically the case when the data is further data loss; personally identifiable information or financial - a contact person and number; a) The technical response: how to identify information, kept in an unencrypted format. - the law enforcement or other agencies the incident, how to quarantine the intrusion What typically varies among these laws is the notified; to prevent further damage, how to repair information that must be reported, to whom it - what is being done to assist affected all infected systems, how to restore the must be reported, and when it must be reported. consumers; appropriate data, and what are the appropriate The data breach legal response when data is - and, what they can do themselves to reviewing and remedial actions to ensure this outsourced to the Cloud will essentially come mitigate the risk of harm, such as identity type of incident does not recur. down to answering a series of questions: theft and financial fraud. b) The business and reputational response: attempting to limit the impact on the entity’s - What data breach and privacy laws are The important lesson here is that when financial viability, revenue loss and damage implicated by a CSP data breach, as the data moving data into the Cloud, organisations to trademarks reputation and brand names, servers and customers may be situated in must recognise that they are (possibly) taking including minimising related costs and disparate countries around the world? on more risk of their data being breached. To seeking insurance pay-outs. - Who is going to report the data breach, address this, they must take several essential c) The legal response: getting law the CSP or the CSP’s customers whose data steps to counter-balance that risk. These are to: enforcement involved, when organisations was breached? must comply with a variety of statutory and - When must the breach be reported, after - risk assess both themselves and any CSPs regulatory requirements, which potentially an investigation or as soon as it occurs, or that they use; requires certain evidence to be locked up or perhaps never? - implement appropriate risk treatments to frozen. The following looks at these legal - To whom must the breach be reported to, manage those risks; aspects of a data breach response. such as to: the local data protection authorities, - continually monitor the effectiveness of industry regulators, local and/or international the risk treatments to identify new risks; Across the Asia-Pacific region, there are a variety law enforcement (e.g. Interpol), department of - proactively develop a data breach of laws concerning the response to a data breach. justice agencies, and/or to the data owners or response plan. Many of these general provisions at this time are their data custodians if outsourced? voluntary guidelines, although certain industries - In what circumstances must the data The Cloud remains the future of IT but are required to report breaches, at least to their breach be reported, such as when: a certain assessing its risks and proactively preparing regulators. For example, in Australia, there is no number of records have been breached, a for the worst is the best practice for general data breach statute but there are voluntary certain type of sensitive data is breached, or organisations, in Asia and elsewhere around guidelines from the government. In Hong criminal activity is suspected? the world. Advance planning for data breaches Kong, the proposed changes to the local privacy - What types of information has to be within the Cloud is the most prudent course of ordinance will make the breach notification reported? action for all types of organisations. l
20 n Asia-Pacific II 2012 OCTOBER 17-19, 2012 Smau Milan 2012
The Most Important International ICT Exhibition and Conference in Italy
For more information please contact:
CHINA EUROPE USA E.J. Krause & Associates, Inc. E.J. Krause & Associates, Inc. E.J. Krause & Associates, Inc. Xiaohua Chen Regine Gessner Ron Akins [email protected] [email protected] [email protected]
www.smau.it www.expocomm.com/italia Cloud security
Pragmatic tradeoffs in enterprise adoption of public Cloud by Dr Steve Hodgkinson, research director - public sector, Ovum Australia and New Zealand
Ovum predicts that the Asia-Pacific region will be the fastest growing public Cloud market, growing by over 30 per cent per year between 2011 and 2016. This ‘radical externalisation’ of ICT capabilities is met with serious concerns over corporate data sovereignty, security and privacy. However, Ovum believes that the perceptions of risks may have been overblown. The regulatory and security issues should be treated as business requirements to be met and risks to be mitigated, not as showstoppers of Cloud adoption. Risk mitigation comes from selecting a trusted Cloud provider who fears the ‘wrath of the crowd’ and resolves issues to avoid it. Nevertheless, Cloud providers must ensure they apply all the necessary security measures and also avoid the ‘lock-in’ threat by making it easy for enterprises to leave, should they want it.
Dr Steve Hodgkinson is research director - public sector of Ovum’s government practice in Australia and New Zealand. Prior to joining Ovum he was the Deputy CIO for the Victorian State Government in Melbourne, where he was responsible for e-government and IT strategy across the State Government’s departments and agencies. He led a four-year programme of activity to establish the Office of the CIO and implement shared services and infrastructure consolidation initiatives.
Dr Hodgkinson has an in-depth knowledge of business and IT strategy, and experience with large public and private sector organisations in Europe and Australasia. He also founded and sold an e-commerce company. Dr Hodgkinson is a frequent commentator on the ICT (Information & Communication Technology) industry in Australia, with a focus on public sector ICT issues. He writes regular columns in a number of leading ICT magazines and is often invited to speak at conferences and at client workshops and events. He has a doctorate in Management Studies from the University of Oxford and a first class honours degree from the University of Otago in New Zealand.
Some recent examples of his relevant advisory engagements include assisting an Australian state government with independent assessment of vendor presentations during a large-scale tendering process for a managed desktop environment. Another engagement was briefings to a number of state government agencies on recent developments in the web 2.0 and enterprise 2.0 arenas and their implications for office worker productivity and collaboration in the public sector. He also conducted a market scan of manufacturers of operating systems, office automation and business utility software for an Australian state government - addressing the question ‘Is there a viable alternative to Microsoft software for large scale enterprise office automation environments, and if so which vendors could be candidates to dislodge Microsoft from its position as the de facto standard for desktop software?’. He also reviewed a state government’s enterprise licence agreement for IBM software (including Lotus office productivity products) and provided negotiation advice. He advised a state government agency on the leading enterprise web content management system vendors as a precursor to a public tendering process and investigated the implications, pros, cons and issues relating to migration from Lotus Notes to Microsoft Exchange.
Enterprise use of public Cloud services is now Ovum estimates that public Cloud services its CRM (Customer Relationship Management) widespread and growing around the Asia- generated globally around US$18.2 billion application into a wider range of apps and its Pacific region. However, many regulators in revenue in 2011. The forecast is that this broader platform-as-a-service offering. and security authorities remain cautious due will grow by 30 per cent per year, exceeding • NetSuite also has thousands of customers, to concerns over data sovereignty, security US$65 billion by 2016. The Asia-Pacific predominantly in the SMB sector, but also including and privacy of data in the public Cloud. region is expected to comprise the fastest subsidiaries of larger corporations that use NetSuite Such concerns are holding back adoption, growing market for public Cloud services, as a common financial reporting platform. particularly in the financial and government with revenues forecasted to grow by 34 per • Adoption of Google Apps and Microsoft’s sectors. Ovum’s research reveals that early cent per year from US $2.9 billion in 2011 to Online services is growing - leveraging initial adopters of public Cloud services take a US$12.5 billion by 2016. email deployments into a broader range of practical view of benefit/risk tradeoffs. collaboration and office productivity apps, Regulatory and security concerns are business Software-as-a-service (SaaS) offerings particularly in the higher education sector. requirements to be met, not showstoppers of comprise the most mature examples of public • Other SaaS applications popular in the region Cloud adoption. Cloud services from an enterprise perspective. include Microsoft Dynamics CRM, Oracle CRM Proof points of the widespread and growing On Demand, RightNow, SuccessFactors and A useful addition to the enterprise ICT portfolio adoption of SaaS services include: Yammer. There are many hundreds of other niche Organisations around the world, from small SaaS applications in daily use. businesses through to large corporate and • Salesforce has many thousands of customers government enterprises, now rely on the public across the region, comprising a mix of large Public Cloud services bring two main benefits, Cloud to support services ranging from niche corporate and government sector enterprises and both attributable to the ‘radical externalisation’ ICT applications to mission-critical operations. SMB (Small to Medium Business) organisations. of ICT capabilities beyond enterprise scale - Use of Salesforce is steadily expanding beyond into the Cloud. First, the public Cloud can offer
22 n Asia-Pacific II 2012 Cloud security
a more effective and efficient way to source biggest risk mitigation was the choice of a high need to appreciate the importance of the selected ICT applications and infrastructure quality enterprise-grade Cloud services provider. ‘wrath of the crowd’ in public Cloud service capabilities as-a-service. Second, it can offer a relationships. The bigger the crowd the greater new way to accelerate participation in the rapidly Data sovereignty issues create an undercurrent the wrath; that is, more pressure can be applied evolving social networking and mobile solution of worry about off-shore data storage for some on the Cloud provider to prevent service issues ecosystems of the Internet age. executives - although this was acknowledged as and resolve them quickly. The fact that large a justifiable benefit/risk tradeoff, as long as the numbers of customers share a common service Risk perceptions are becoming overblown potential risks were judiciously managed. In the means that there is ‘safety in numbers’, which medium term, a number of executives felt that is a significant change in the logic of power While enterprise adoption of public Cloud a key emerging differentiator for public Cloud relationships in enterprise ICT procurement. services is widespread, cautionary statements service providers would be the ability to provide by regulators and security authorities robust encryption of data ‘at rest’ and choice 5. Rein in ‘stealth’ Cloud adoption of the theoretical risks of off-shore data about data centre location. While it was fashionable a few years ago to storage in the public Cloud amplify risk admire the innovative energy of line-of-business perceptions. Statements about privacy risks The executives interviewed had gone into the executives who acted independently of the ICT and exposure to the US Patriot Act, for public Cloud ‘with their eyes open’ and were department to acquire public Cloud services example, serve to heighten awareness of comfortable with the tradeoffs required in order to ‘because they could’, this behaviour is one of the regulatory uncertainties and potential security access the benefits provided by the Cloud services. drivers behind regulatory concerns. The reality is and compliance issues - particularly in the that ICT departments must rein in ‘stealth’ Cloud government and financial sectors. Recommendations for enterprises adoption and bring it under normal ICT governance 1. Approach Cloud computing from a arrangements. We can be sure that auditors and Cloud critics, some with vested interests in the strategic perspective directors will pay increasing attention to this over status quo, are vocal to intensify risk perceptions Public Cloud services are a radical externalisation the next year, so CIOs are recommended to get to further. On the other side of the argument, the of ICT capabilities that require some new the front line in order to be able to deal with issues safety assurances of public Cloud vendors tend tradeoffs - and a willingness to ‘think outside proactively rather than in a crisis. to be discounted as marketing. At the same the box’. Managing a shift in the balance of the time, enterprises with hands-on experience tradeoffs is part of a strategic transformation of Recommendations for vendors of the public Cloud are relatively silent about the enterprise’s approach to ICT, not simply an 1. Making the public Cloud safe and trusted for their experiences due to perceived compliance expedient way to source a new point solution. enterprise use is not optional sensitivities. The result, in Ovum’s view, is that The rate of growth of the public Cloud market risk perceptions have become overblown. 2. Acknowledge that scale matters for safety in in the enterprise sector will be very much the Cloud determined by the success of the major vendors Wise use of the public Cloud is all about the Significant investments in technology, in meeting enterprise reliability, security and right approach processes and people are required to build compliance expectations. It is not enough for the and sustain an enterprise-grade public Cloud public Cloud to offer superior functionality - it To shed some light on the reality of how the service. Concerns over the fact that global has to offer superior trust as well. The actual and Cloud feels in practice we interviewed executives public Cloud services providers will store perceived trustworthiness of individual public in ten Australian corporate and government data off-shore need to be balanced against the Cloud vendors will become a significant source enterprises with hands-on experience of market capacity that global scale brings to invest in of differentiation in the enterprise market. leading public Cloud services. Discussions service innovation, functionality, reliability The ability to efficiently encrypt data will were intentionally ‘off the record’ in order to and security. The primary concern should be be strongly valued by enterprise executives. encourage open and frank discussion. the depth and quality of the overall service As soon as this is technically, operationally offering … not simply the location of the data. and commercially feasible, it will be strongly The results convey positive experiences. The recommended by regulators, and hence regarded executives we interviewed stated that the public 3. Don’t compromise on enterprise-grade as a prerequisite for the use of public Cloud Cloud has added value to their enterprise’s ICT compliance requirements services by auditors and company directors. portfolio. Public Cloud services were typically The convenience of end-user adoption and 2. Find ways to develop peer-peer networks of not chosen to save costs. In most cases the low entry costs of public Cloud services are customers and prospects service was selected because it was better and no excuse for lower standards of security and Public Cloud providers have much to gain and faster - even though some changes to information compliance. The biggest risk mitigation is the little to lose by encouraging networking and management practices were required. One of choice of a Cloud services provider capable information sharing between customers and the most strongly valued benefits was iterative of operationally and contractually meeting prospects. The rate of enterprise adoption of functional evolution. The Cloud service compliance requirements. Cloud services public Cloud services will be accelerated by addressed user frustrations with the slow cycle of create both the imperative, and the opportunity, more transparency around how data security and innovation of past ICT solutions as well as user for enterprises to focus less on technology privacy concerns are overcome in practice to expectations that modern Internet applications and software and more on the essentials of counterbalance the cautionary statements made should be constantly evolving in terms of their compliance - processes and information. Overall by regulators. functionality and support for innovations such as standards of security and compliance can be 3. Make it easy for customers to leave … and social networking and mobility. increased through Cloud adoption when it is ensure that they have no reasons to want to combined with a renewed focus on process Concern over lock-in is somewhat over- Concerns over data security and regulatory discipline and information categorisation and hyped, but nonetheless is a recurring worry of compliance were taken seriously, but were not governance. executives. We recommend that public Cloud viewed as ‘showstoppers’ as long as careful services providers make a virtue out of making thought is given to the categories of data that will 4. See beyond the contract and SLA (Service it easy for customers to both subscribe to and be stored in the Cloud and to identifying specific Level Agreement) to harness the power of the terminate the service. Paradoxically, customers risk factors and mitigations in process controls ‘wrath of the crowd’ will be less anxious about adopting a public and contracts. Not all public Cloud services are While a contract and a service level agreement Cloud service if they are confident that they can equal in terms of their ability to meet enterprise are essential to reach an agreed basis for the leave at any time, taking all their data and erasing reliability and security requirements, so the commercial relationship, enterprises also any trace of their use of the service. l
Note: The author, Dr Steve Hodgkinson is research director IT - Asia-Pacific for Ovum. His report ‘Enterprise adoption of public Cloud services is all about pragmatic tradeoffs’, published in February 2012, is available from www.ovum.com. He can be contacted at [email protected].
Asia-Pacific II 2012 n 23 Special Cloud applications
Asia: leaders in technology adoption by Matthew Tonkin, area vice president, Asia-Pacific, Sybase 365
Asia-Pacific (APAC) countries, are leading the way in mass adoption of new technologies. Mobile TopUp and Remittance services have flourished in the region, enabling commercial transactions for the unbanked. Asians, far more than their Western counterparts, are open to mobile commerce, receiving promotions and coupons on their handsets and mobile CRM is very popular in the region. Underpinning these fast-growing services is the ability to support the early adoption of LTE across the region, which requires an LTE roaming solution that is deployed over the IP eXchange (IPX).
Matthew Tonkin is area vice president for Sybase 365, a subsidiary of Sybase, Inc., a SAP company. Mr Tonkin oversees the company’s global GRX/IPX/LTE Roaming business and helps drive pipelines and revenues with local teams in every region. In addition to his role as AVP in Asia, he is responsible for managing and driving the company’s growth and market leadership in both Enterprise Services and Mobile Operator Services businesses across the region, through a combination of direct sales and a network of partners and alliances.
Mr Tonkin joined Sybase 365 in 2005, bringing with him over 15 years of management working experience in Asia, including extensive working knowledge and profitable business growth in China, Japan and India.
Prior to joining Sybase 365, Mr Tonkin was country manager at Roamware, a leader in Roaming VAS applications. He successfully established Roamware’s presence in the Asia-Pacific telecommunications mobile market through developing and driving direct sales and channel partnership strategies and building a profitable business in the key countries that he managed - Hong Kong, Philippines, Thailand and Australia.
Matthew Tonkin holds a Bachelor of Business, majoring in international business and marketing from the Queensland University of Technology (Australia). He completed his Mandarin language studies at the East China Normal University (Huadong Shifan Daxue) in Shanghai. He is currently-based in Singapore and also holds Hong Kong Permanent Residency status.
Technology continues to change at an throughout the Asia-Pacific region, making Remember the 2G era? Who were the first increasing rate and these changes continue the growth of social media the fastest in the countries to have 100 per cent handset to benefit us all, improving convenience world, including Facebook that is still leading penetration? Yes, they were in Asia, in our lifestyles as well as productivity in the way across the Asian region. Facebook in specifically Hong Kong, Singapore and the workplace. Over the years we have the US undoubtedly has still got the largest Taiwan. This adoption trend continues as experienced an accelerated change of number of users (20 per cent of total users), phones become smarter. Whether handsets or technology that affects our everyday lives but the Asian countries of Indonesia, India tablets, Apple or Samsung, iOS or Android, - handsets and tablets, social networking and the Philippines consist of 13.5 per cent we are seeing the immediate adoption across and the social inbox, Cloud services, mobile total users (source: checkfacebook.com). If Asian markets. The same applies to the commerce, mobile applications (including Facebook weren’t officially banned in China, innovation that many companies continue Angry Birds!)... the list goes on. the Asian region would undoubtedly exceed to bring to markets across various lines of the US. business such as mCommerce, Enterprise As these new technologies come to market, Services and Operator Services. we often find the early adopters and initial Cloud services have proliferated across Asia. mass markets tend to come from Asia. Asian According to Microsoft’s global SME IT and mCommerce consumers and companies are known for their Hosted IT Index 2010, businesses in Asia appreciation of technology, quickly adopting managed to perform better than their Western mCommerce generates a high level of the benefits to their everyday lives, whether counterparts did, and used IT to improve interest amongst telcos and banks across the personal or in the workplace. both business productivity and effectiveness. majority of areas of mBanking, mPayments, Currently about 30 per cent of Asian SMEs mTopUp and mRemittance. The adoption Let’s take a look at some examples. Internet are already using Cloud services. and proliferation of these solutions across usage and mobile adoption is sky-rocketing the Asian region has largely been driven
24 n Asia-Pacific II 2012 Special Cloud applications
by economic necessity. Mobile TopUp and are seeing the adoption of mCRM capabilities adopters of LTE network rollouts, it is very Remittance services enable the unbanked across a number of Asian vertical industry likely that Asian operators will lead the to transact via mobile phones and provide sectors. Clients in the retail banking industry industry with LTE roaming solutions. the means for transferring funds across have implemented mobile surveys to the geographies. Working together with service consumer to obtain real-time feedback of Technology will continue to innovate and providers, many Asian operators have now their call centres’ experience. Major brands change our lives, both at home and in the launched TopUp and Remittance services. are capturing immediate responses-based office. Driven by the Asian consumers’ on the consumer’s retail outlet experience. acceptance of technology, all three areas Financial institutions are also changing Across the Fast-Moving Consumer Goods - mCommerce, Enterprise Services and the way they interact with their customers. (FMCG) markets, many companies are using Operator partners - will continue to work Banking services and purchasing goods on mCRM campaigns to capture additional together to bring benefits and value to the mobile devices have become quite prevalent market share and to improve loyalty. One Asian consumer. l across many Asian countries. Services have successful campaign increased market shares evolved beyond merely checking a bank by eight per cent - which is quite substantial balance, to provide a range of payment in the FMCG field. solutions for merchants and individuals. Solutions in this area would include the Mobile operators - IPX + LTE roaming consumer’s ability to pay government fees or utility bills as well as governments An ‘All-IP’ world is fast becoming a enabling the payment of salaries. Mobility is reality. Part of what is driving it is IPX simplifying lifestyles in both developed and (IP eXchange), which is proving to be an emerging Asian markets. integral part of the industry-wide migration to IP. A Global Operator survey conducted Connect-World now on Enterprise + Mobile CRM in 2011 confirms that operators have a strong Facebook & Twitter perception of IPX and over 71 per cent of Mobilising existing CRM (Customer those surveyed are planning to deploy IPX Connect-World, the world’s Relationship Management) solutions is in the next one to three years. In an IPX foremost discussion forum for another area that many Asian enterprises are environment, operators would also be able leaders in the ICT industry, is now actively working on in order to stay ahead of to run a full suite of traditional services available on Facebook and Twitter. the ever-changing consumer communication. including Voice, signalling and SMS. Whilst A 2010 global survey conducted by a IP convergence of traditional services is an mCommerce technology leader showed that option, we are seeing many Asian operators The world’s top ICT decision- consumers are willing to be engaged via the recognising the clear benefits of quality and makers express their opinions in mobile handset, with the Asians’ acceptance control that IPX deployment brings. Connect-World. They use clear, being far greater than that of consumers in non-technical, English to discuss Europe, Middle East and Africa (EMEA) With the proliferation of data services, the how ICT helps shape regional and the Americas regions. About 54 per mobile operator community is working to and global development. The cent of Asian consumers who responded to address this need with the rollout of next articles essentially examine the the survey revealed that they were happy to generation 4G networks, known as Long influence that ICT products and receive special offers and coupons from their Term Evolution (LTE) networks. This will favourite retailer directly to their phones, drive further the move to full IP convergence. services have on the way people and 46 per cent confirmed that they would Once again, due to consumer demand, live and do business. With like to have loyalty scheme updates sent to Asian operators have taken the role of early separate editions for each of them via the handset. Executed correctly, adopters of this new LTE technology, with the world’s regions, the reports this would provide the ability for companies initial markets launching live networks in highlight the most important ICT to deliver a unique and personal customer South Korea, Hong Kong, Singapore and trends and issues influencing engagement experience. Australia. To stay ahead of the technology socio-economic growth. curve, the mobile operator community Some mobile CRM (mCRM) offerings needs to support LTE roaming. As operators Connect-World is now available available in the market bring the power of launch LTE services in their home counties, customer engagement technology to enable consumers will naturally expect the same to follow on Twitter (http://twitter. enterprises to engage customers through the service experience while abroad. This com/#!/ConnectWorldICT) and mobile phone at every point in the customer includes the ability to roam internationally. Facebook http://www.facebook. lifecycle. This enables retailers, brands, com/connectworld.ict agencies and any other consumer-focused To enable LTE roaming, operators would enterprises to create awareness, assist need a hosted LTE roaming solution deployed Also, it is still possible, for FREE, purchases, support consumers’ post-purchase over the IPX environment to provide to directly access all past and and boost customer retention. seamless connectivity to other operators present Connect-World articles, in the IPX ecosystem. This accelerates the ICT Industry press releases, Many Asian enterprises welcome the ability time-to-market to launch new LTE roaming to personalise communication with their destinations, driving customer satisfaction eLetters, ICT News and more at consumers through a mobile environment. We and revenues. With Asia being the early www.connect-world.com.
Asia-Pacific II 2012 n 25 Special Cloud applications
Social care in the Cloud by Dennis Juul Poulsen, CEO, Tweakker
Subscribers support centres are a large cost element in any carrier’s balance sheet. The recent growth of more complex smartphones is accompanied by increased pressure on customer care, but allowing the service to deteriorate is a sure way to lose market share. For this reason, mobile and virtual operators are seeking to move customer care to the Cloud. Internet-based, intuitive ‘self-care’, with a community of interacting users, is far more cost- effective and trendy. In the APAC region, where mobile Internet is set to rise by more than four times by 2015, online customer care is essential.
Dennis Juul Poulsen is CEO and co-founder of Tweakker established in 2009. As a business development, sales and management oriented executive, Mr Poulsen has broad experience within the mobile industry including international B2B sales at executive level. His focus revolves around developing disruptive Cloud technologies and products for the mobile provider and consumer space. He enjoys working with start-ups and established companies that aim to capture market share or seek to broaden their market scope by re- positioning their brands and products.
Why the Cloud? The stress levels and real anger that Further, 50 per cent have advised family call centres create also cannot be and friends against a company or service The cost of traditional customer care underestimated. On average it takes a call that they’ve had a bad experience with, and centres is crippling the mobile industry centre six minutes to answer a customer a quarter have terminated the contract with and hampering innovation. With the drive call. Recent statistics show that 70 per cent the company or a service that has kept them towards greater data usage, thanks to the of complaints are still made over the phone, waiting too long. latest generations of smartphones, carriers even though the amount of email, web and are becoming increasingly dismayed at social media complaints are on the increase. Fast track to success the mounting costs of getting customers connected to their networks. In Britain, YouGov has reported that The case for maintaining customer care only 4.1 per cent of people have a good centres is damming and forces the mobile On average, a smartphone user will make experience when dealing with a call centre. industry to look for new solutions and three calls to a care centre before getting In fact, four out of five people say they Cloud computing has emerged as the most sorted and the carrier’s cost of providing have lost their patience and hung up when viable solution going forward. It’s been that service represents a loss of at least faced with a long call centre queue, while established that companies headed for one month’s ARPU during the lifespan of a 69 per cent have had their opinion of a Cloud computing will naturally become standard 12-month contract. company or service permanently damaged more innovative, become more profitable after poor customer service. and create more jobs if they turn their
26 n Asia-Pacific II 2012 Special Cloud applications
back on spending significant amounts of The services of giffgaff are not desired by successful care platform in the Cloud. time and money on maintaining legacy IT some users, who are reluctant to change Never forget that Facebook became a equipment such as in-house server systems from the old-fashioned land-based support success by simply creating a Cloud- and IT software suites. By focusing their services, but there is little doubt that based reality that friends could utilise resources on online equipment and SaaS giffgaff’s strategy and business model will to communicate with one another in a services, companies can concentrate more generate more revenue than operators that fast and non-complex manner. Network time in improving their existing products hesitate to evolve along with consumer operators need to create the exact same and developing new products. behaviour and technology. reality when they build their care services in the Cloud. l Mobile Network Operators (MNOs) Cloud in Asia-Pacific and Mobile Virtual Network Operators (MVNOs) are prime examples of this. Cloud care fits like a glove for MNOs They have spent the last decade on and MVNOs in the Asia-Pacific region building complex in-house customer care with the prolific behaviour of the new departments to administrate and distribute mobile Internet and social media- knowledge about mobility and mobile addicted generations and the diversity of customer behaviour. It is evident today that smartphones being bought in the region and more and more MNOs and MVNOs are used in their networks. establishing or looking to establish their customer care services in the Cloud as self- Let’s look at the numbers. According to care services or social care services, and research firm Ovum, the Asia-Pacific it’s easy to understand why. region will dominate the mobile Internet market in the years ahead, growing Connect-World now on A large part of the current generation of from 119.1 million users in 2011 to Facebook & Twitter smartphone users are raised in the Cloud a forecasted 518.4 million users by and have no interest in spending 30 minutes 2015. Aside from the high mobile-only Connect-World, the world’s on a guided tour on the phone when they penetration rate of 34 per cent among foremost discussion forum for can help themselves or interact on issues Asian web users, this tremendous trend leaders in the ICT industry, is now with other users in a beautifully designed towards mobile Internet is being brought available on Facebook and Twitter. and intuitive self-care interface on the web about by the lack of fixed-line broadband or in an app. facilities in highly populated countries in the Asia-Pacific region. The world’s top ICT decision- Care in the Cloud seems to be the makers express their opinions in only valid way forward and a direct Fifty-six per cent of the world’s phone- Connect-World. They use clear, line to business success. Not only do owning youths live in Asia and 84 per non-technical, English to discuss MNOs and MVNOs save money and cent of Chinese youths use mobile how ICT helps shape regional time, they also improve their business phones to access the net and social and global development. The simply by adjusting their products and networking sites. Similar mobile web articles essentially examine the communications approach to match the access and trends are being seen in influence that ICT products and expectations of their audiences. other parts of Asia. Japan is another perfect example with 60 per cent of its services have on the way people Today, some MVNOs have subscriber youth accessing social networks through live and do business. With bases composed of more than 90 per their mobile phones. In the Philippines, separate editions for each of cent smartphones, making care in the mobile operators are expecting that 70 the world’s regions, the reports Cloud an obvious choice for one very per cent of their revenues in 2012 will highlight the most important ICT simple reason. The phones are smart! come from mobile Internet accessed trends and issues influencing They have big screens, great web- through smartphones. socio-economic growth. browsing capabilities and can facilitate interactive media via applications Customer care in this region will become Connect-World is now available designed and provided to the customer more complex going forward and the by the MNO or MVNO. simplest, most effective and economic to follow on Twitter (http://twitter. solution is undoubtedly the Cloud. com/#!/ConnectWorldICT) and Giffgaff.com, a successful MVNO in Facebook http://www.facebook. the UK, has built its services almost Conclusions com/connectworld.ict entirely in the Cloud. Driven by the idea that customers are capable of caring When building Cloud-based care services, Also, it is still possible, for FREE, for themselves and each other with the it is essential that operators spend to directly access all past and technology available today, giffgaff several iterations on mastering the actual present Connect-World articles, are pioneers in driving mobile business interfaces that customers will interact ICT Industry press releases, away from the physical platform and through. Features are less important as into the Cloud. the intuitiveness of the system will be eLetters, ICT News and more at the main driver on the path to creating a www.connect-world.com.
Asia-Pacific II 2012 n 27 October 8-11 Rio de Janeiro | RioCentro 14th edition
The most qualified ICT Event in Latin America! PREMIUM
MASTER GOLD
SPONSORS
Posição em: 28 de maio
Contact our Business Team Promoted and Organized by: André Veiga Nalzira Muniz www.futurecom.com.br [email protected] [email protected] @FuturecomEvent +55 41 3314-3205 | + 55 41 9941-0591 +55 41 3314-3222 |+55 41 7812-9193 Special Cloud applications
Online video monetisation made simple by Dennis Rose, vice president, APAC, Brightcove
Cloud-based advertising content can be served by in-house server self-managed, networked server - by a third party, or an ad exchange server, which matches buyers and sellers. Advert types depend on the video content: they can be linear - in proportion to the video content length, non-linear - running alongside, or ‘companion’ - banner ads or text ads or branded ‘skins’. They can also be governed by ‘ad selector’, allowing the viewer to select from a number of links. The best advertising systems allow defining advertising policies and targeting methods, provide choice of advert formats, utilise adaptive bit rate to optimise performance and support HTML5, for devices that cannot run Adobe Flash.
Dennis Rose is vice president, APAC in Brightcove. Mr Rose joined Brightcove in 2010 to lead the company’s strategic investment in the Asia-Pacific. He brings more than 30 years of experience in IT companies including seven years’ experience in Latin American and the Caribbean and nine years in Asia-Pacific. His current responsibilities include developing the strategic go-to-market plan for the region, establishing business operations in key markets, building and developing the field organisation and implementing the sales, marketing and channel partnerships to achieve the business goals in this important area of investment for the company.
Dennis Rose previously led overall business operations for Citrix Systems in the region. He is-based in Singapore and holds an MBA from Boston College and is a graduate of the Stanford University Executive Program in International Business.
It’s no secret: there is money to be made in online An ad network is a company that aggregates ad Which method to choose? If you’re publishing video advertising. The revenue earned through space across multiple publishers, and then sells this a small number of videos, such as one to five online video advertising by publishers of all kinds inventory to advertisers. While each of the member per week, it probably won’t be cost- effective grew 45 per cent in 2010 - more than any other sites might be too small to be able to meet advertiser to hire a salesperson. On the other hand, if online advertising segment. In the fourth quarter of requirements for scale and targeting, together, they you’re publishing 20 or 50 videos each week 2010 alone, these ads drew US$411 million. The add up to a viable number of ‘impressions’. and drawing an increasingly large viewership, question is: How do you leverage your Cloud-based you’ll make much more money with the help of video content? Once you have decided that you are An ad exchange is a platform that connects buyers in-house personnel to help with not only selling ready to monetise your online videos, you need to and sellers of online ad inventory. Advertisers go to the ads, but also to optimise your ad strategy to decide who will sell your ads and how they’ll be the exchange to find inventory, specifying content maximise yield across your entire inventory. served to your site. You have three options: selling or audience targets, numbers of ‘impressions’ your ads in-house, then serving them through an ad they want to run, and a total budget. The platform What’s the right ad strategy for my content? serving platform, joining one or more ad networks, matches the buyer and seller, enables the delivery of and having them handle both tasks, or using both an the ad, and takes a small fee for the service. Intrusive or excessive ad placements can kill ad serving platform and an ad network in tandem. your video business. At the same time, too It is possible to use combinations of methods. little advertising on premium content might An ad serving platform is for companies that ‘Remnant’ ad sales allow you to use up unpaid represent lost revenue or make the difference sell their own ads through their own sales team. inventory by placing your unsold inventory in an between being in the red or in the black. Your As ads are sold, they are transferred by an ad network or exchange. Priced at a lower cost than ad strategy, including both the amount and the advertising operations team into an ad server, usual, you can increase your chances of earning types of ads you run, should take into account which then inserts them into online video revenue for every ‘impression’ on your site. Even the kind of content you run on your site and inventory as specified. if it’s less than you would have preferred, it’s better the context in which it appears. than no revenues.
Asia-Pacific II 2012 n 29 Special Cloud applications
Ads can be in a short-form video. No one wants Companion Ads are most often display VPAID (Video Player Ad Interface Definition), to sit through a 30-second ad to watch 60 seconds ads or rich media ads that run alongside or and other common industry formats. of content. One guideline is to limit advertising to surrounding the video player. A companion less than 20 per cent of the average video length ad offers sustained visibility of the sponsor The better online video platforms use Adaptive Bit watched per user. Look at prime time television. throughout the video experience for added Rate (ABR) or Multi Bit Rate (MBR) technology to The most desirable content available on TV impact. For this reason, video ads with modify the quality of your video content to match runs about eight minutes of ads for 22 minutes companion banners usually command a each viewer’s specific screen type and connection, of content, or a ratio of roughly 3:1. Unless your slightly higher CPM (Cost Per Mille) than ensuring optimal resolution without pauses or show can rival American Idol in popularity, you’ll those without. buffering. This is a key requirement for any ad- probably want a better content-to-ad ratio than that. supported content. After all, if people can’t view Ad Selector is an option that is gaining your videos effectively, all of the ad inventory in the Another advert type is the long-form video. If popularity. It gives viewers a measure of control world won’t make you any money. you’re showing a half-hour documentary or over the ads they see. As seen on sites including webisode, a 30-second or even a 60-second pre- Hulu, Yahoo! and CBS, an ‘ad selector’ appears Today’s consumers use a vast proliferation of roll is entirely justified, but it won’t earn as much before the video begins and allows the viewer devices, from touch-screen smartphones and revenues as you would expect from substantive to select among multiple advertisers, different tablets to connected TVs and over-the-top devices content. A better approach is to insert additional products from the same advertiser, different like Roku and Apple TV. Not all of these devices ad breaks during the video, or even show creative themes, ad placements, or other options. support Adobe Flash-based video delivery multiple ads in succession. Another approach is mechanism as a traditional PC, so they cannot run to use non-linear ads such as overlays or banners Sponsorship takes various shapes. Some ads created in Flash. Fortunately, more and more that run alongside or under your video. publishers offer customised integrations that can non-PC connected devices now support HTML5, include in-stream video ads, overlays, companion which incorporates video delivery as a native part of Adverts can also take the form of non-video units, ‘re-skinned’ video windows, and takeover the browser itself. As a result, it is important to find placements. Your ad sales opportunities don’t end at ads. These sponsorships tend to be sold on a time a solution that is fully committed to HTML5 for the the edge of your player. When viewers come across basis, such as a roadblock sponsorship where the delivery of online video and video advertising. your video, they’re also exposed to the rest of the advertiser owns the entire inventory on a page for page that hosts the player, generating ‘impressions’ a full day. On a simpler level, publishers can sell Build your online video ad success that you can monetise through banner ads, text ads, burned-in ads and/or bumper sponsorships as sponsorships, placement in content, and branded lightweight alternatives to full in-stream ads. By developing, implementing, and optimising an content. These companion ads or branding ‘skins’ advertising strategy for your online video content, (using the outer covering of the video player for How should I choose an ad server? you can tap into this well-established market to logo and brand message) can make up a significant support your online video operations and open an part of your overall revenue. If you’re selling your own ads, you’ll need an important new revenue stream for your business. ad server to place them in your video inventory. What kinds of ad formats can I run? Broadly speaking, the choice comes down to One company that leads the way is Television an inexpensive or free low-end system, or a New Zealand (TVNZ), the government-owned The Interactive Advertising Bureau (IAB) more sophisticated paid system. Some Cloud- broadcasting network. It operates ‘TVNZ provides guidelines and best practices for based online video Cloud solutions also enable ondemand’, a service available only in New three of the most common types: linear video you to both publish videos and monetise their Zealand that allows online television viewing ads, non-linear video ads, and companion ads. content through online video advertising. When of popular shows that run on the regular TV. comparing solutions look for one that offers TVNZ outsources much of the hard work of Linear Video Ads are also known as in-stream policy definition and targeting that can handle online video delivery using a Cloud-based video ads. They are similar to TV ads, which multiple ad formats, can offer adaptive bit rates, solution that handles the revenue-generation run inside the player, before the featured and can handle non-PC ad delivery. part as well. TVNZ is able to maximise content begins (pre-roll), or during an ad advertising revenue by offering branded skins break (mid-roll), or after the end of the video You want a solution that allows you to set on key pages and an ad selector, which they (post-roll). These ads can be any length, but ad policies to specify policy, that is, when to can sell for a 21 per cent premium, ad serves many advertisers prefer to use 15 and 30 request ads (before, during, or after a video), with screen pause and ad hovers. The last second spots, to allow them to repurpose how often to request ads, and how many ads to three alone will account for about six per cent material produced in standard lengths for TV. request. The ability to set targeting parameters of TVNZ ondemand revenues next year. for a video, a player, or even a given ad Non-Linear Video Ads run during video content, insertion point can help you increase revenue Other companies such as Lotte Chilsung, a usually as text, graphical ads, or video overlays that by segmenting your inventory more extensively, South Korean food manufacturer, have also appear in the lower third of the video window. Non- which makes it possible to charge advertisers used branded skins for video players as part of linear video ads don’t delay video viewing, and higher CPMs for targeted ‘impressions’. an integrated campaign to promote its drink ‘2 typically disappear after a set length of time, such Pro’. The award-winning campaign helped to as the first ten seconds of a video. Text ads can be A variety of ad formats is also important. increase sales of the drink considerably. set to expand when the mouse hovers over them The number of popular video ad formats in to show more information or offer a link. Video the industry can add to the complexity of ad TVNZ and Lotte Chilsung are just two examples overlays appear first as an invitation to interaction, operations for publishers. Look for a solution of how companies in the Asia-Pacific have been and play only in response to a viewer request, that supports a broad spectrum of ad formats, able to increase their revenue by choosing the right pausing the main video until the ad is complete. including VAST (Video Ad-Serving Template), Cloud-hosted video delivery solution. l
30 n Asia-Pacific II 2012 Special Cloud applications
The benefits of using Cloud computing in VoIP Cloud services: a minor technological advancement, a revolution for VoIP wholesale business by Konstantin Nikashov Nikashov, CEO, ALOE SystemsCorporation
Recent years have seen a return to the hosted service model which existed in the pre-PC era, now with the variety of options - Infrastructure-as-a-Service (IaaS), Platform-as-a- Service (PaaS) and Software-as-a-Service (SaaS). The SaaS model can be applied to many applications, even to a VoIP softswitch that can be served from the Cloud. VoIP business can be started and run without making large initial investments. A hosted softswitch saves carriers the costs of licences and the burden of staff to maintain the software. The elasticity of the Cloud allows efficient transport of VoIP traffic volumes that are changing constantly. However, carriers are still cautious about adopting VoIP SaaS. They are concerned about data security, although the same risks are present for in-house softswitches. Hosting service providers should provide appropriate security systems and configure their systems to meet the needs of every supported carrier-customer.
Konstantin Nikashov is CEO of ALOE Systems, a leading vendor of class 4 and 5 VoIP-switching solutions and server platforms. Mr Nikashov became CEO of ALOE Systems in 2000 and shaped the company’s strategy for development of successful VoIP products and their adaptation to the needs of regional markets. Currently Mr Nikashov is working on broadening Cloud technologies’ implementation in VoIP infrastructure.
Konstantin Nikashov earned his MSEE degree and later his PhD at the State University of Technology in Nizhny Novgorod, Russia.
It is difficult to overestimate the impact own a computer, so they were rented. number of fundamental architectures - that Cloud computing has had on the IT Computing started out as a service which development framework, Web 2.0, open- sector over the past few years. One could somewhat resembled the modern SaaS source software, etc., which fall into draw a parallel between the development model. For years IT outsourcing was a three relevant categories: infrastructure- of Cloud services and the creation dominant scheme in the market, until PCs as-a-Service (IaaS), Platform-as-a- of a personal computer - both have came into play in the 1980s. Service (PaaS), and Software-as-a- revolutionised the industry. Service (SaaS). In relation to the VoIP The 2000s saw IT companies - including sphere, Cloud services enable carriers In a certain way, Cloud computing the telecom sector - returning to IT and service providers to offer network existed in a pre-PC era more than half outsourcing and beginning to explore infrastructure and application platforms a century ago: up to the middle of the the potential of the Cloud as we know it to customers at a relatively low cost and 1950s few companies could afford to today. Cloud computing incorporates a on-demand. Host carriers offering VoIP
Asia-Pacific II 2012 n 31 Special Cloud applications
Cloud services enter the market with softswitch licences, which leads to Poor customisation of rented softswitches a set of offerings designed to meet the lower initial costs. Research conducted by hosting server providers is yet another requirements of their target audience. by our analysts recently revealed that, issue that may prevent a carrier from This article is focusing on the Software- typically, monthly rent fees for softswitch moving to the hosted softswitch model. as-a-Service (SaaS) model in more detail. services are almost 80 times lower than Every client carrier (be it a start-up the purchase price. Since software is or an established venture) is unique, Establishing a network infrastructure and subscribed to and not purchased, there are and hosting service providers should organising its future maintenance lead to no expenses to pay in advance. configure their systems to meet the needs high expenses for a VoIP traffic carrier. of every carrier-customer. l Because of this, softswitch solutions Hosted softswitch services include can be delivered in accordance with the maintenance and support. Carriers can ‘hosted service provider’ model. Client save significant costs by subscribing carriers use the network infrastructure to hosted softswitch services instead of that is managed by a host carrier and hiring additional VoIP specialists for deliver services to their peering partners server maintenance. You rent software without purchasing their own servers. that is ready to go.
Softswitch management is conducted By outsourcing software functionality, over the Internet via web browsers. client carriers will benefit from cost The host carrier guarantees necessary savings in infrastructure establishment characteristics of the rented software, and be able to use more funds on such as flexibility to adjust to personnel training and boosting the client’s needs, security, and productivity of other services they offer. Connect-World now on reliability. Security policies, which Facebook & Twitter are implemented by the SaaS provider, The volume of traffic that passes through minimise a network’s vulnerability to VoIP networks is changing constantly due Connect-World, the world’s fraud. Adequate protection from DDoS to such factors as time, day, date, location foremost discussion forum for (Distributed Denial of Service) attacks, of the network, peering partners’ policies, leaders in the ICT industry, is now detection of hijacked IP addresses or etc. Using the hosted softswitch model available on Facebook and Twitter. domain addresses, unauthorised traffic, can help the carrier to implement flexible etc. is given thorough consideration in schemes to distribute network resources Cloud VoIP. in accordance with existing policies and The world’s top ICT decision- conditions and derive maximum revenue makers express their opinions in Although not widely adopted yet, VoIP from such performance. Connect-World. They use clear, Cloud services open a wealth of new non-technical, English to discuss opportunities to telecom businesses of Last but not least, Cloud VoIP is a how ICT helps shape regional all sizes and types. Imagine that a small contribution to green technology. With and global development. The venture wants to start its business in more servers shared by carriers less articles essentially examine the VoIP traffic transit. If the entrepreneurs electricity is spent, and existing equipment influence that ICT products and choose to follow the traditional buy- gets to be used more efficiently. it-all model, the company will have to services have on the way people purchase server equipment and build A few words should be said about the live and do business. With network infrastructure from scratch. difficulties that Cloud VoIP evolution separate editions for each of Instead of buying and maintaining a is facing. The VoIP SaaS model is still the world’s regions, the reports VoIP infrastructure, entrepreneurs can relatively new and potential clients are highlight the most important ICT choose the alternative way of VoIP SaaS. cautious to outsource their softswitch trends and issues influencing The hosted softswitch model has gained services to remote servers located socio-economic growth. momentum recently because of the many outside their companies. The main benefits it has to offer VoIP businesses of reason that VoIP Cloud services are Connect-World is now available all sizes and types. not widespread is possibly that client carriers are unsure whether hosting to follow on Twitter (http://twitter. Today VoIP business can be started service providers will be able to provide com/#!/ConnectWorldICT) and and run without making large initial a stable service with the necessary data Facebook http://www.facebook. investments. There are several reasons security level. At the same time, few com/connectworld.ict to opt for Cloud-hosted services instead really understand that data security is of traditional in-house applications: - also not guaranteed when the softswitch Also, it is still possible, for FREE, more frequent server software updates, operates on the equipment owned to directly access all past and higher level of service and significantly by carriers themselves. Large initial present Connect-World articles, lower cost. As hosted softswitch is a investment in data security is needed, ICT Industry press releases, service offered by a host carrier who whether the server is located in the already owns the necessary infrastructure, carrier’s office or in the Cloud. eLetters, ICT News and more at client carriers do not have to purchase www.connect-world.com.
32 n Asia-Pacific II 2012 Cloud implementation
Head for the Cloud - see the reality by Alastair McAulay, IT expert, PA Consulting Group
While IT departments may see the Cloud as a threat, senior managers are attracted to the lower cost and greater flexibility to respond to demand fluctuation and organisational changes. Start-ups benefit most from the reduced capital outlay, allowing them to compete against the non-Cloud establishment. Beyond the hype, the benefits are significant but there are many issues that should be addressed - integration, security, resilience, governance and regulation compliance. Cloud commoditises IT service delivery, and this places the responsibility of selecting the right solution firmly on the customer’s own IT department.
Alastair McAulay is an IT expert in PA Consulting Group. He has over 20 years of experience working in IT Consultancy, with the last 14 years of these in PA Consulting Group. His clients have included central government departments, government agencies and within the private sector, major finance, pharmaceutical and oil companies.
Mr McAulay is an authority on designing and delivering innovative, IT enabled business change programmes that incorporate leading- edge technologies, including Cloud computing. He works at the most senior levels to help his clients negotiate the ‘people and business change challenges’ that need to be overcome for successful delivery of benefits. In addition, his practical hands-on experience provides him with a deep understanding of the strengths and limitations of the underlying technologies and their contribution to IT service delivery.
There is no doubt that the marketing efforts availability) and accessible anywhere from typically comes from the business, not its of Cloud providers have raised awareness any device; IT department. Established IT departments of Cloud services among the wider business • able to deliver consistent and tend to see the Cloud as a threat to their community. They have inspired many dependable performance; role as the gatekeeper to IT services. Its organisations to head for the Clouds... but • a low-cost solution. introduction is also perceived as bringing a marketing alone is not enough to explain raft of technical issues that IT departments the fact that Cloud services are now being If this perspective seems to be fanciful, would rather not deal with. In contrast, used in earnest. then consider the ordinary user’s new start-ups see the Cloud as an enabler, experience of Cloud services. Each of the providing off-the-peg services that rival From a business user’s perspective the above points would apply to a user’s view those of larger competitors but avoid the Cloud appears to be: of their email service (Gmail, Hotmail), or need to build costly IT infrastructures - their photo album service (Flickr, Picasa), the Cloud effectively lowers competitive • easy to access from a modern user or their free file hosting service (DropBox, barriers. Consequently, start-ups are the interface such as a browser or smart RapidShare, Wuala). From the business keenest adopters of Cloud services. devices; user’s perspective they don’t appear to have • capable of meeting the functional their head in the Clouds at all. Why are business leaders even and capacity needs of the individual or considering a highly technical service business; It comes as no surprise that the drive such as the Cloud in the first place? • always-on (with apparent 100 per cent towards Cloud within an organisation The answer lies in the way the Cloud
Asia-Pacific II 2012 n 33 Cloud implementation
is being marketed: easy for anyone to Geographic independence: Cloud services outsourced, supplier contract management understand, where a flexible service from major providers typically offer and ongoing technical management of is supplied and managed by someone an anytime, anywhere capability. This responses to changes made by Cloud else. Cloud is also noted to be allegedly is often complete with time-zone and providers both require appropriately skilled cheaper than an in-house alternative. As multilingual support. staff who can understand what changes the the most well-known providers of Cloud providers have made and their implications services, such as Microsoft, Amazon Few would argue that this is not a great set for customers. Despite the Cloud being and Google, are also trusted household of benefits. However, there are definitely in many senses a commodity, service names, their products and services are issues that impact the IT organisation. Any providers still need to be managed just as already being used by the very same credible business case must enlist the IT traditional outsourced service providers are. senior managers. team to identify and address them. The level of control Cloud customers have will be less, but this only means Cloud What this highlights is the discrepancy Issues providers must communicate the likely between perception and reality, between impact of changes clearly. the views of senior management and end- Integration and interworking issues: Larger users, and those of the IT department organisations carry a lot of IT baggage built Legal and regulatory issues: Closely who are charged with bringing the vision up over many years. Any new Cloud-based allied to, and often driven by, security and to life. Users are understandably only solution needs to work with the existing privacy concerns, legal and regulatory interested in the benefits that Cloud infrastructure. Applications must be able requirements constrain the choice of can offer while the IT department is to continue sharing information across the Cloud options available particularly to responsible for ensuring the Cloud-based Cloud boundary with minimum disruption larger companies but also to smaller solution delivers to expectations. to business. Implementation plans must ones. Legal and regulatory requirements explicitly take account of the technical are black and white and everyone has Benefits integration of the Cloud with any core to be adhered to them. Any regulated applications that are highly bound to the organisation or organisation governed by The business case drivers are typically organisation’s IT infrastructure. special legal requirements is obliged to derived from the following benefits: seek written assurances from any potential Security and privacy issues: Although Cloud providers that they can meet those Cost: The perceived lower cost of security and privacy are important to all requirements. To their credit, most service Cloud services is a major driver for organisations, the ability of an organisation providers are stepping up to the mark and all organisations irrespective of size. to manage security can vary dramatically. delivering solutions that meet general In reality the impact of cost savings Particular attention must be paid to legal and regulatory requirements. and limited capital investment is likely how security is maintained, since even to be disproportionately greater in apparently small changes to a service can Conclusion smaller organisations. have security implications. Organisations should review with the supplier precisely In conclusion the commodity nature of Scalability/agility: Few organisations how security will be maintained and the Cloud services is both an advantage and remain fixed in size and equally few mechanism for reporting changes that a disadvantage. It lowers costs, delivers applications have constant demands placed might have an impact on security. standardisation and provides relatively on them throughout their lifetime. The painless service upgrades. However, this capacity of an IT infrastructure or software Resilience issues: The level of resilience also means that services are unlikely to meet service to be scaled both up and down offered by the Cloud varies depending on the exact letter of any corporate requirement. according to demand removes a significant the size and type of provider. The larger headache facing many IT managers, providers (Google, Amazon, Microsoft) This pushes the responsibility for assessing especially when traditional bounded achieve high levels of resilience by the ability of Cloud services to meet systems reach capacity. distributing and replicating processing and individual corporate requirements back on data across many data centres. However, if to the customer. The customer has to define ‘Pain-free’ service evolution: Some SaaS data is lost, there needs to be mechanisms what it wants in terms of security, privacy, providers boast that their services are to recover back to the original position. resilience and integration capability and always up to date, with new features and Addressing this issue depends heavily then conduct an assessment of what is on software revisions introduced seamlessly. on the type of Cloud service - whether it offer against those requirements. This relieves the need for organisations to is infrastructure, platform or software as refresh their own infrastructures. a service. With infrastructure, the most Buyers need to be focussed on both effective method of improving resilience understanding the benefits and recognising High availability: Cloud services is to use more than one Cloud provider, the IT challenges to overcome. l typically offer a high level of availability, ensuring that the two infrastructures are though not 100 per cent availability genuinely independent. The Cloud customer as is often assumed. Cloud providers - then ensures that the applications running on particularly larger providers - do also the two infrastructures are synchronised. offer high levels of resilience through global replication. IT governance issues: While the technical delivery of services may have been
34 n Asia-Pacific II 2012 10061 BBWF advert-resize_Layout 1 21/05/2012 16:37 Page 1
THE WORLD'S LARGEST BROADBAND EVENT
TO REGI STER VI W SIT WW.B W ROAD ORLD BAND FORU M.COM
12th Annual
16–18 October 2012 • RAI Exhibition & Convention Centre, Amsterdam, the Netherlands Bettering the Broadband Experience and Enhancing Connected Lives www.broadbandworldforum.com
A NEW global hub to accommodate NEW FOR 2012 extensive growth: 10,000 global decision makers 200+ exhibitors 350+ visionary speakers 12 tracks over 3 days 134+ countries represented FEATURING SCAN QR CODE TO VISIT THE WEBSITE
SPONSORS
Service Provider Partner Corporate Registration Sponsor Platinum Sponsors
Partner Level Gold Sponsors
®
JOIN US www.broadbandworldforum.com/community FOLLOW US @BBWorldForum tweet #BBWF Cloud implementation
Cloudonomics: achieving cost-efficiency and agility through hybridization by Raj Dutt, senior vice president of technology, Internap
Enterprises are attracted to public IaaS Clouds to improve IT economics and improve business agility. The economics of Public Cloud does not fair better than a well-run data centre, but it wins on flexible capacity for peaks and troughs. The agility, that is, easy accessibility, Internet-speed updates and ubiquitous availability, also brings serious security and control issues. Despite limitations on software choices, such is the attraction of the Public Cloud that it is not unusual for employees to side-step IT altogether, without resolving the security and liability issues. A far better option is to deploy hybrid solutions that utilise existing enterprise infrastructure and select which Cloud (public or private) for which type of activity and for which level of data sensitivity.
Raj Dutt is senior vice president of technology in Internap. Mr Dutt is responsible for setting Internap’s technology strategy and vision. In this capacity, he identifies and architects the next-generation suite of technologies in support of the company’s hosting, enterprise IP and content delivery network services. Mr Dutt has extensive experience in building highly agile application ecosystems and applying open-standards, modular components and automation to overcome the limitations of physical environments.
Mr Dutt joined Internap through the company’s acquisition of Voxel in 2011, where he was founder and chief technology officer. He founded Voxel in 1999 with the vision of providing application infrastructure in the same way that great software developers write applications - through comprehensive systems design and execution. Mr Dutt led the company as chief executive officer from its inception until January 2011, when he successfully raised growth capital to support the business’s rapid market expansion and focused his efforts full-time on architecting the technology platforms that drive Voxel’s services. During his tenure as CEO, Mr Dutt organically built Voxel from the ground up to 40 employees and approximately US$10 million in revenue. His technology vision resulted in the launch of Voxel’s Managed Hosting, VoxCAST CDN and VoxCLOUD products.
Raj Dutt studied Computer Science and Management at Rensselaer Polytechnic Institute.
Recently, just about every technology Infrastructure as a Service (IaaS). Almost bring to the average enterprise? Can it company on the planet has been busy every enterprise already has a sizable help cut their costs? Help them be more repainting their offerings with a Cloud investment in their server and storage agile and competitive? Are there security brush. They’re layering it on thick, infrastructure. Some operate their own data and compliance concerns? What about rebranding themselves with a reckless centres. Many co-locate their infrastructure jurisdiction and data privacy issues? Will abandon that we haven’t seen since the ‘dot with a third-party data centre service provider. enterprises be at a disadvantage if they don’t com’ era, more than a decade ago. Even get on the IaaS bandwagon? though the Cloud hype meter is revving IaaS offers the same infrastructure building uncontrollably, there’s actually plenty of blocks - servers and storage - where the real innovation and disruption happening capacity is provided as a service and ‘on beneath the surface. Unfortunately, it can demand’ - in the Cloud. No longer do be tough for enterprises to cut through the enterprises have to build and buy their own buzzwords and marketing double-speak and server and storage environments - they can articulate a Cloud strategy that makes sense simply pay for the capacity that they need, and meets the needs of the business. when they need it. The public IaaS Cloud offers capacity to anyone willing to pay for it, Understanding the public IaaS Cloud similar to the electric utility grid.
This article approaches things from Sounds straightforward enough, right? the bottom of the Cloud-layered cake: However, what sort of benefits does IaaS
36 n Asia-Pacific II 2012 Cloud implementation
There’s no doubt that IaaS (and everything needs some extra capacity during employee altogether. They were going straight to third- built on-top of it) is going to dramatically enrolment periods or sales needs more during party public IaaS Cloud providers - corporate alter and transform enterprise IT. In fact, it an e-commerce initiative and needs less credit cards in hand. The promise of agility will likely happen faster than many think. during the holiday season. was pulling the business units towards the Over the last few years, IT has come to stand public Cloud. for Internet Technology, and as a result, The most cost-effective approach for an consumers of IT are demanding that it start to enterprise is often a combination of public All of this was quite annoying to my move at Internet Speed. Enterprises are eager Cloud, other third-party IT service options CIO friend. Cost wasn’t even his biggest to realise the benefits of the public Cloud, but (such as colocation, managed hosting grievance. The bigger concerns related to they also want their flexibility, control and or even private Cloud) and in-house IT security and liability issues. When users go to security requirements to be met. Luckily, it’s resources. This hybrid approach makes even the public Cloud, they bypass many important possible for enterprises to have their Cloud more sense when an enterprise already has processes and controls that the enterprise had cake and eat it too. existing sizable infrastructure investments. spent years putting into place. The public It’s generally a good strategy to consider the IaaS Cloud doesn’t offer the same level of Business success requires broader approach individual workload when making a decision control or oversight that internal IT does. about whether to run it on a public IaaS Unlike their own internal data centres or Often, the best solution is a hybrid, one Cloud or elsewhere. even a colocation environment, with a public that melds the existing internal capabilities Cloud, enterprises have no insight into the and assets of the IT organization with the Next, let’s consider agility, a word that is servers, switches, and storage environment. benefits that the Cloud offers. There are two much used by IaaS vendors. It is where main reasons that enterprises are attracted the Cloud truly shines - in just about every Since everything in the public Cloud to public IaaS Clouds: improved economics situation. So what’s not to love? While is shared as multi-tenanted resources, and improved agility. The combination agility is closely related to accessibility, it’s enterprises have to place their faith in the of these factors actually makes a hybrid diametrically opposite to security and control. integrity of the Cloud service provider solution very compelling. This is yet another reason why a hybrid and the underlying software. Additionally, approach is often the right one for enterprises. in the public Cloud, there is almost no Let’s start with the economics. What is flexibility in network topology or hardware the cost savings potential of public IaaS A CIO friend of mine recently confided configuration. Want to use the latest fast Clouds? Will an enterprise save money by how upset he was when he found out that SSD drives for your Oracle server? Too moving servers into the Cloud? Probably employees within most of the company’s bad. Have a penchant for the latest firewalls not! Compare the ‘all-in’ costs for business units were leveraging public from Cisco? Sorry. operating thousands of servers for a few Cloud services - without his knowledge. It years in a well-run corporate data centre (or was especially infuriating given that he’d Therefore, while agility is clearly a big win wholesale colocation environment) versus just spent millions of dollars on two new for the public Cloud, security and control having that same capacity on a pay-as-you- corporate data centres that were only half issues complicate matters. Again, a hybrid, go public IaaS Cloud. The Cloud will lose full. In his mind, something had gone horribly workload-centric, approach makes sense. Use every time … badly. wrong. A major contributing factor to the the public Cloud for workloads that aren’t surprising popularity of public IaaS Cloud high security, and consider the economics This is a surprise to most people and was the inefficiency of internal IT. It took of the workload in your decision too. Some somewhat of a dirty secret within the IaaS them months to add new servers in their own hybrid Cloud solutions even allow enterprises industry. For predictable workloads and data centres. In fairness, the blame didn’t rest to reap the agility benefits of the public IaaS core base infrastructure that is always- squarely with IT. They had to get budgetary Cloud in their own data centre - essentially on, the public Cloud is a more expensive approval, place orders, get various sign-offs, creating an on-premise private Cloud. option. This economic imbalance only gets install the servers, and finally release the worse when you consider that Moore’s Law infrastructure to the appropriate business unit, In conclusion, it’s important that enterprises allows internal IT to more than triple the many weeks later. So, instead of addressing keep their head ABOVE the Clouds by performance-per-dollar with every server what they felt was a sub-optimal solution, putting their business needs foremost. Take refresh. Are we seeing similar price declines employees had started side-stepping IT a workload-centric approach, and pick with IaaS Cloud services? Not really, and we the right IT infrastructure tool for the job probably won’t any time soon. - whether that is public or private Cloud, managed hosting or colocation. The best On the other hand, the public Cloud can hybrid solutions will be greater than the sum make a lot of sense for unpredictable of their parts and will allow enterprises to workloads. Enterprises can leverage the create a flexible infrastructure that can be Cloud to expand capacity ‘on demand’ centrally managed and that will evolve with without incurring capital expenditures on their business. l new servers. Workloads that are well suited for public IaaS Clouds typically have great variability in demand with significant traffic peaks and troughs, such as batch jobs, new software rollouts, marketing campaigns and seasonal projects. Perhaps human resources
Asia-Pacific II 2012 n 37 RAI AmsRAIterd Amsterdamam Conference 6-11 September : Exhibition 7-11 September Conference 6-11 September : Exhibition 7-11 September Get Connected at IBC IBTheC lightspeed2 0penetration12 of internet connected devices and the services that run on them are making content available on demand anywhere and with an unprecedented degree of Dipersonalisation.scover More
The IBC Connected World is a special area of IBC which encapsulates the very latest developments in mobile TV, 3G and 4G services with the pioneering applications and technologies that are driving content over-the- IBC is atopt th intoe c theut thomeing- anded gintoe oourf n future.ew t Meetech ntheo lapplicationogy in th developers,e content providers and new technology companies revolutionising rapidly etomorrow’svolving mediaelec tindustry.ronic media industry. It couples a comprehensive exhibition covering all facets of today’s Youindu cans talsory wtakeith advantagea highl ofy rthees FREEpec tDemonstrationed peer rev Areaiew ewhichd will be showcasing innovation and providing a platform for discussing how confereemergingnce tha andt h potentiallyelps sh adisruptivepe the technologiesway the i ncandu fi sndt rtheiry place within will devethelo overallp in t broadcasthe futur industrye. value chain. Visit the IBC Connected World in Hall 14 to fi nd out more. Take advantage of a variety of extra special features including:
• Future Zone • IBC Production Village showcasing the latest developments presenting the latest camera in broadcast technology technology in a purpose built environment • IBC Connected World including demonstration area • IBC Awards Ceremony in Hall 14 acknowledges those who have made a real contribution to the industry • IBC Big Screen hosted on Sunday 9 September providing the perfect platform for manufacturer demonstrations and the Saturday Night Movie
Scan for more information www.ibc.org/ibcconnectedworld IBC Fifth Floor International Press Centre 76 Shoe Lane London EC4A 3JB UK Register now at T + 44 (0) 20 7832 4100 F +44 (0) 20 7832 4130 E [email protected] www.ibc.org/register
wwConnectedWorld_Connected.inddw.ibc.org 1 29/4/12 13:15:20 IBC Fifth Floor International Press Centre 76 Shoe Lane London EC4A 3JB UK T +44 (0) 20 7832 4100 F +44 (0) 20 7832 4130 E [email protected] Cloud implementation
Open Cloud for open business by Dirk-Peter van Leeuwen, vice president and general manager, Red Hat, Asia-Pacific
Telcos are competing with IT giants on delivering Cloud services by leveraging their assets and trust relationships. They must provide closer fit to customers’ requirements, for example, through co-locating platforms or through applying incentives to encourage adoption. One major aspect is avoiding new silos with Cloud lock-in, if public and private Clouds cannot interwork. The hybrid solution and the Open Cloud approach will play a big part in keeping enterprises in control of their technology and business roadmaps. No use having your ‘head in the clouds’; better have your ‘head for business’ when reaching the Clouds.
Dirk-Peter van Leeuwen is Red Hat’s vice president and general manager for the Asia-Pacific region. He is responsible for expanding Red Hat’s presence and oversees all sales, marketing, and services throughout the region.
Mr Leeuwen first joined Red Hat in 2004 with the remit of establishing Red Hat’s operations in Belgium, Netherlands and Luxembourg (Benelux). By 2008, his portfolio included the Central and Eastern European (CEE) market operations and he was promoted to vice president for CEE, responsible for sales and general management of Red Hat’s business in the region. Under his leadership, the Central, Eastern European and Benelux region became Red Hat’s fastest growing territory in 2008, seeing a 15 per cent increase of its customer base.
Mr Leeuwen has over 20 years’ experience in the IT industry and has a deep understanding of the enterprise software market and the channels in Europe. Prior to working for Red Hat, he held the positions of European director for PlanetWeb Inc. and the director of Northern Europe for SCO, where he built their sales operations in Benelux and the Nordic region.
Public Clouds have been widely used by capitalise on this opportunity, especially since Cloud services. The key question faced by consumers and developers. Now they’re Cloud computing spend is expected to grow telcos now is how they can establish their set to deliver services to the enterprise. further2. A report by Ovum shows that telcos position by leveraging their key assets to Telecom players compete for this business are best suited to offer enterprise-grade Cloud become a ‘smart pipe’. with web giants like Google. Carriers are computing solutions as they are already hoping to leverage their trust relationship carrying sensitive data on their networks Competing in the Cloud and enhanced networks to make headway and are therefore familiar with government in storing data and hosting applications. regulatory requirements and expected In a survey conducted by Marevedis-Telecom However, there is much to resolve in terms service standards3. Additionally, telcos have Asia5, the key challenge in launching mobile of compatibility, both between the software the experience of running business and Cloud services is establishing a dynamic sold by various Cloud vendors and between operations support systems and are well business model because differentiation is private and public Clouds. versed in the running and billing of scalable essential for telcos to compete in a very Cloud services. crowded market. Instead of venturing into Telcos everywhere are looking at Cloud storage and computing services, which services as part of their strategy to improve Not surprisingly, Informa reported that in is increasingly becoming commoditised, average revenue per unit (ARPU), increase 2011 telcos worldwide invested nearly US$11 the flexibility of telcos and their ability to profitability and boost their bottom line. billion in Cloud-related pursuits4. However, orchestrate a wide range of services will be With revenues projected to hit US$43 billion the same research found that only five per the differentiating factors. For instance, if this year1, telcos are aggressively trying to cent of their enterprise revenue came from a customer is a trading company-based in
1 ‘US Telecommunications Private Line Services Revenue to Reach USD$43 Bilion in 2016, says Insight Research’, Insight Research Corporation, January 25, 2012 2 ‘IDC on 2012: Prep for Cloud wars, mobile explosion, higher IT spending’, IDC, December 2011 3 ‘Multinationals trust telcos with the Cloud’ Ovum, telecoms.com, May 2011 4 ‘Telecom Cloud Services, Best practice from the field’ Informa, October 2011 5 ‘The search for growth,’ Marevedis-Telecom Asia, Telecoms Asia, November 2011
Asia-Pacific II 2012 n 39 Cloud implementation
Hong Kong, latency may be a key issue for Apart from focusing on enterprise Cloud • Making it possible to build a hybrid them and telcos may therefore need to be services, another possible strategy is to Cloud that spans physical servers, multiple co-located on the trading floor to provide a address the consumer segment as well. virtualisation platforms, and public Clouds, winning proposition. Telcos such as AT&T are currently focused running a variety of technology stacks; on the enterprise and small to medium-sized • and, putting the customer in charge of his or To explore this further, let’s look at CDLAN, business (SMB) markets, but recognise that her own technology strategy. an Italian telecommunications operator and mobile consumer applications represent a provider of value-added ICT (Information a huge opportunity. Providing consumers Why an Open Cloud and Communication Technology) services. with the ability to back up data to a public The company created a virtual platform Cloud for a small monthly fee is an example An open Cloud can deliver on the full for the provisioning of Software-as-a- of a possible service offering. Doing so value and promise of Cloud computing by Service (SaaS) to its customers, which are would allow users to recover their personal bringing efficiency, agility, and the cost medium-to-large organisations operating data, should a mobile device get stolen or is benefits of Cloud to existing IT infrastructure, in a variety of sectors, including finance, misplaced. applications, and users. This is done by professional services, broadcast media, and allowing organisations to build a Cloud out telecommunications. Applications available The right Cloud implementation strategy of heterogeneous systems including physical on its SaaS platform include Enterprise servers, multiple virtualisation platforms, Resource Planning systems (ERP), email The next step is choosing which approach to and public options, independently from the and e-learning systems. CDLAN’s unique take in order to implement a Cloud. When the underlying technology stack. selling point is the ability to offer clients term ‘Cloud computing’ first appeared on the maximum performance, scalability and scene, it referred to computing utility, with An Open Cloud can also leverage existing reliability at competitive prices by using electricity providing the clearest analogy: IT investments in hardware, software, and open-source technology. Generated by large service providers? Check. training, allowing organisations to build Delivered over a grid? Check. Paid per a Cloud in an evolutionary way, thereby During this uncertain economic climate, usage? Check. However, Cloud computing reducing costs and risks. Down the road, many telcos have come to realise that has evolved into a broader way of thinking it allows organisations to select the best it is even more important to listen to about IT that has an impact on existing technologies for users without concerns that their customers’ needs. In most cases, investments. Choosing the right kind of a single vendor can control access to the what companies require is a reduction in Cloud (private or public) is perhaps the most greatest innovation, the lowest costs, and the investment capital and maintenance costs strategic decision IT leaders will make in this best economic model. while allowing them to provide reliable, high- decade. It’s a choice that will determine the quality services at all times. organisation’s competitiveness, flexibility, Lastly, an Open Cloud provides application and IT economics for the next ten years. portability across Clouds, permitting For other telcos, entering the Cloud space applications to be deployed on optimised independently may not be the best approach One major factor when adopting Cloud platforms during any stage in their lifecycle, and they can look at forming a partnership is the fear of vendor lock-in. This occurs minimising the need for costly and time- instead. One successful example in Asia when there is a lack of interoperability consuming rewriting or re-certification. saw a Japanese telco giant acquiring an between Clouds, often caused by a lack of IT services and solutions provider. The common interfaces, standard data formats Conclusion acquisition complemented both companies’ or services that could guarantee application, business objectives and provided the telco data and service portability. As a result, While telcos are defining the right strategy with the resources and skills to further deepen companies are unable to operate using a for their market, choosing the right kind its positioning among companies moving variety of Cloud service providers, which of Cloud is just as important. The best towards the managed infrastructure services forces them to be ‘locked-in’ to a single way is to adopt the mind-set of a customer and Cloud computing space. vendor’s Cloud stack. This and the issue choosing a mobile phone provider - they of combining private and public Clouds is want to be in charge of choosing the plan This differentiation should also be resolved by a hybrid Cloud solution, which for themselves, they want the subscription internalised within the company before is more flexible. When done right, it can process to be painless, and they want to it markets its new service offerings. The deliver strategic advantages to the business be able to choose from different service adage of ‘build it and they will come’ is by redirecting resources from ‘lights-on’ to providers. The same should be true in the not true anymore. There needs to be a innovation. An Open Cloud can deliver the business world. Telcos should go about concerted effort to ensure that the company full strategic business value and fulfil the choosing a Cloud solution because they is marketing its services well too. A leading promise of Cloud computing. By embracing truly believe in the value of the service - telco in Australia did just that by devoting Clouds that are open across a full gamut of not because they are locked-in. l a substantial amount of resources to train characteristics, telcos can have confidence its sales force and partners with the right that their Cloud strategy is consistent with skills and knowledge to push out its Cloud the following objectives: offerings. By offering incentives to all involved in the process, the telco managed to • enabling portability of applications and data implement the right rewards system to spur across Clouds; on the adoption of Cloud services. • leveraging on existing IT investments, infrastructure and avoids creating new silos;
40 n Asia-Pacific II 2012 An insight into the future!
You are a decision maker; Connect-World, The Decision Makers’ Forum for You understand your business; ICT Driven Development, brings you the thoughts and opinions of leaders from around the globe, Do you understand how ICT affect the markets, their personal assessment of the issues that drive the countries and the people you serve? the ICT revolution and change the lives of us all. Gain insight into how ICT leaders see the future.
The Decision Makers’ Forum for ICT Driven Development
connect-world.com Global House n 12 Albert Road n London E16 2DW n United Kingdom n Tel.: +44 20 7540 0876 n Fax: +44 20 7474 0090 n email: [email protected] n URL: www.connect-world.com
Connect-World A4 ad.indd 1 3/9/11 12:28 AM Cloud implementation
Building the right Cloud for your business by Chip Salyards, vice president Asia-Pacific, BMC Software
Planning the move to the Cloud is urgent when employees can so easily circumvent IT without aligning with the corporate security, compliance and regulatory needs, putting the organisation at risk. Planning Cloud solutions must consider the requirements of various departments, which are different and are often at odds with IT. Many companies still opt for private Clouds and mission-critical and sensitive data functions, but allow public Clouds for the rest. Users who have grown accustomed to the ‘IT-as-a-service’ nature of the public Cloud are demanding the same functionality in private Clouds. IT departments need to respond by building hybrid Clouds, which combine public and private Cloud models.
Chip Salyards is the vice president of Asia-Pacific for BMC Software, a leading provider of enterprise management solutions that empower companies to manage IT from a business perspective. In this role, Mr Salyards is responsible for developing, managing, and executing a comprehensive sales and services strategy across Asia-Pacific to drive market growth and sales success across the region. In 2006, Mr Salyards joined the company’s Asia-Pacific operations in Singapore where he served as a best practices director for Asia-Pacific, managing director for Southeast Asia region, and director of Enterprise Systems Management for Asia-Pacific. During this period, he was instrumental in improving BMC’s sales planning and execution across the region. Joining BMC in 1999, Mr Salyards spent the first seven years in the company’s North American offices holding a variety of roles including sales specialist, sales representative, senior account manager and best practices manager.
Prior to BMC, Mr Salyards held sales and management roles with several US software companies and worked extensively in the healthcare sector.
Chip Salyards has a Bachelor of Arts Degree from Stonehill College (Easton, MA, USA) and an MBA from Suffolk University (Boston, MA, USA).
With all the hype surrounding Cloud access to a level of computing power that services can be as easy as signing up with a computing, organisations are struggling to was not previously an option, due to limited credit card, users don’t need to depend on IT understand what the Cloud means to their resources. For the larger enterprise, moving to to deploy it for them. This consumerisation business. Internal and external pressures the Cloud is proving necessary to streamline of IT is forcing many companies to rapidly force IT departments to evaluate the processes, preserve IT resources and budgets build their own Clouds to protect their assets migration to the Cloud in a cost-effective and increase overall productivity. and make sure that they can offer the services and efficient way. that users are demanding while aligning Organisations are also facing greater pressure with the security, compliance and regulatory From large enterprises to small and medium- internally to make the move to the Cloud. requirements of IT. sized businesses (SMBs), it is not a question Some companies are finding that if they don’t of when to move to the Cloud, but how. For move fast enough to respond to employees’ How can a company ensure that the Cloud the SMB, the lower cost of the Cloud and demand, the users will circumvent IT in order they are using is satisfying the needs of applications provided in the form of Software to obtain access to the public Cloud services their users while aligning with the IT as a Service (SaaS) is giving companies they want. Because gaining access to these department’s technical needs, and achieving
42 n Asia-Pacific II 2012 Cloud implementation
the intended business goals? Although there Cloud Services are Transforming IT, many By carefully mapping your Cloud is no simple answer, there are questions to organisations are adopting public Clouds for implementation to business goals, IT ask and processes to follow to help ensure non-critical IT services and using private objectives and end-user demands you can that the needs of your organisation are being Cloud models to serve critical and sensitive build the right Cloud for your business, met. Just like the ones in the sky, no two information in order to retain more control. which will ultimately help you and your Clouds are the same. It is important to keep The report also showed that many users have organisation succeed in today’s IT landscape. in mind that what works in the Cloud for grown accustomed to the ‘IT-as-a-Service’ l one company won’t necessarily work for nature of the public Cloud and are demanding everyone. Similarly, what works for one the same functionality in private Clouds. department in your organisation may not To meet this demand, IT organisations are work for others and you may find the needs building hybrid Clouds, which combine of marketing competing with research and public and private Cloud models. By using development (R&D) and both at odds with this approach, IT can manage some resources the IT department. internally while other services are provided by an external vendor. This model can also With so many options to choose from when enable businesses to leverage the scalability planning a Cloud initiative, it is easy to lose and cost-effectiveness of a public Cloud focus and expand far beyond the original while minimising the risk to critical or scope of work, timeline and projected sensitive data and applications. budget. It is crucial to carefully plan out your Cloud to ensure successful implementation For example, Asia-Pacific is one of the and adoption, and to make sure that your fastest-growing telecom markets, and one organisation is addressing the technology of the biggest benefits being realised by this Connect-World now on needs of the present without neglecting the solution is the agility and scalability of the Facebook & Twitter business goals of the future. Cloud environment. Many companies in the region, especially those in the mobile Connect-World, the world’s What is the Cloud for and who is using it? industry that add millions of new users foremost discussion forum for each month, are finding that hybrid Clouds leaders in the ICT industry, is now First, decide why you are building a Cloud. provide them with the level of flexibility they available on Facebook and Twitter. Many organisations are adopting the need to address this rapid growth at a more Cloud to increase productivity, drive down manageable cost. service delivery costs and minimise risk. The world’s top ICT decision- Determining what business objectives/goals How do you measure success? makers express their opinions in you would like to achieve by deploying Connect-World. They use clear, the Cloud will provide the focus that will Once you have decided what type of non-technical, English to discuss ultimately help develop a successful roadmap Cloud to implement and how to do it, it is how ICT helps shape regional for your Cloud. equally important to decide how to measure and global development. The success. To help determine your return on articles essentially examine the When your business goals have been defined, investment, weigh the benefits - whether it influence that ICT products and it is important to think about who in your is increased productivity, minimised risk organisation will be using the Cloud and or reduced IT costs - against the cost of services have on the way people what they are trying to achieve by using it. adoption, building and deploying the Cloud. live and do business. With In order to make an informed decision about Also, take into consideration the business separate editions for each of the direction of your Cloud initiative, both goals identified at the outset and evaluate the world’s regions, the reports business and operational needs should be whether or not your organisation has been highlight the most important ICT considered against benefits. Depending on able to achieve those goals. trends and issues influencing your organisation, the spectrum of users can socio-economic growth. range from human resources to marketing, Make the move to developers and R&D. Whether it is the Connect-World is now available marketing department investing in SaaS for All in all, organisations and IT leaders a social media initiative, research needing can no longer afford to ignore the Cloud. to follow on Twitter (http://twitter. more power to run massive calculations or The overall business benefits realised by com/#!/ConnectWorldICT) and developers needing testing environments, implementing scalable, agile and cost- Facebook http://www.facebook. all of these demands need to be addressed effective Cloud architecture are too com/connectworld.ict in order to prevent end-users from valuable to be overlooked. Combined circumventing IT and putting the organisation with the fact that many users will put their Also, it is still possible, for FREE, at risk. company’s confidential or sensitive data to directly access all past and at risk by going around IT to obtain the present Connect-World articles, Public, private or hybrid? Cloud-based services they want, makes it ICT Industry press releases, increasingly important to adopt these new According to a recent report from Gartner technologies quickly. eLetters, ICT News and more at entitled Hybrid IT: How Internal and External www.connect-world.com.
Asia-Pacific II 2012 n 43 Federating interworking Clouds
Opening up the federated Cloud in Asia by Ditlev Bredahl, CEO, OnApp
A Forrester’s survey shows that three times as many APAC companies as there were in 2009 are planning to deploy some Cloud-based service. With such mass adoption, many new Cloud service providers appear in the region. They can offer better usability, lower prices, local knowledge and local support, but they can’t compete on scalability and reachability against giants like Amazon. The disruptive Cloud Federation can change that. Small Cloud providers across multiple geographies can now pool together their ‘idle’ headroom capacity (for demand spikes or disasters) that can amount to 20 to 40 per cent of their infrastructure. This gives them global coverage but still allows them to differentiate and price independently, thus forming a credible alternative to IT global players.
Ditlev Bredahl is the CEO of OnApp. He is an Internet and hosting industry veteran, with more than 15 years’ experience with leading hosting and technology companies. As the CEO of OnApp, he has led the company’s dramatic growth from its launch in July 2010 to become a leading provider of software for hosts. After a few years in various roles working for the European Parliament, Ditlev Bredahl moved into the rapidly growing Internet sector in the mid-1990s. He quickly developed a reputation as an entrepreneur and a specialist in start-up and turnaround scenarios.
Before founding OnApp, Mr Bredahl led UK2 Group’s hosting companies as managing director and CEO, and spearheaded the launch of VPS.NET, which now operates one of the world’s five largest public Clouds.
Ditlev Bredahl has an MBA in International Business from the European Institute for Public Affairs and Lobbying in Brussels, and a degree in Economics from AAU, Denmark. He is Danish, lives in the UK but travels frequently to speak at events around the world.
Cloud adoption is growing in the Asia-Pacific A survey by VMware of 7000 businesses and The Asia-Pacific Cloud hosting market today region, and the federated Cloud is making it IT professionals in Asia-Pacific showed that easier and more cost-effective than ever. In an 91 per cent consider the Cloud relevant to The global public Cloud market is dominated increasingly connected world, organisations their operations, with India and China leading by a handful of global providers, with the need to make any online offering available to the region in terms of adoption plans. At a lion’s share belonging to Amazon Web everyone, not just to their own region. It’s not survey by technology analyst Forrester, more Services (AWS). While many Cloud hosting enough for websites, blogs, shopping carts, than half (54 per cent) of the organisations the companies in the Asia-Pacific offer localised media apps, social networks, gaming, even company surveyed in the Asia-Pacific region services, with a presence in one or two internal systems like CRM, to be targeted (excluding Japan) were either currently using countries, it’s much rarer to find a provider solely at their region of origin - they need or actively planning Cloud initiatives - three with anything like the scale offered by to be able to reach out around the world, to times as many as there were in 2009. Amazon. With the exception of one or two wherever their potential users might be. large providers, such as GMO, local Cloud The vast majority of businesses in Asia-Pacific companies simply don’t have the capital The Cloud is enabling that move towards need to ensure that their services are available required to build a significant regional global reach, and as businesses across the across all markets - locally, across the region presence, let alone a global Cloud. Asia-Pacific region step up their adoption and beyond. The Cloud makes it possible, and of Cloud services, the potential for Cloud there is a growing market for Cloud service There are other problems with Amazon. Its hosting organisations is huge. providers in this region. However, there are services are seen by many as expensive and still issues of scale and cost to overcome. non-user-friendly, with limited support options,
44 n Asia-Pacific II 2012 Federating interworking Clouds
especially in Asia-Pacific, where it has a less available for failover or to cope with spikes in global reach - the holy grail of hosting. significant presence than in other regions. The usage. In some Clouds there can be as much Even relatively small hosting providers can relatively high level of technical expertise as 40 per cent sitting idle. Resources and cost increase their offering extremely quickly, and required to use their offerings means that are expended for essentially doing nothing. only pay for the services they need, as they much of the real uptake of Cloud has been By making that space available, for a fee, need them. They can also create an additional for short-term development and test activities firms can maximise their investment while revenue stream by making their own spare by large organisations which are suited to losing none of the scalability and security that capacity available. such arrangements, rather than with smaller they need. Hosting providers make the space organisations with fewer resources. Smaller available, and this can be used as and when With the federated Cloud, a business providers can offer superior ease of use, lower it’s needed, by providers around the world. only needs to have one supplier, which prices, local knowledge and solid SLAs (Service Each Cloud provider can still set their own understands their market and has the specific Level Agreements) with local support, but they prices, and users can choose which providers local knowledge they need, whether it is the can’t offer the same level of scalability. they would prefer. technology, language, culture or specialist markets. At the same time, it also has global Businesses can elect to go with several The federated Cloud offers other benefits resources when it needs them, through different Cloud providers, which in theory for businesses in the Pacific Rim, such seamless integration with other members should offer local support and expertise with as disaster recovery. The havoc caused of the federation and access to their Cloud greater scale, but in practice it’s a strategy by last year’s earthquake and subsequent infrastructure, all over the world. that’s fraught with further problems. There tsunami in Japan illustrated all too can be issues with compatibility between starkly the vulnerability of traditional So users get better service and prices, smaller Cloud hosts, not to mention the IT infrastructure, with tens of billions and hosting companies get to compete on administrative headache and financial burden of dollars’ worth of damage caused in the quality of their offering, not just their of dealing with multiple providers, which can a matter of minutes. It makes sound investment muscle. The knock-on effect often negate the economies of scale that the business sense in all sectors to follow the of this means greater competition in the Cloud is supposed to deliver. lead of the big financial institutions with marketplace, driving down prices and failover infrastructure-based in a range improving service offerings across the With so few competitors offering Cloud of locations around the globe. Until now, board. With a federated Cloud, good service services with genuine global reach, costs the high cost of setting up that sort of and global reach is no longer an either/or stay high because there’s no incentive infrastructure has been prohibitive for all situation, and users can get all the advantages to bring them down, and businesses are but the largest organisations. of using smaller, locally-based hosting effectively held to ransom by a lack of providers, with global back-up and services. choice, often locked into year-long service The resources for the federated Cloud contracts - even longer if they’ve managed have been there for some time, but only The federated Cloud is here to negotiate a lower price. Smaller providers recently have they begun to be tapped into simply can’t compete - unless they work in a secure, reliable and scalable way. That’s The federated Cloud isn’t just a clever together. For the market to develop, there now happening across the highly diverse concept. It’s happening now, and challenging needs to be disruption. Asia-Pacific region and throughout the the closed-shop way that global Cloud globe. It’s now possible for one provider to services have traditionally been delivered. Taking on the Cloud giants - the federated offer a range of PoPs in over 300 locations Smaller hosting providers are beginning to Cloud around the world via the federated Cloud, come together, leveraging their combined offering locally-based services wherever capabilities to compete with much larger Traditional hosting companies are well- they’re required. A specialist delivery system providers such as Amazon. At least one established in the Asia-Pacific, but setting up determines which servers in the federation model is already emerging which unites more an Amazon-scale offering can’t be achieved are best-suited to deliver content to end- than 300 service providers in 25 countries, overnight. It takes time and requires large users, based on the status of those servers all running on the same federated Cloud capital expenditure, which then has the effect and their location. The result is an extremely platform - and it’s growing. of detracting from development in other areas cost-effective and flexible offering that can of the hosting business. The alternative is a be used by organisations that previously The federated Cloud offers particularly strong ‘federated Cloud approach’ where different wouldn’t have been able to afford it. incentives in Asia-Pacific, where Amazon providers club together to provide seamless has less traction than in other territories. With Cloud infrastructure to end-users and Benefits of the federated Cloud the take-up of Cloud services in the region organisations, across multiple geographies. It accelerating, the federated Cloud will enable combines global reach with local expertise and For hosting providers it means the creation virtually any hosting provider to compete on accessibility which can be switched on quickly of a global Cloud infrastructure that virtually the same level with much bigger rivals, so and accessed as required. It allows hosting everyone can afford, bringing Cloud hosting both their business, and their customers, will companies to greatly expand their offering and within reach of the world’s 33,000 mass- benefit. With providers pooling their resources, capabilities at a stroke, and take a step up to market hosts. Smaller providers which the federated Cloud offers a vision for the compete against much bigger competitors. are already differentiating themselves on development of Cloud services in Asia-Pacific, service, specialist applications and bespoke a vision that, at last, everyone can share. l This is how it works. In any hosting set-up, integrations can now capitalise on those around 20 per cent of the available servers strengths by joining together to compete sit idle at any given time so that they can be against the big boys in terms of scale and
Asia-Pacific II 2012 n 45 Federating interworking Clouds
Examining the Asia Cloud by Samuel Lee, president, Equinix Asia-Pacific
Cloud is not merely a change of infrastructure, but primarily a different business model, with a standardised, multi-tenanted service model. It allows constructing services with many more service components, since they all are available from the same Cloud. In the APAC, last year Cloud engagements originated from the US, but this year more local/regional providers are launching Cloud services. They seek to connect to one another and extend their coverage. This concept of a carrier-neutral ‘Cloud service hub’ is gaining momentum, where Cloud providers can form vertically aligned solutions stacks, improving performance and reducing network running costs.
Samuel Lee is the president of Equinix, Asia-Pacific. Samuel Lee joined Equinix in 2000 and now serves as president, overseeing the management, strategy and growth of the company’s Asia-Pacific operations. Previously, he served as the managing director of Equinix Hong Kong, where he successfully led the team in building a strong position for Equinix in the financial services industry there.
Mr Lee brings a wealth of experience in telecom and Internet services, as well as expertise in start-up operations. Prior to joining Equinix, Mr Lee served as the managing director of Pacific Gateway Exchange (PGE), a provider of wholesale and retail long distance, Internet and bandwidth services. He founded Telekom Consulting Ltd, a consulting firm offering strategic assistance to network providers in the deregulated telecommunications market in Hong Kong and Asia. He also held management positions at Teleglobe International, Intel, and Sprint. Samuel Lee holds a BA from City University of Hong Kong.
Cloud computing has been getting an reach US$5.8 billion by 2015 with a CAGR of Cloud focuses more on business than on enormous amount of attention in recent 39 per cent between 2010 and 2015. technology years. This new computing paradigm has the potential to reduce IT costs, streamline Service providers and smartphone manufacturers Cloud is not a new technology. For end- IT consumption models, simplify business have been launching Cloud-based services, and users, it is one way to consume applications continuity and deliver enterprise grade the buying of content, the streaming of media and and services. For service providers, it capacity on demand. Gartner predicts that half the sharing of office documents is now easy and is a business model and architecture for of the Global 1000 enterprises will rely on convenient. Interested in printing photos from the delivering infrastructure and services to external Cloud computing services to deliver Cloud? Many printer manufacturers have already customers. The services themselves leverage their top revenue-generating processes by incorporated this feature in recent launches. Such a number of technologies, most of which are 2015. From an Asia-Pacific perspective, the market phenomena pave the way for the spread either well established or have evolved from statistics are as compelling. Frost and Sullivan of Cloud computing and confirm the upbeat existing technologies. believe that 30 per cent of APAC organisations research statistics. Therefore, it’s no surprise that will have adopted some form of Cloud virtually every ICT vendor and service provider When considering Cloud services, it’s computing by the end of 2012. The APAC is racing to be part of the Cloud ecosystem. important to treat the Cloud as a business market for public Cloud computing is set to model. This will help to keep the focus
46 n Asia-Pacific II 2012 Federating interworking Clouds
on service aspects like Service Level increasingly relying on service providers to business objectives; Agreements (SLAs), service catalogues, and deliver the benefits of Cloud services. • more vendor solutions choices to fulfil functionality rather than just technology. targeted architectures; The Cloud service approach presents • optimised service delivery performance Cloud is more than just infrastructure both opportunities and challenges. The and cost management; that is, the ability opportunities include a more efficient, to closely align network technologies and Paradoxically, people who come from a elastic, capacity-on-demand delivery model. service solutions to business goals. traditional IT background often have a hard To deliver IT infrastructure and services to time understanding Cloud computing. This customers cost-effectively and efficiently, the A carrier-neutral ‘Cloud services hub’ is because they are used to thinking of IT Cloud infrastructure is-based on multi-tenant operations in terms of hardware and software. systems with high degrees of virtualisation In Equinix, we have experienced a rapid As Figure 1 illustrates, the traditional IT and shared resource pools. This translates growth of Cloud service providers over delivery models have largely relied on a into numerous end-users and businesses the last few years. Cloud service providers limited number of partnerships to deliver operating in very dense service delivery want to be in our facilities not just to dedicated platforms and applications. Even environments. This is how service providers connect to networks and customers, but in a fully outsourced model, the provider deliver the economics of Cloud services. It is also to connect to one another. As a delivers a service that is dedicated and by design. result, Cloud has become an important tailored to the customer. vertical market, which now accounts for Network provider density over 20 per cent of our annual revenues The Cloud, by contrast, is built on a worldwide, and is keeping the company standardised, multi-tenanted service The network lies at the heart of Cloud aware that more investments may be model. All buyers get the same service, computing. Unlike premise-based needed in order to keep up with demand. but the services can be composed of many solutions, Cloud service providers may components. Therefore, instead of one or incorporate infrastructure and application A concept that is gaining positive two relationships like the traditional model, services located a long distance from momentum is the idea of a carrier- Cloud-based services may be built from a customers. The resulting service latency neutral ‘Cloud service hub’, where stack of many services. and its corresponding effect on the end- Cloud providers can interconnect to form vertically aligned solutions stacks. The Cloud is about flexibility and choice. At the same time, the delivery of Cloud services may span significant distances - especially when virtualised workloads can be anywhere. Aligning Cloud benefits with user Quality of Experience (QoE) requires distributed service delivery architecture. The result is lower network latency, fewer interconnections, and better SLAs. Due to the rich ecosystem of Cloud providers in key hub locations, many providers can directly connect to one another, resulting in significantly greater performance, improved security, and lower cost.
In the past year, we saw most of the Cloud engagements that have originated from the US, expanding into the APAC market. However, this year we are seeing more of the local and regional APAC providers roll out Cloud service portfolios,-based on their foundation in managed services. For Figure 1: The Application Deployment Evolution user experience are extremely important example, we have helped two Australian considerations. A single Cloud provider will managed IT providers roll out their Cloud Underneath the Cloud service umbrella lie service customers in many locations. To be services within the first months of 2012. stacks of component services including successful they must pay close attention to We’re also seeing stronger customer computing, storage, networking, security, optimising their Cloud backbone and edge relationships in vertical industries including identity management, monitoring, and connectivity to their customers. For this finance, telco, and enterprise. This is many more. These are all wrapped up reason, network connectivity and network because many of these vertical customers within equally sophisticated data centre provider choices are hugely important to have also started migrating portions of their environments and delivered over various Cloud service providers. business to the Cloud. l access and backbone networks. Cloud architecture and service delivery can be very Network provider density enables: complex. That’s why so many companies are • more architectural possibility to achieve
Asia-Pacific II 2012 n 47 48 n Asia-Pacific II 2012 Introducing O3bTrunk MoreBandwidth LowerLatency LowerCost
www.o3bnetworks.com/cw/o3btrunk