www.expresscomputeronline.com
edit
IS TWITTER LOSING ITS CHIRP?
icroblogging site Twitter recently announced its results for the first quarter of 2014. Soon after, its stock took a beating of Mabout 11%, even though its topline grew to $250.5 million com- pared to $114.3 million in the year-ago quarter. It also added 3 million active users compared to just 1 million in Q1 of 2013. The financial reasons for the thumbs-down by Wall Street are obvious: despite growth in revenue and users, losses widened from $27 million in the year-ago quarter to over $132 million in the recent one. But even otherwise, there have been signs of trouble for the social media biggie for some time. Apparently, its efforts to cast itself more and more in the image of Facebook (by improving profiles, adding features such as Twitter Cards and Nearby, etc) are not getting it enough traction. There are other reasons as well. At one point, breaking news was THE PROBLEM touted as a big pull, but now Facebook and YouTube seem to be ahead WITH TWITTER IS in the game. Pew Research, for instance, is said to have found that only 8% of Twitter’s entire user base (it has over 240 million active monthly NOTJUST FINAN- users) uses it to stay updated with news. This is against 30% for Facebook and 10% for YouTube. CIAL NUMBERS; Another weakness, say critics, is that Twitter is not generating as much interest in markets outside the US as other social giants. IT IS NOT GENER- While sites like Facebook, YouTube and even LinkedIn are capturing the imagination (and engagement) of people worldwide, ATING ENOUGH Twitter continues to be seen as a niche vehicle with limited utility USER INTEREST (how much can you pack in 140 characters or less, for example). Twitter has certainly caught the fancy of celebrities, politicians and others who like to broadcast their views to their fawning hordes—but the average Joe or Jane is still keeping their distance. There is another silly thing happening in the dark corners of Twitter: I have come across several Twitter profiles that appear robotic, superhuman, idiotic or a mix of all. A typical such profile reads: 23 tweets, 19,265 followers, 20,897 following (with weird handles I would rather not name). Besides, there are millions who created a profile out of curiosity but then went into a deep slumber. Some of them do wake up once in a while to tweet something sleepy. (What I find more annoying is when even these folks get followers in triple digits!) Frankly, to me these tweeters, their tweets and followers look like the T-equivalent of click frauds. Not that other social media sites are free of fakes and inactives, but the situation seems acute with Twitter. Will the bird get its chirp back next season?
EXPRESS COMPUTER MAY 1-15, 2014 3 contents 8
COVER STORY MANAGED PRINTING EVOLUTION The managed print services segment in India has certainly come a long way. It is no longer just about the compulsion of saving costs but reflects other compelling reasons as well
BY HEENA JHINGAN
case study feature FASTER FASHION 28 Myntra.com migrated most of its servers from AWS to Netmagic to cut latency by 20-25%. The result: a quicker loading site and better experience for shoppers
GOING THIN FOR 30 EFFICIENCY HDFC Life uses Citrix's XenDesktop DEALING WITH DAAS HEARTBLEED thin client platform to improve efficiency and security Desktop as a service is picking up ARE YOU AFFECTED? interest in India even as concerns on RoI and complexity of the The insidious bug has caused technology remain a lot of buzz and alarm in security circles.Are Indian enterprises affected and, if so, what are they doing about it?
18 24
4 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com column in the news
34 » Emerson report predicts 38 massive changes in data centres in next 10 years » Sanjay Deshmukh to join 39 VMware » Public cloud services market to touch $557 million in India in 2014: Gartner » IBM launches Enterprise Cloud ALITTLE SECURITYFOR BIG DATA 40 marketplace with Global Partner Ecosystem Securing big data in the enterprise requires smart policies enforcement, thorough analytics and high performance tools » Over 69% of targeted attacks 42 in India focus on large enterprises 36 » India faced maximum phishing 44 attacks in 2013 in the APAC region : RSA study » Accenture to deploy SAP ERP 45 for Azure Power » Sonata Software partners with Progress Pacific to deliver PaaS » JDA Software launches end-to- 46 end supply chain collaboration WHYCIOS CAN'TIGNORE ENTERPRISE SOCIALCOLLABORATION solution Regardless of giving headaches to many IT heads, social » SHV Energy simplifies its collaboration tools are set to get a lot of likes among enterprises distribution model with SAP because of multiple benefits interviews
17 23 32 33
VIJAYRATNAPARKHE TARUN JAIN SUHAS ULIYAR JIM THOMPSON President and MD, Robert Bosch Country Head - India & Deputy Mobile Strategy & Product Engineering VP and CTO, Engineering and Business Solutions General Manager,Hitachi Home Management, Oracle TCIS unit, Unisys Ltd (RBEI) Electronics Asia “Our strategy “The next frontier for “I see India taking “We have been is to simplify securityis the a lead as a consumer constantlyevolving the mobilityfor our storage and of Internet of Things” digital learning and customers” virtualisation layer” presentation market”
EXPRESS COMPUTER MAY 1-15, 2014 5 MUMBAI Dist. Howrah- 711 409 Shankar Adaviyar Mobile: +91 9831182580 The Indian Express Ltd Email id: [email protected] Business Publication Division 2nd Floor, Express Tower, Nariman Point KOCHI Mumbai- 400 021 Dr. Raghu Pillai Board line: 022- 67440000 Ext. 527 The Indian Express Ltd Mobile: +91 9323998881 Ground Floor, Sankoorikal Building, Email Id: [email protected] Kaloor – Kadavanthra Road Kaloor, Kochi – 682 017 Vol 25. No. 5. 1-15 May 2014 Branch Offices Mobile: +91 9886293667 Chairman of the Board NEW DELHI Email id: [email protected] Viveck Goenka Navneet Negi The Indian Express Ltd COIMBATORE Editor Business Publication Division Dr. Raghu Pillai * Sanjay Gupta Express Building, 9&10, The Indian Express Ltd Chief of Product Bahadur Shah Zafar Marg, No. 205-B, 2nd Floor, Vivekanand Road, Dr. Raghu Pillai New Delhi- 110 002 Opp. Rajarathinam Hospital, Ram Nagar Board line: 011-23702100 Ext. 668 Coimbatore- 641 009 Delhi Mobile: +91 8800523285 Mobile: +91 9886293667 Heena Jhingan, Pupul Dutta Fax: 011-23702141 Email id: [email protected] Copy Desk Email id: [email protected] Aditi Gautam AHMEDABAD CHENNAI Shankar Adaviyar Mumbai Dr. Raghu Pillai The Indian Express Ltd Jasmine Desai, Harshal Kallyanpur The Indian Express Ltd 3rd Floor, Sambhav House, Bengaluru Business Publication Division Near Judges Bunglows, Bodakdev, Pankaj Maru New No. 37/C (Old No. 16/C) Ahmedabad - 380 015 2nd Floor, Whites Road, Royapettah, Mobile: +91 9323998881 D E S I G N Chennai- 600 014 Email Id: [email protected] Mobile: +91 9886293667 National Art Director Email id: [email protected] BHOPAL Bivash Barua Navneet Negi Deputy Art Director BANGALORE The Indian Express Ltd Surajit Patro Dr. Raghu Pillai F-102, Inner Court Apartment, The Indian Express Ltd 1st Floor, GTB Complex, Chief Designer Business Publication Division Behind 45 Bungalows, Pravin Temble 502, 5th Floor, Devatha Plaza, Bhopal - 462 003 Senior Graphic Designer Residency road, Mobile: +91 8800523285 Rushikesh Konka Bangalore- 560025 Email id: [email protected] Mobile: +91 9886293667 Layout Email id: [email protected] JAIPUR Vinayak Mestry, Rajesh Jadhav Navneet Negi Photo Editor HYDERABAD The Indian Express Ltd Sandeep Patil Dr. Raghu Pillai S2, J-40, Shyam GHP Enclave, The Indian Express Ltd Krishna Marg, C-Scheme, M A R K E T I N G Business Publication Division Jaipur - 302 001 6-3-885/7/B, Ground Floor, Mobile: +91 8800523285 Regional Heads VV Mansion, Somaji Guda, Email id: [email protected] Harit Mohanty - West Hyderabad – 500 082 Prabhas Jha - North Mobile: +91 9886293667 Sanghamitra Kumar - East Email id: [email protected] Note to our readers: Dr. Raghu Pillai - South Please note that there will be no issue KOLKATTA dated 16-31 May, 2014. Express Marketing Team Ajanta Sengupta Computer will become a monthly from The Indian Express Ltd June. For paid subscribers, the tenure Shankar Adaviyar Business Publication Division will be extended accordingly to give Navneet Negi JL No. 29&30, NH-6, Ajanta Sengupta Mouza- Prasastha & Ankurhati, them full value of the money already Circulation Vill & PO- Ankurhati paid. Mohan Varadkar P.S.- Domjur (Nr. Ankurhati Check Bus Stop) Scheduling Rohan Thakkar IMPORTANT P R O D U C T I O N Whilst care is taken prior to acceptance of advertising copy, it is not possible to verify its contents. The Indian Express Limited cannot be held responsible for such contents, nor for any loss or damages incurred as a result of transactions with General Manager companies, associations or individuals advertising in its newspapers or publications. We therefore recommend that readers B R Tipnis make necessary inquiries before sending any monies or entering into any agreements with advertisers or otherwise acting Manager on an advertisement in any manner whatsoever. Bhadresh Valia
Express Computer Reg. No. MH/MR/SOUTH-132/2012-14 RNI Regn. No. MAHENG/49926/90 Printed for the proprietors,The Indian Express Limited by Ms. Vaidehi Thakar at Indigo Press, (India) Pvt. Ltd. Plot No. 1c/716, off Dadoji Konddeo Cross Road, Byculla (E), Mumbai 400027 and Published from Express Towers, 2nd Floor, Nariman Point, Mumbai - 400021. (Editorial & Administrative Offices: Express Towers, 1st Floor, Nariman Point, Mumbai - 400021) Editor : Sanjay Gupta (*Responsible for selection of News under the PRB Act.) Copyright @ 2012 The Indian Express Ltd. All rights reserved throughout the world. Reproduction in any manner, electronic or otherwise, in whole or in part, without prior written permission is prohibited.
6 EXPRESS COMPUTER MAY 1-15, 2014
COVER STORY MANAGED PRINTING EVOLUTION The managed print services segment in India has certainly come a long way. It is no longer just about the compulsion of saving costs but reflects other compelling reasons as well
BY HEENA JHINGAN
8 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.comwww.expresscomputeronline.com
EXPRESS COMPUTER MAY 1-15, 2014 9 COVER STORY
Slow, but steady ne of the biggest boosts for In India, many processes are still the printer market in recent manual and paper-based, therefore times is the emergence of MPS is taking time to see greater managed print services adoption. However, there is a big wave (MPS). These services have coming from digitisation and givenO printer vendors—for long used 2015 management of records, which is likely to competing on hardware—more to push the uptake of MPS. room for innovation and differentiation. Industry experts feel that for The obvious attraction for MPS digitisation to take off in a big way, clients is the initial cost savings that organisations will first need to overcome come with switching to a usage-based 2012 the challenges of dealing with confusion model rather than investing upfront in over the way they take it up. Sometimes, hardware. MPS helps organisations the cost of digitisation is prohibitive and achieve savings through consolidation of requires expert guidance. Another devices and scale. reason is resistance of the employees to MPS basically includes optimisation change. of purchases by matching the correct Joshi says while large enterprises speed segment and technology to an have already started adopting MPS, a organisation’s utilisation need. This huge opportunity lies in the SME and helps the organisation to lower the print government segments, which at present cost per page and strain on the make up only 5 to 7% of the MPS equipment, thereby reducing downtime. $80-90mn customer base in the country. These factors have kept the ball for Nitin Hiranandani, Director, Printing global MPS market rolling, and it is Systems - PPS, HP India, quotes a expected to grow at a CAGR of 10.75 % Zinnov study, Indian SMB ICT Adoption over the period 2013-16. Increasing Insights, that finds 20% of the total 50 demand for cloud service offerings and $250mn million small and medium businesses in cost reduction is providing the requisite India are technology ready. “MPS is impetus to the growth of the MPS Growth of the MPS market in India gathering significant interest among market. medium-sized businesses as they seek The MPS market in India is growing new ways to get more out of their much faster. Going by a survey printing infrastructure and conducted by Xerox and EY India, India simultaneously reduce costs. Also, as is one of the fastest growing markets in businesses are getting more conscious the MPS segment globally. The market management to end-to-end of their environmental impact, they are size, which was estimated at $80-90 management offering. looking at reducing printing wastage by million in 2012, is expected to grow to “In certain cases some enterprises optimising their workflows in a better about $250 million by 2015. categorise just ‘printer on lease’ model way,” he says. under MPS, which is incorrect, as the Hiranandani further says that MPS Many shades of MPS software component is fundamental to helps organisations accomplish these While the growth rate of MPS is fast, the managed services. It is the software that goals by creating a secure, centrally overall market penetration is low. forms the management layer,” he says. managed print environment that According to Bhaskar Joshi, Senior Konica Minolta calls its MPS as streamlines workflows, optimises Marketing Manager - Office Imaging Optimised Print Services (OPS). Its document output and related business Solutions, Canon India, a key factor approach combines consultancy, processes and also reduces the overall responsible for the low penetration is hardware and software cash outflow and print related costs.. the fact that the true sense of the service implementation, workflow management Virtually all kinds of enterprises, big is sometimes lost in its definition. and automated services and supplies, or small, would benefit from adoption of However, he says that MPS is all to lower the costs and improve the MPS, as organisations primarily seek experiencing good traction among the workflow efficiency. In contrast, players cost efficiencies and increase in top 2,000 companies in the country, out like HP emphasise the security and productivity. A lot of organisations are of which nearly 60% are using some environmental aspects of their also driven by MPS for sustainability form of MPS—varying from basic fleet portfolio. and security-related objectives.
10 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
FOR CONVENIENTPRINTING
Printo,a customised online printing “Only about 10% of our work is on large services provider,started operations in format printers,which is outsourced,”he 2006 with one store in Bangalore and a adds. singular mission: make printing convenient. Sharma says it is important to delve into The idea took root when the founding the factors that have affected the team was disappointed with the lack of penetration of MPS.In India,there is a huge professional print services for young grey market.Most of the competitors in the businesses and individuals.These people market are using reconditioned printing For buying MPS, had print requirements that did not justify equipment,which are discarded by other print volume alone investing in higher quality printers. countries as waste.They run these on toners Today,customers can walk into a Printo and cartridges imported in the same way. cannot be the store to get anything printed—from a There is a big gap in the cost of operation in determining factor; business card to a letterhead,and from that case.There is limited consumer marketing brochures to exhibition banners awareness and commitment to buy original, factors like and invitation cards.Even personalised gifts. so people depend upon these local players Manish Sharma,CEO,Printo,says they instead of going to the professionals like a efficiency,agility are looking for an MPS partner to basically Konica Minolta or a Xerox. matter too. cut the cost of deploying equipment,which Talking about Printo’s requirements, is important for capacity building.The high Sharma emphasises on the need to be VBalakrishnan, grade print equipment is expensive and if associated with professional vendors who General Manager,Konica Minolta there is a delay,even by a year or so,in can deliver quality products.For Printo,it is Business Solutions buying the hardware,the technology gets likely to be a mixed environment of a couple outdated.Hence they are looking at of vendors.“We use Xerox equipment,and something like printer-on-lease kind of a the vendor also offers MPS,but there are model. newer companies like Konica Minolta that Printo is currently using Xerox can be good for certain businesses at the equipment and its current high grade colour entry level.An intelligent combination of print consumption is about 4 lakh a month. different vendors can help us create a full The mono print volume could be higher. range,”he says.
“Our challenge is that most of the competitors in the market are using reconditioned printing equipment that is discarded byother countries. Manish Sharma, CEO,Printo
EXPRESS COMPUTER MAY 1-15, 2014 11 COVER STORY
CASE STUDY: APOLLO HOSPITALS
The results of implementing MPS have been impressive,with the equipment time going up to almost 99%. Parvinder Singh, Corporate VPand Head - ITServices & Technical Control Unit,MaxLife Insurance Arvind Sivaramakrishnan, CIO,Apollo vendors, the group has not found anything Hospitals Group, says that the organisation amiss that would require it to look for a was looking at a digital paperless large MPS partner. environment.Although it is impossible to “In fact, local vendors have been very completely do away with paper in the quick to serve; besides, the contracts with healthcare segment, he says.This is partly our partners are based on stringent SLAs: due to the regulatory framework and partly there is penalty in case of a lapse,which because of the patients’expectations. makes them very diligent,” Still,Apollo Hospitals is trying to make Sivaramakrishnan adds. the paper records minimal by scanning the However,he says that though the local documents. vendor does not offer any security tool, “Printing mostly depends on the kind of security is ensured by the hospital medical records, and there are areas where information system that tracks who prints a print is indispensable.The cost of what and how much. printing for us is sizeable.Typically, in a “In India there is no law on privacy of day, each of our units is visited by about patient health records, but we take utmost 2,000 patients.There are about 200 care.There are certain printers that have With MPS in place,we patient admissions and discharge access through the biomedical equipment. activities; for each patient there are about The access to all the printers is role- and have done awaywith two to five pages of various prints that are authentication-based. It is much easier to anyindividual required,”he says. (This is still relatively maintain medical records electronically, small, considering that in the BFSI but their movement across different printers and there segment, a loan document might run into organisations can be difficult. In that case, 50-odd pages.) a printed record file becomes critical,”he are nowlarge “Most of our hospitals have entered in says. In fact, delay in access to health printers at back to MPS contracts with local vendors.There records “could cost a life.” is a central procurement team for IT,which However,the organisation has come up offices. decides vendors based on their proximity with digital records that make cooperation Vishal Salvi, to the unit and the cost factor,”he says. among experts faster and the same can be CISO,HDFC Bank Having partnered with the local accessed across all the units of the group.
12 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
company that has a print consumption Not just volume game of about 2.5 lakh sheets a month is fit to CASE STUDY: V Balakrishnan, General Manager, avail MPS, whereas an SME with print Konica Minolta Business Solutions, says volume measuring up to 40,000-50,000 HDFC BANK that for an organisation, buying MPS sheets a month can benefit from MPS. will always remain a strategic decision. “To be able to exploit MPS to the Print volume alone cannot be the fullest, the enterprise must not invest in determining factor. Many other factors too many MPS vendors, as that does not like improving efficiency, gaining agility make economic sense. However, in and rationalising deployed resources to India, most enterprises feel safer focus on core areas are more important. working with at least two vendors, as According to Joshi, having the right they always want a backup plan,” economies of scale is a critical factor for elaborates Joshi. an enterprise to decide the right time to This makes enterprises more buy MPS. He says, on an average, a large dependent on the vendors, as the
Managed print services are helping organisations streamline workflowoperations and document management,which is largely achieved via digitisation. With an extensive network of branches in the country, it was getting arduous for HDFC Bank to manage the printing needs across various locations.About a year and a half back,Vishal Salvi, Chief Information Security Officer,HDFC Bank, decided to enter into an MPS contract with Xerox. “With MPS in place,we have done away with any individual printers and there are now large printers installed at back offices. Most of the large branches,where the bigger chunk of printing happens, have been covered under MPS,”Salvi says. Stressing that security is of utmost concern for a bank, he says that MPS provides a complete MIS of who prints and what. Print is processed once the system is authenticated by the employee’s security pin. To ensure there is no information sabotage, employee security pins are unique and sharing of the same is strictly prohibited. Salvi says that the implementation is still in process and the organisation has already started experiencing rationalisation of printers and savings on print spends.
EXPRESS COMPUTER MAY 1-15, 2014 13 COVER STORY
software applications that form the most crucial piece of the entire MPS CASE STUDY: MAXLIFE INSURANCE stack are mostly vendor-dependent. The applications might not be customisable once an enterprise decides to change its MPS partner. However, more openness is expected in the days to come. “Vendors at present do not share their application tools,” says Joshi, “but that might happen in the future.” Apps and more Vishal Awal, Executive Director - Services, Xerox South Asia, believes work happens anytime, anywhere, causing both challenges and opportunities. Workplaces are being modified under the combined trends of mobility, data analytics, cloud computing and social media—and their impact is reflecting on enterprises’ printing operations as well. Therefore, MPS consumers are now getting more demanding and are more focused on the control tools. In the enterprise segment, customers As a part of its journey to optimise “In order to address these challenges, are giving more importance to visibility cost and bring in agility to the IT we first needed to collect the data and and strategic reporting. This is in infrastructure, Max Life Insurance analyse it to understand the problem,” addition to the normal requirement of implemented MPS at over 200 locations. he says. all services (including manpower) being Earlier,the company was buying “We partnered with various OEMs and outsourced. BYOD (bring your own different printing devices such as a few service integrators.We had two device) and use of mobile devices are copiers, multifunction printers options. One was to replace the existing also becoming prevalent. These trends (MFPs) and scanners for each of MFDs /printers,which was an easy task impact the solution design. the branch offices. in terms of implementation and Balakrishnan of Konica Minolta says All of these printing devices were adaptability, but it wasn’t cost effective. that SME segment needs are primarily managed by IT teams,which partnered The other option we had was to met by VARs and SIs, which have local with multiple vendors for technical implement MPS,”Singh adds. visibility to their operations. “Size of the support and other services.Although On analysing its needs, Max Life solution design and infrastructure Max Life had invested substantially on finally decided to go the MPS way. requirements too differ for SMEs and supplies management to ensure Though selecting the right vendor was a large organisations: SMEs tend to prefer continuous printing, device downtime challenging task, it chose the one with light and effective solutions that provide could not be avoided as the supplies high SLAs,value-added services and, control, whereas enterprises tend to were often not delivered in time. most importantly, a player with efficient lean more towards standardisation Parvinder Singh, Corporate Vice pricing. across the organisation,” he adds. President and Head - IT Services & Singh says that the results of the Joshi of Canon says that gone are the Technical Control Unit at Max Life implementation have been impressive, days when you could simply talk about Insurance, says,“Besides the high with the equipment time going up to benefits of a solution and sell it, as the costs of consumable supply, the almost 99%. It was hard to believe that enterprises now demand real delivery. existing machines were not energy better services could come with cost “Many of our customers have cut the efficient and were incompatible to meet savings. Reduced paper consumption by TCO by 10-20% after using our MPS security requirements.There was a implementing duplex printing by default offerings”, he claims. huge gap in employee-to-device ratio, and energy efficient technologies have He further says that the cost of a showing inefficiency in device helped the organisation lower the TCO solution is now secondary. Enterprises allocation.” of the print equipment. demand same service level agreements
14 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
(SLAs) across branches: one country, organisations streamline workflow one SLA is the mantra. Vendors also operations and document management, need to keep backup equipment in case which is largely achieved via of problems at the customer end. If one digitisation. of the printers in a consolidated, The contracts with Each year improper document managed environment breaks down, management costs businesses crores of then the enterprises demand to know our partners are rupees in liability, reduced efficiency the backup strategy of the vendor. and lost productivity. Hence it becomes “Convenience of use and reporting is based on stringent very important to maintain proper a must for MPS. Enterprises look out for SLAs: there is document management applications that are capable of enabling infrastructure/programme. An anywhere print, authentication and penaltyin case of a organisation should also ensure data control print quota,” says Joshi. “Also, privacy and security, regulatory the need to replace the entire setup at lapse,which compliance, control and access to the time of upgrade should not arise.” makes them very information and cost control associated with information processing. The digitisation drive diligent. Current trends indicate that the Awal of Xerox says that owing to the Arvind Sivaramakrishnan, variety and level of sophistication of combined trends of mobility, data CIO, Apollo Hospitals Group network attacks is increasing, which analytics, cloud computing and social result in loss of valuable data, such as media, it is important to consider the personally identifiable information implications for printing and flow of (PII). content. Digitisation is a key outcome of Awal says that security is not just a these trends. feature on a device; it is a Managed print services are helping comprehensive effort to understand the
EXPRESS COMPUTER MAY 1-15, 2014 15 COVER STORY
MPS helps enterprises accomplish their goals bycreating a secure,centrally managed print environment. Nitin Hiranandani, Director,Printing Systems - PPS, HPIndia
vulnerabilities of the entire document record keeping, and the adoption of infrastructure, protect the enterprises’ MPS is triggering the digitisation most valuable asset, i.e. information, and initiatives within organisations. When maintain compliance with all applicable paper is converted to images, The impact of regulations. information becomes available at each For example, employees accessing step of the workflow. This enables mobility,data network output devices can be automation across business processes analytics,cloud identified and authenticated at the and improves collaboration and device. In the mail room, actionable decision making. computing and social mail is managed as an end-to-end chain According to Joshi, as of now, MPS is of custody, from signature of the being looked at as a means to cut print media is reflecting delivering vendor to signature of the cost and keep the content secure. on enterprises’ recipient. “In centralised print centres, However, reducing paper use and need we have advanced printing technologies to print is still a step away. “For this, the printing and trained experts that embed workflows will need to be automated, operations as well. encrypted information so documents and we will see document management have appropriate protection,” says solutions being integrated with MPS,” Vishal Awal, Awal. he says. Executive Director - Services, Organisations are increasingly XeroxSouth Asia realising the importance of digital [email protected]
16 EXPRESS COMPUTER MAY 1-15, 2014 INTERVIEW www.expresscomputeronline.com VIJAY RATNAPARKHE Vijay Ratnaparkhe, President and MD, Robert Bosch Engineering and Business RBEI Solutions Ltd (RBEI), talks to Pankaj Maru about how the company is focusing on the evolving concept and ecosystem of Internet of Things (IoT). Excerpts: “I see India taking a lead as a consumer of Internet of Things”
In 2014,RBEI plans to focus on the Connected World Skype), etc. So, there is no limit to what we can do conference that revolves around IoT.So which are to connect or how we can connect. It is all in the the areas where the companyis concentrating? imagination and conceptualisation. The Internet of Things concept is pervasive, which affects every line of business. RBEI’s RBEI is a 100% Bosch owned entity.What kind of prime focus is on IoT and it is not limited to engineering and development activities are done at software and design. RBEI would also work the Bangalore facility and how much does it towards simplifying everyday life, by making contribute to Bosch’s overall business and automation devices Internet-friendly. research? Our [RBEI’s] primary areas of work, as with Though IoTis a new concept,what kind of Bosch, is in the areas of automotive, industrial potential do you see in terms of business and applications, consumer applications and energy. services opportunities? What is the scope in India As a captive, RBEI provides solutions to almost and where does RBEI stand? all Bosch units worldwide. Primarily a software I see India taking a lead as a consumer of IoT. We centre, we also work on products from the have one of the largest youth populations in the conceptualisation phase to the final sample world and the Internet is a core part of their life. release phase. Hence we are a part of Centre of For them, it’s nothing special, it’s the life they Excellence (CoE)/Centre of Competence for know. This is the generation that has not even various units in Bosch. We are a CoE for software seen a tape recorder. With advanced technology, development in the areas of power train, smart phones, tablets, laptops and other gizmos, multimedia, drive safety and comfort in and with Internet-on-the-go, there is a wide automotive, mechanical engineering, automotive opportunity for every industry to use the IoT to after-market, and many more. connect with this generation. RBEI has around 9,000 associates working in Bosch believes in “invented for life” and we R&D. We also cater to IT and ITeS as a part of our work on products for a better future. RBEI Please share some global business. We have good in-house hardware supports Bosch in all areas; hence we are numbers on IOT. capability for design and conceptualisation, practically in every field related to automotive, How big is the complemented with our sister concerns’ (Bosch industrial applications, energy and consumer market? Limited) capability on the electronics production applications. We would be a visible contributor to front. Our customers choose us for our innovative IoT. strength and efficiency, for our reliability, It is predicted that flexibility and quality of work. In your view,the cost of intelligence is becoming by2015,there will affordable,which is pushing IoT.But besides cost, be 6.5 billion How has RBEI grown over the past fewyears and what are the other factors that will build the IoT devices and what’s the outlook going ahead? ecosystem? RBEI’s growth over the past two years is standard Technology, availability and affordability play a systems capable of market growth for an R&D captive centre. major role in IoT. Today, practically everyone communicating However, in the last decade, we have grown from a who is literate has a smartphone which can and consulting with pure software services organisation to a solutions connect to the Internet. Memory (RAM, ROM, each other without organisation. Going forward, we will be driving a storage) is available at a very cheap price and human input.IT value addition agenda with our architects and equipment like tablets and touch-screen devices analysts at Gartner experts working on products developed and are available and affordable for all. A simple expect IoTto create implemented in India. RBEI engineers have filed mobile app can transform a smartphone into a for 179 patents in 2013 alone. In the next few years, measuring device—for measuring pulse or added value worth we will look to better this achievement in terms of temperature, for example. The smartphone can $1.9 trillion across applicability in future growth areas. also act as a pedometer, security device (via several branches of camera), a video conferencing device (via industryby2020. [email protected]
EXPRESS COMPUTER MAY 1-15, 2014 17 FEATURE DAAS » DEALING DAASWITH Desktop as a service is picking up interest in India even as concerns on RoI and complexity of the technology remain
BY JASMINE DESAI
he year 2014 looks set to be a big market, VMware also came up with its one for the data as a service VMware Horizon offering. (DaaS) market, as demand IDC expects the workspace-as-a- Tcontinues to grow for anytime, service (WaaS) software market, which anywhere access to corporate data and includes both DaaS and desktop as companies continue to look for ways applications-as-a-service markets, to $661 to reduce the TCO for enterprise grow to $661 million by 2016, MILLION is the expected size of the desktops. representing a CAGR of 84.6% from workspace-as-a-service (WaaS) software One indication of this is the growing 2011-2016. The market opportunity is market, which includes both DaaS and number of vendors targeting DaaS. much bigger if one adds infrastructure desktop applications-as-a-service Recently, NTT Communications of and add-on services. markets, by 2016, according to IDC Japan announced its foray in the US DaaS is a nascent market in India,
18 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
but it is generating a lot of interest among because the end users are increasingly can access these applications. Once DaaS enterprises. Says DD Mishra, Research accessing corporate resources from a is deployed, organisations can choose to Director, Gartner, “In this geography, variety of non-Windows devices. As such, run it from their on-premise data centre DaaS has triggered a lot of curiosity. organisations are looking for ways and or as a service provided by a third-party Though many people are planning to means to provide access to applications hosting firm. consider DaaS as a part of their strategy, irrespective of the OS or hardware According to Ramesh Vantipalli, we will have to wait to see significant platform used. Head, EUC India & Systems Engineering adoption.” For any organisation to enable DaaS, (South), VMware, “End-user applications desktop virtualisation is the core are evolving as well, with traditional and Changing the legacy component. One needs to decouple cloud applications being delivered from The legacy desktop is going through a applications from the physical PC. Thus, private and public clouds. With the cloud significant change. This is primarily regardless of the endpoint, customers now being a viable business option,
EXPRESS COMPUTER MAY 1-15, 2014 19 FEATURE DAAS »
When CIOs acquire PCs,the real cost theysee is just the cost of a physical PC, but theyoverlook other components like maintenance, manpower,etc. When one compares the actual operational cost of PCs with the Atul Ahuja, deployment cost of DaaS over a period of time,DaaS can even Director,Desktop & Apps,Microsoft Alliance,India Subcontinent,Citrix come out to be cheaper
companies should take advantage of scenario, he says. If local productivity cloud-hosted desktops and transform and Web-enabled line of business end-user computing into next generation applications form the majority of the user workspaces.” application profile, DaaS may be a good DaaS has been labelled expensive, but fit, especially if the Web content is public there is a way to deal with it. Atul Ahuja, SaaS content. Director, Desktop & Apps, Microsoft There are interesting developments in Alliance, India Subcontinent, Citrix, says, the market: for example, Microsoft and “When CIOs acquire PCs, the real cost Citrix collaborating to offer XenDesktop One of the problems they see is just the cost of a physical PC, hosted shared desktops; VMware’s but they overlook other components like Desktone acquisition, and Amazon’s with earlyDaaS maintenance, manpower, etc. Thus, the AWS Workspace offering. These offerings was lackof actual cost includes these variables and developments will continue till the operational expenditures.” market matures towards improved cost comprehension of So when one compares the actual performance. Over a period of time, the business use of operational cost of PCs with the simplification of licenses will enhance the deployment cost of DaaS over a period of usage of DaaS. the desktop, time, DaaS can even come out to be IT is also under immense pressure to cheaper. enable the new mobile workforce without especiallythe Says Mishra of Gartner, “One of the sacrificing security and control. For this, application problems with early DaaS offerings was IT must ensure that corporate data and lack of understanding of the business use applications are secure and it also must portfolio and of desktop, especially the application control the costs associated with the application portfolio and application dependencies. management of end user devices. Reducing complexity of technology can There are several ways to look at cost dependencies. be the key to reducing cost.” reductions through DaaS. In the Daas For a typical task-based worker with model, organisations do not have to pay DD Mishra, office and email integrated into the upfront cost for a device lifecycle of 3-5 Research Director,Gartner image, it can be a relatively simple years. Another aspect to cost is the
20 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
DAAS: WHATTO LOOK FOR?
Finding the right fit for DaaS: Keep an eye on Microsoft Review other options for VDI is rarely implemented in Windows Azure: Microsoft providing flexible access to isolation—mostly it’s part of a continues to upgrade RemoteFX Windows applications on broader strategy of cost savings, and now lets customers use demand: Session-based flexibility or collaboration and remote desktop services (RDS) computing technologies,such as 1 communications.Therefore, 3 on Azure.Also,with rumours of 5 CitrixXenApp,application Forrester recommends looking Project Mohoro,Forrester streaming tools such as closely at the use cases for VDI in believes that Microsoft is in an Microsoft App-V,application an organisation. excellent position to offer a remoting tools such as Frame- compelling DaaS offering in the hawk and even custom- future. developed native tablet apps,all Investigate and understand of these may prove to be better the other DaaS options options for some use cases.The available: The performance of Do not confuse DaaS with a digital workspace delivery DaaS solutions,based on Citrix or mobility strategy: There are technology landscape is rich with VMware/Desktone,may be other important practices to be innovative technologies,so I&O 2 similar or better than that of considered for mobility.If pros should choose the best tool Amazon Workspaces. enabling touch-screen tablets is for the job. 4 the goal,workspace instances are expensive to be used as the dedicated secondary desktop environment,and the user experience on touch-screens is best suited for occasional use. Source: Forrester
EXPRESS COMPUTER MAY 1-15, 2014 21 FEATURE DAAS »
www.expresscomputeronline.com
reduction in size of the manpower required to support the DaaS infrastructure ESSARADOPTS DESKTOPVIRTUALISATION (compared to legacy desktops). There is also direct increase in employee productivity, as DaaS gives flexible work options to them and facilitates workplace mobility. Ahuja of Citirx says, “CIOs are also considering DaaS as it can reduce the cost incurred on setting up workstations for employees. They do not have to be of similar fit, as customers can configure DaaS models based on the usage pattern and work profile of employees.” Concerns regarding DaaS One of the concerns for organisations is ssar Group,a multinational conglomerate in sectors as varied as steel,oil & gas, that their applications and data may not Epower,BPO,telecom services and shipping,employs 75,000 people,with find the path to cloud. When the desktop is operations in more than 25 countries,was facing data security as a major challenge. in the cloud, but all the important The situation was aggravated because of two reasons: demand for user mobility and applications and data are in the local data the trend of bring your own device (BYOD) catching up. centre, a non-optimal user experience is “We had around 3,000 BlackBerry users and more than 2,000 people with likely to be created. tablets,and with all the applications being accessed on the tablets,it was tough to For these situations, Mishra of Gartner ensure security of critical information,”says Jayantha Prabhu,Chief Technology gives some advice. “One should get those Officer,Essar Group. servers that are hosting applications into The distributed workforce and the complex hardware environment further added the public cloud and, possibly, with the to the challenge.Essar had 8,000 desktops to be managed,which also included its same cloud provider which is hosting BPO organisation.“We needed a solution that would be able to streamline and DaaS.” Another option, he says, is to use simplify our hardware management process,”says Prabhu. on-premise DaaS. Essar approached desktop virtualisation with three major objectives: to enable ROI is another problem area for DaaS highly secure remote working,reduce the time spent on management and deliver initiatives, as it is difficult to calculate ROI virtual desktops and applications to approximately 3,000-4,000 of its mobile in the absence of comprehensive workforce.Essar discovered that it could move 75 to 80% of users to the desktop evaluation. virtualisation platform. Says Mishra, “I would discourage Working closely with Citrix’s hardware and architecture teams,Prabhu speedy decisions while deploying DaaS. A completed migration of 5,000 desktop users. phased approach for selection, containing Essar’s decision of implementing CitrixXenDesktop and Citrix NetScaler several stages—starting from evaluation to solutions across the globe utilises a building block approach,which can then scale to pilot roll-out—can provide better insights thousands of virtual desktops.It can deliver applications to any device in any for a compelling business case.” workplace environment,supporting a rich user experience,and provide ITwith Some of the business goals CIOs can additional security and control.The most important benefit realised by the Essar look at for evaluating DaaS include agility Group through desktop virtualisation was that of information security.The company improvement, increase in productivity, was able to centralise information and not have it loaded on individual devices. better control, enhanced flexibility and, of “While the IT,ITES and banking sectors have adopted desktop virtualisation course, TCO reduction. solution quickly at this scale and complexity,we are the first manufacturing This should be followed by identification operation in India that is going for such an implementation of desktop of appropriate use case and technology. virtualisation,”says Prabhu. One should also look at segmenting the end With 8,000 licenses of the XenDesktop virtualisation solution implemented, users and thus optimising the roll-out for Essar now plans to roll out the solution for all users across its offices.“One of the better cost justification. main advantages of Citrix desktop virtualisation technology is the ability of the DaaS is a compelling technology, but organisation to have control and governance over the corporate data instead of vendors still need to demonstrate it in leaving it at the mercy of the end user.For us,desktop virtualisation as a technology more real-life scenarios and prove that it is also helps the organisation strengthen its governance and compliance by giving the as cost-effective and simple as touted. capability to monitor,manage and restrict the applications on the virtual desktop,” says Prabhu. [email protected]
22 EXPRESS COMPUTER MAY 1-15, 2014 INTERVIEW www.expresscomputeronline.com TARUN JAIN A late entrant in the projector market, Hitachi is trying hard to grab a bigger chunk HITACHI of the business. Tarun Jain, Country Head - India & Deputy General Manager, Hitachi Home Electronics Asia, talks to Pupul Dutta about the company's plans “We have been constantly evolving the digital learning and presentation market”
Hitachi plans to increase its market share in the as well as small cities in India. We are also gearing projector categoryto 14% by2015.What would be up our post-sale service accordingly. the company’s go-to-market strategyto achieve the same? Which sector do you expect will be driving projector India has been a key market for Hitachi both in sales in India and why? terms of quantity and value. With a wide range of We look forward to the government giving special projectors catering to the professional segment as focus to the education segment and the well as the mass market, we are set for a bullish progression of audio video infrastructure in performance, targeting a market share of 14% in educational institutions. For the personal or home India by 2015. Going forward, we plan to enhance segment, the changing lifestyle of consumers, focus on the professional projector market. To tap access to affordable technology and increase in this segment, we have recently introduced an spending on electronics has led to an upsurge in extensive line up of 16 high-end installation series the demand for high-end products, including projectors. At the same time, education, projectors. In the corporate and government government and home will also be vital segments sectors too, with the IT infrastructure spending for Hitachi. Over the next few months, we are becoming an integral part of budgets, projectors slated to introduce some technologically advanced have become an essential asset for organisations. and customised projectors serving the needs of all High-end projectors for professional usage like these segments. In the corporate cinema, events, retail, branding have always been Our go-to-market strategy is a compilation of a big chunk of sales, and now with the ever various strategies segmented on the basis of and government increasing mall and multiplex penetration in tier II various factors. We have formulated a specific sectors too,with and III markets, this business is only set to soar. plan for each activity, such as product, pricing, the IT channel, sales force and promotional activity. infrastructure What are the company’s future plans? Howdo you With our product strategy, we would be catering spending plan to take on competition? to all industry verticals: ProAV, education, becoming an We have been constantly evolving the digital corporates, home and thus we plan to reach out to integral part of learning and presentation market, providing more end-users. customers with a full range of projectors and budgets,projectors interactive whiteboards. Our team is planning its Portabilityin projectors is driving the market.How have become an strategy in a way that would ensure success by are your products addressing this need of essential asset for swiftly adapting to market demands and enterprises? organisations. constantly adopting distinctive positioning and Portability of projectors is of importance to only a High-end marketing strategies. certain market segment. The projector market is projectors for Hitachi has taken lead in the education segment extremely diverse and each segment has varied professional usage with the new product line up of ultimate short priorities depending on its projection needs. throw (UST) projectors and created a market for Currently Hitachi is focusing strongly on the high- like cinema,events, the same. In the high-end projector category, we end niche projector market. Hitachi’s installation retail,branding have created better value for our customers, using series projectors are feature rich and have have always been a rich connectivity features like HD base input and tremendous installation flexibility, thus becoming big chunkof sales, SDI input. We understand that customers need an ideal choice for any type of installation and nowwith the products, which are rich in connectivity, easy to environment. At the same time, the volume zone ever increasing operate with high product performance and projector market too remains on Hitachi’s priority mall and multiplex reliability. Hitachi focuses on product list. To address needs of this segment, we are development, considering all these specifications developing customised models with features like penetration in tier II and launches products at competitive prices, with wireless connectivity and PC-less presentation. and III markets,this assured post-sales support. We are making sure that we cater to all segments business is onlyset by strengthening our distribution network in big to soar. [email protected]
EXPRESS COMPUTER MAY 1-15, 2014 23 FEATURE SECURITY »
HEARTBLEED ARE YOU AFFECTED?
The insidious bug has caused a lot of buzz and alarm in security circles. Are Indian enterprises affected and, if so, what are they doing about it?
BY HARSHAL KALLYANPUR
ver the past few days, there has legitimate websites. Websense, Inc, industry figures suggest been a lot of talk about the However, the jury is still out on what is more than half a million vulnerable Heartbleed bug and how it can the exact impact of this bug – there have systems, but the extent of damage is still Opotentially cause havoc from the been no reported attacks that point to not yet known as there are no concrete data security perspective. The bug allows possibility of the vulnerability being reports of a direct impact. an attacker to exploit vulnerability in the exploited to launch the attack. There are Venkatesh Sundar, CTO, Indusface, is OpenSSL cryptographic library and gain various figures on how many systems are of the view that industry statistics access to the system memory and steal actually compromised, as most figures indicate that two thirds of all websites data from it. This data could range from are given out by security solution vendors may be vulnerable, though in India only anything between passwords and active based on the analysis of their own 5% of Indusface customer base was transaction data to even encrypted customer base. affected by the bug. However, both Singh private keys that would allow an attacker According to Surendra Singh, and Sundar suggest that enterprises to launch a phishing attack through Regional Director, SAARC & India, should pro-actively look at keeping
24 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
themselves protected and take both Advisor, ISACA India Task Force, the detective and preventive approaches to basis for secure communication is the secure their organisations. private key of the web server. This private key is used to identify the server A low-down on Heartbleed and encrypt all the traffic. “Once the The biggest problem in countering the private key is stolen, all security is lost. Heartbleed bug is the fact that its use is The server can be impersonated. Any widespread but cannot be mapped with encrypted communication with that site exact numbers. A lot of web servers and such as passwords, credit card numbers, Internet-connected devices may be using secure transactions are now exposed,” he OpenSSL as it is freely available. says. The level of Therefore, there is a lot of ground to Ashish Thapar, Head – Global cover in terms of detection and Consulting & Integration Services awareness is prevention. (GCIS), India & South Asia, Verizon Nanjundeshwar Ganapathy, Chief Enterprise Solutions, describes this bug veryhigh and Technology Officer, Uniken, says that the as a ‘forever-day vulnerability.’ organisations first bug affects the OpenSSL library, which is According to him, it could take years for in widespread use by Apache web this vulnerability to be completely focused on finding servers as well as servers running Linux eliminated from hardware, embedded or even Solaris. systems and legacy applications. TLS out their exposure According to him, OpenSSL is an implementations in Windows and OS X to the bug. open source community based effort, operating systems are not vulnerable. where much of the focus was purely on However, applications running on these KKMookhey, performance. While a lot of enterprises OSes that were developed using a Principal Consultant and Founder, use OpenSSL, no one really pays for its vulnerable OpenSSL library might be at NetworkIntelligence India use. Most of the time, its use goes risk. insufficiently audited from a security “The attack code is in the wild and perspective. leaves no trace of the attack on the The fact that OpenSSL has been in server. Around 66 per cent of all websites use for years on a wide scale, but the are using Apache that use OpenSSL, vulnerability was only discovered until most TLS implementations use recently, substantiates this view. OpenSSL and the majority of hardware Ganapathy also believes that mobile appliance vendors use OpenSSL code in devices could be potential carriers of their products,” adds Thapar. malware that orchestrates the exploit. He says that for mobile devices, the For instance, mobile applications that Heartbleed vulnerability is being support in-app purchases can connect to referred to as “Reverse Heartbleed”. servers, which use affected versions of Traditional clients like web browsers, the OpenSSL software. apps that use HTTP API on mobile Millions of mobile Talking about the impact of OpenSSL, handsets and PDAs may be vulnerable if KK Mookhey, Principal Consultant and they use OpenSSL for Transport Layer devices running Founder, Network Intelligence India, Security. “For instance, millions of Android 4.1.1 (Jelly says that the impact of this bug is that it mobile devices running Android 4.1.1 allows the attacker to access the memory (Jelly Bean) use the OpenSSL version Bean) use the of the target server. and are currently affected with the “The memory typically contains Heartbleed issue,” he says. OpenSSLversion passwords and could potentially also and are currently contain the private key of the digital Protecting against Heartbleed signature. This would mean that the SSL As the exact spread and impact of this affected with the encryption is basically now not actually bug is not yet known, enterprises will existent: the attacker – if he/she can sniff need to start identifying where the Heartbleed issue. the traffic – can also easily now decrypt it vulnerability exists in the organisations, Ashish Thapar, with access to the private key of the and apply the necessary software Head – Global Consulting & Integration server,” he adds. patches and make the required upgrades. Services (GCIS),India & South Asia, According to Avinash Kadam, Ganapathy of Uniken says that most Verizon Enterprise Solutions
EXPRESS COMPUTER MAY 1-15, 2014 25 FEATURE SECURITY »
enterprises do not know how many and strategy should ideally address this issue which services they are running as part of security controls preventing internally are using SSL encryption. This data leaks, providing network protection, makes it extremely difficult for security mobile device lock-down and sandboxing teams to prepare against the malicious for enterprise applications.” attacks which can be caused due to Giving the vendor perspective, Singh Heartbleed vulnerability. of Websense says that the company has After identifying the vulnerability, already identified websites that are not they need to fix it at their end at multiple patched and is blocking access to them. levels. They need to identify and upgrade “We have updated our solutions, but it If the estimate of their servers and network infrastructure is also necessary that enterprises intimate to patch this bug. They also need to fix the their employees and customers to take the two thirds of servers vulnerability across the complex set of necessary precautions, because if they do platforms and devices because of not change passwords, they are still on the Internet using significant BYOD population. vulnerable to an attack despite the OpenSSLis correct, Giving his perspective, Mookhey says, patches and updates,” he adds. “First identify your OpenSSL footprint. This means that an enterprise might there will be a Then immediately contact your vendors, have made the necessary updates to its service providers and administrators to infrastructure but they should also issue huge demand for obtain the patch and implement it. Then advisories about Heartbleed to their newdigital test your site using any of the employees, customers and other vulnerability scanning tools, which have partners, so that these entities take the certificates. plug-ins for this vulnerability.” necessary precautions at their end. Avinash Kadam, “Finally, if you’re not able to apply the However, customers too should pro- Advisor,ISACAIndia TaskForce patch for some reason, then either actively check if their vendors or service disable the heartbeat functionality in providers have made the necessary your OpenSSL implementation, or upgrades to their SSL infrastructure and implement a blocking rule on your IPS or applied the necessary software patches, WAF,” he concludes. albeit merely changing a password at Sundar of Indusface says that what their end would just leave their new enterprises can and should do is ensure passwords vulnerable to data leakage. their own mobile apps are tested and the Since the bug can also affect security vendors engaged for doing the mobile app certificates for websites, enterprises security testing also includes the would also end up going in for a security Heartbleed risk assessment as part of certificate refresh, while revoking their their mobile app security test suite. current certificates. However, Mookhey “Heartbleed is an example of “server” of Network Intelligence feels that unless We have taken a vulnerability, but it is not impossible to there is a clear sign of compromise of find similar “client” side issue. BYOD existing user data, he doesn’t see too letter from all devices introduce a litany of diverse OS many organisations investing in new vendors using and apps in the enterprise environment. digital certificates. “I believe Symantec Be ready to protect your assets against and some others have declared that they OpenSSL,verifying these known-unknowns in future. Before will be issuing revised new digital that theyhave admitting a new device into the certificates at no additional cost. So enterprise environment, it can be organisations that do go in for new digital applied the checked for Heartbleed. That would be certificates just might be able to do so the additional check needed in BYOD without a huge cost overhead,” he adds. necessarypatches strategy,” he says. Kadam of ISACA believes that there and are protected Sharing a similar point of view, will be an increase in the number of Thapar of Verizon says, “The impacted organisations applying for digital against the devices would be vulnerable to a hack certificates. He says, “They have to not where a malicious server would be able to only patch OpenSSL but also get new Heartbleed bug. exploit the flaw in OpenSSL to grab data public/private key pair, update digital ABalarkishnan, from the device’s browser, which could certificates and change every password CTO,Geojit BNPParibas Financial include information such as previous that could have been stolen. If the Services Ltd sessions and logins.The BYOD security estimate of two thirds of servers on the
26 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
Internet using OpenSSL is correct, there and patching should be easier for them. will be a huge demand for new digital Sunder Krishnan, Chief Risk Officer at certificates.” Reliance Life Insurance, says, “We have done a vulnerability risk assessment and How are enterprises going about it? We have done a determined that we are not affected. We According to Mookhey, organisations have even issued advisories and a list of have rallied quickly to address this issue. vulnerability FAQs to our employees and other The level of awareness is very high and stakeholders.” The company relies organisations first focused on finding out riskassessment heavily on in its vendor partnerships and their exposure to the bug – i.e. which of and determined therefore has interfaced with all the their public-facing systems were using solution vendors to ensure that they have OpenSSL. Vendors were also very quick that we are not released the necessary patches to the to release patches. “In my opinion, affected. organisation. Simultaneously, the almost every enterprise took very quick company is also monitoring its assets action to apply the patch and fix the Sunder Krishnan, using the OpenSSL 24x7, for any issue,” he says. Chief RiskOfficer, apparent anomalies. Sundar of Indusface says that India Reliance Life Insurance Geojit BNP Paribas, one of India’s was not as impacted as we thought it leading stock trading companies, also would be, mainly because most of them offers a suite of apps on Facebook which were running the older version of the include an online trading application. technology, which helped them avert BESTPRACTICES TO KEEP Facebook was one of the websites listedby this bug. The level of awareness is very security solution vendors among the high among the techies and the CIO/ IT HEARTBLEED ATBAY websites that can be potentially hit by the managers in enterprises. “The bug. challenge for the enterprise is more to Talking about how the company is eliminate the level of confusion and ● Implement monitoring (e.g., going about protecting itself from the panic, and gain back confidence of its IDS/IPS or similar network packet bug, A Balarkishnan, CTO of Geojit BNP non-technical consumers—so that they capture and examination controls). Paribas Financial Services Ltd, says that get back to doing online transactions the Facebook application has no again,” he adds. ● Update OpenSSL to 1.0.1g or connection with the core trading Echoing this sentiment, the CISO of a disable heartbeat support on business, which runs on the broker reputed bank, who did not wished to be external facing systems. secured network. The transaction named, says that the bank does not use ● Identify applications and other enabled app is based on the Facebook API OpenSSL for its critical servers, but systems using OpenSSL and and runs on a separate network. relies on Microsoft’s Internet Information upgrade or disable heartbeat The general pages of the company on Server or IIS. However, the non critical support on the remaining Facebook do not give access to any servers were running on older version of vulnerable systems. In some cases market data, as the company is not legally OpenSSL, which did not have the bug. (e.g., OpenVPN), this will require allowed to share market data with anyone Still, they have been updated to the latest recompiling the application. who has not passed through KYC version that offers a fix, just in case. compliant processes. He further says that the government of ● After OpenSSL has been “In our case, we are not running the India and CERT have issued advisories addressed via upgrade or affected versions at all. We have checked against Heartbleed to financial reconfiguration, regenerate private all our OpenSSL deployments and taken a organisations. Even governing bodies for keys and coordinate for revocation letter from all vendors using OpenSSL, banks have issued letters informing them and reissue of TLS/DTLS/SSL verifying that they have applied the about the bug. However, he is of the view certificates on all affected servers. necessary patches and are protected that there should be a national level against the Heartbleed bug,” he adds. ● Post adequate remediation of advisory for everyone on Heartbleed, as The company is also running OpenSSLvulnerability; reset user much of what is getting reported in the campaigns for its employees and other credentials on all sensitive and media is mostly negative, with lesser stakeholders on the disclosure of the bug affected systems. focus on how to resolve the issue. and how it can affect them. These He is also of the view that any ● Work with your third party service campaigns are based on the research by organisation following compliance providers (as applicable) to ensure BNP Paribas Asia Pacific Info Security standards, such as ISO 27000, would that they have effectively Division. typically have an updated inventory of its remediated the OpenSSL software assets. Therefore identifying vulnerability. [email protected]
EXPRESS COMPUTER MAY 1-15, 2014 27 CASE STUDY MYNTRA »
Myntra.com migrated most of its servers from AWS to Netmagic to cut latency by 20-25%. The result: a quicker loading site and better experience for shoppers
BY HEENA JHINGAN
28 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
n the highly competitive Indian online include cross-datacentre BCP (business retail landscape, dotted with a million continuity planning) or high availability. retailers in the fray (according to an “What we do within Netmagic facility IIAMAI survey), every second counts. is that we have load balancers, firewalls And speed is what prompted online and partitions across clusters. If one fashion store Myntra.com to move some server goes down we can use another. We of its web servers closer home—from also take regular snapshots (every six Amazon Web Services' Singapore data hours) of our database and apps on to a centre to Netmagic's Mumbai facility. parallel setup so that we can bring it back Myntra Designs had started off in the up there at short notice,” he explains. business of personalisation of products Latencyof Shifting to the Netmagic data centre mostly for corporate customers. Later, in in Mumbai has resulted in some key 2010, the company shifted its strategy to services is now benefits for Myntra. It has not just becoming a B2C firm, expanding its down by20-25% dramatically lowered the latency, but catalogue to fashion and lifestyle helped them improve customer products. Today, it offers products from overall. experience as well. over 500 Indian and international brands “Latency of services is now down by through its portal. ShamikSharma, 20-25% overall. Our website shows up on Chief Technologyand Product Officer, The company's B2C shift called for the user’s page in a little over two Myntra Designs devising simple and effective ways to seconds, whereas it used to take almost reach out to customers, including three seconds earlier,” he says. innovative payment models such as cash- unreliable and unpredictable. This made Faster load time a key advantage in on-delivery. Thus, they redesigned Myntra look for an India-based hosting the online retail space: if a site takes too Myntra.com to meet the needs of online provider. long to load, impatient shoppers can shoppers. They also expanded their switch to another e-tailing competitor. warehousing capacity to deal with the Going hybrid Now that the company also avails of surge in orders. Not that Myntra wanted to move bandwidth from Netmagic, the network Initially, Myntra was hosted at the completely away from AWS; there were has become more reliable and robust AWS data centre at Singapore. However, several good things—flexibility of billing than before. soon they realised they were and scale, for instance—that AWS had to experiencing network latency. offer. So currently, Myntra's is a hybrid An obvious choice “Every user accessing the site from setup, with about 80% of its servers hosted The migration to Netmagic wasn't India had to be routed to Singapore; that with Netmagic and the rest still on AWS. smooth, if not cumbersome, points out would add quite a bit of latency and thus “We have now about 80 servers at the Sharma. They had complex layers of adversely affect user experience,” Netmagic data centre—all managed on applications and customer databases to explains Shamik Sharma, Chief an opex model by them. Netmagic manage. However, Netmagic stood besides Technology and Product Officer at directly talks to our suppliers, such as the company as a strong partner to resolve Myntra Designs. Dell, and procures the desired all the issues that emerged, avers Sharma. Besides, Myntra also needed more infrastructure piece for us. We pay on a Citing an example, he says, “At one control over the infrastructure, which monthly basis, thus not having to incur point of time we had a situation wherein was difficult with AWS because the data capital expenditure,” says Sharma, one of the servers was not working due to centre was located at Singapore. The adding that Netmagic has software- a BIOS configuration issue. The company needed to move its based load balancers that help ease the Netmagic support team worked with us infrastructure closer home for better pressure on various servers. on an hourly basis: they set up a war- network speed and control. “We use a couple of servers for load room and had three to four engineers “We wanted more control on what balancing and on the network side we have working with us throughout the problem, infrastructure we run our business on firewalls to secure the website. Some and they resolved it.” and the ability to choose specific server servers are virtualised and used for “Netmagic pitched in with skill sets types. Also, we had limited control [with development work—developers work on wherever we lacked,” says Sharma. He AWS]; though there were many virtual instances for their jobs. And a server feels they have forged a strong configurations available to choose from, runs the caching service,” he elaborates. partnership with Netmagic and they are we could not customise it to the degree Netmagic also provides Myntra the now also running a pilot of the solution we wanted,” he reasons. bandwidth that powers the website, on a provider’s on-demand capability that In the previous setup, says Sharma, pay-per-use model. On redundancy of the helps manage traffic during peak times. there had been a couple of incidents of website and the applications, Sharma downtime that made the network says they are working with Netmagic to [email protected]
EXPRESS COMPUTER MAY 1-15, 2014 29 CASE STUDY HDFC LIFE » GOING THIN FOR EFFICIENCY HDFC Life uses Citrix's XenDesktop thin client platform to improve efficiency and security
BY PUPUL DUTTA
hen HDFC Life, a leading conventional IT desktop environment. He felt that the biggest advantage with insurance company, decided to Thomas says that even though the Citrix was that it had an entire suite of do away with legacy company had control over what one could platform and software to enable any level Winfrastructure, it faced a series download and store on one’s PC, it was of virtualisation. “Citrix offers of problems. To begin with, the company still a challenge for IT as far as security XenDesktop for end point virtualisation, had the challenge of maintaining and was concerned. “Therefore, we wanted to XenServer for server virtualisation and providing support to the ageing eliminate the hard disc and storage at the XenApp for consolidating applications,” computers. Secondly, there was a spurt in branches,” he adds. Thomas asserts. mobile devices and the company wanted While the cost of deploying virtual “Besides, the Citrix platform is light to capitalise on this trend by offering desktop infrastructure (VDI) was not on the network and easy to deploy. It gave services through mobiles and tablets. lower than that of new desktops, Thomas us an edge by letting us go to any extent of That's when HDFC Life felt that it should took the long term view and went ahead virtualisation with the same partner,” consider desktop virtualisation for its IT with VDI, as he wanted to deploy a says Thomas. needs. technology that would enable HDFC Life For the proof of concept (PoC), “We did not want to get bogged down to scale up. Thomas picked up a mix of locations. “We by the constraint of servicing our HDFC connected all its 360 branches did a PoC of 30 thin clients across 10 customers only through branches. With through multiprotocol label switching locations. The PoC ran for over a month the proliferation of high-powered tablets (MPLS), linked to the back-end hosted in and provided us important feedback on and mobiles and improvement in Mumbai. The sales staff had to access the benefits and robustness of the connectivity, we wanted a solution that applications through PCs at the solution,” he says. could complement this trend,” says branches. In all, the company had around Post the PoC and the positive feedback Thomson Thomas, Senior Vice President 7,000 workstations. from the end users, HDFC Life went - IT (Head - Business Systems and ahead with the first phase of deployment Technology), HDFC Life. The solution of Citrix XenDesktop, rolling out 1,000 Besides the problem of ageing HDFC evaluated several solutions before Citrix XenDesktop terminals at 50 infrastructure, HDFC Life also wanted to zeroing in on Citrix's XenDesktop. locations. overcome the challenge of information Thomas, who had previously used Citrix Thomas says that the speed at which security. It had become a problem for the solutions, was very positive about the user could access applications was IT department to enforce security in the working with the company again. phenomenally better than that in the
30 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
Since thin clients are 90% more power desktop environment. “This gave us the minimised. Most applications can now be confidence to go in for the next phase efficient than accessed faster, as they don’t run on a with more branches and more functions,” desktops,in case of local PC. Since it is a virtual session, adds Thomas. there are not too many offline software The company went live in less than a remote areas where open on the end-user devices. Hence, month. “We only had to upgrade certain there is improvement in the feed of the network switches to cater to the increase there is no electricity applications that are used by the sales in traffic that the VDI solution would for longer force. bring. Given the solution works well on By providing lean devices, the solution standard Intel boxes, this does away with durations,they has helped save space and has resulted in the need for upgrades,” he says. are veryuseful. fewer terminals. “Even though there are The VDI solution, which has been only 2,000 thin clients, we have a deployed for the sales function, is being Nilesh Goradia, coverage ratio of 1:3. The sales force considered by HDFC Life for other Head – Pre-sales, moves out in the field and comes back in applications as well. India Subcontinent,Citrix the evening for uploads. They don’t need “While Citrix XenDesktop was dedicated terminals,” says Thomas. initially deployed for the sales function, HDFC Life plans to extend the after witnessing the host of benefits, benefits for HDFC Life. One key benefit technology to tablets and mobile devices. HDFC Life has decided that the desktops has been the ease of manageability for the “When we kick off our initiatives on the of other functions such as training and IT team. “They can now quickly roll out, mobile front, we would be using the Citrix operations would also be replaced with clean up and manage anti-virus patches platform to enable our employees to the VDI platform,” says Nilesh Goradia, and software updates. Managing the access applications,” says Thomas. Head - Pre-sales, India Subcontinent, computing devices itself has In addition, the total cost of ownership Citrix. become easy,” says too has come down considerably, with Thomas. operational efficiency improving at the Benefits galore With the same time. According to Goradia of The deployment of management of Citrix, “Since thin clients are 90% more Citrix XenDesktop devices now power efficient than desktops, in case of has yielded a happening remote areas where there is no host of centrally, the electricity for longer durations, they are security very useful. It also promotes green risk has computing.” been [email protected]
EXPRESS COMPUTER MAY 1-15, 2014 31 INTERVIEW www.expresscomputeronline.com SUHAS ULIYAR Suhas Uliyar, Vice President, Mobile Strategy & Product Management, Oracle, ORACLE shares insights into how IT heads can address the challenges of enterprise mobility in an interview to Pupul Dutta. Excerpts: “Our strategy is to simplify mobility for our customers”
Isn’t Oracle a little late to the mobility business? market share because we can go across the Well, mobile has gone through an interesting stack from small and medium to large evolution and has been deployed in enterprises enterprises. To summarise, there are two for over a decade in a lot of variations and reasons why and how we are going to gain trends. Enterprises are now re-looking at market share, one is our existing customer base mobile and we have the perfect opportunity in apps and middleware and the second is the right now, especially since enterprises are platform that enables us to have a larger shifting from tactical approaches to a more ecosystem to reach individual developers as strategic architecture that brings together the well as larger enterprises and everything in convergence of social, mobile, web and the between. internet of things. Overall, we are yet to find enterprises that are taking a really holistic What is your What are the challenges faced by enterprises approach to mobile, in an ever changing with respect to mobility? landscape of mobile devices and new types of current play in the The challenge is really to think more interfaces. We have an opportunity to leapfrog enterprise mobility strategically than tactically. The hurdle and address customer pain points in this new market and how enterprises face today, is how to really create an landscape. many customers architecture where they are not sort of trying to do you have? boil the ocean but take perhaps a baby step What is your strategy to gain share in this approach and not put themselves in a corner. market,where some of your competitors are way We have several So, organisations are going mobile, starting ahead? with small projects, but they also do not want a Our strategy is to simplify mobility for our customers who have situation wherein, as more and more apps come customers. Given Oracle’s breadth and depth basicallytaken the in and more users join in, they have to redo the of providing apps and middleware, we are Oracle Fusion architecture. approaching mobility in three ways, whereas Middleware stack Another challenge for enterprises is to our competitors are in one or two buckets, and use our tools adopt a BYOD strategy that addresses security providing either apps or infrastructure. So, like ADFmobile and and a much holistic architecture that complies what we are doing is that we are providing with their existing infrastructure. Instead of out-of-the-box mobile apps based on our WebCentre to take re-inventing the wheel, they can take platform to a lot of the Oracle backend—be it their existing advantage of all the investments they have Siebel, PeopleSoft, JD Edwards or internet and made. This is why we believe that we are not Enterprise Business Suite solutions. Our intranet sites,to late to market because, basically, hundreds and customers can further extend the web based mobile devices. One thousands of our middleware customers can applications built on the Fusion Middleware of our customers, take advantage of the investments they have stack (where we are number one leader) to Northumbrian made and, in a few weeks, start delivering the mobile as well. applications. Even if we just focus on our own Water in the UK, In the past, if anyone were to ask me how customers—be it Oracle’s apps customers or uses the tool for field much time it will take to build a mobile app, I Fusion Middleware customers—there are service applications. would have said six months to a year. What is enough customers for us to be market leaders Then there is Texas happening with our customers now is that without breaking a sweat. And the reason we Industries,which they are delivering these apps in weeks. With are so confident about this is the aspect of provides a B2C app this change, enterprises are becoming more mobile security where Oracle leads the market. for its customers to agile. Now updates happen overnight, a day The competitors are going to struggle after the original download. So, this is the kind because the world of mobile is moving away give visibilityabout of speed and efficiency customers are hoping from very complex and conformist model to their vehicles; it is to get. more of a simplistic model in the cloud. This is integrated with what is going to enable us to leapfrog and gain Google Maps. [email protected]
32 EXPRESS COMPUTER MAY 1-15, 2014 INTERVIEW www.expresscomputeronline.com JIM THOMPSON Jim Thompson, Engineering VP and CTO of the Technology, Consulting and UNISYS Integration Solutions (TCIS) unit at Unisys, talks to Pankaj Maru about the lesser known side of virtualisation, the migration risks and challenges, among other things. “The next frontier for security is the storage and virtualisation layer”
Why are organisations not opting for full scale performance in the application. Also, be virtualisation? prepared to deal with the system where the Going by Gartner or IDC estimates, about 50% failure of one VM (virtual machine) may lead to workloads are virtualised today. Though the failure of multiple VMs. That’s where the virtualisation technology has been around for application needs to tolerate or the some time, the question is why are the other infrastructure has to be designed to cope with. 50% workloads not virtualised yet? We believe Then there are security concerns and issues there are couple of things happening in that linked with the system when the infrastructure, part of the workloads. Some workloads are not particularly storage, is shared. There have been virtualised simply because of their size, they are some cases where the control on some part of so large that virtualisation doesn’t make sense. the virtualisation software has been Virtualisation tends to be a great compromised. consolidation play. It’s great when you want to Organisations are So I think the next frontier for security is thin provision or over provision. But it’s not so undertaking actually the storage and virtualisation layer. We good for predictable performance, error migrations now. have put lot of effort into security capability containment or security. In most cases of What are the around the technological stealth. That’s not only virtualisation, you give up something in reasons for this? about dealing with data in motion but also with exchange for thin provisioning. It’s acceptable in data at rest. the context to that workload. However, we There are a number found that other workloads have a mission of reasons.I think What’s your vision for Forward!? What role is it critical or performance prediction aspect to going to play for enterprises? them, which makes virtualisation not the best one reason for Forward! plays in the business critical space. fit for them. Hence they haven’t been virtualised organisations Our initial use cases are around SAP ERP, yet. undertaking server migration of UNIX workloads and other I also think some workloads have not been migrations today is business-critical areas. Then there’s mainframe virtualised because of the complexity or cost. If theydon't like the application in that space, which is called non- an organisation decides not to go for pricing policyof mainframe mission critical. It’s the euphemism virtualisation, then it is also about control. their vendors,be it for UNIX, like IBM-AIX, HP-UX and Solaris. People who are responsible for the workload are Each of these environments has its own simply unwilling to give up on the perceived or Solaris,IBM,or HP. problems today. Generally, those people want to real security problems. Theyneed to find a move to Linux. Often, customers are unclear whether they solution that fits They look at Linux environments, be it SUSE want a combination of workloads to move to the their business or Red Hat—they are less expensive and meet public cloud or out of the building— because of critical model. their opex or capex needs. Linux environments the application nature, kind of data and I thinkit’s price, offer a fairly open architecture, where they don’t regulatory issues attached with it. So, I think licensing and have to deal with one vendor. The inhibitor to there’s room for all of these. The challenge for us this move have been business critical workloads is to build a system that can deliver all of these: technologypressure that tend to run on those systems. People are on premise, off premise, virtualisation and as well.Everybody attracted by all the attributes of open systems provisioning. It depends on the customer to wants a lowcost and pursue it because of the platform’s longevity. decide how he wants to plan his infrastructure. solution with more But they can’t just leap to the Linux environment capability,security, with the workload sets through looking for From a risk point of view,what are the areas or reliabilityand something that got security and resiliency elements that come along with virtualisation? resiliency.But they characteristics that they have today. So, we There is a set of characteristics and trades that think Forward! fits exactly that space. That’s come along with virtualisation. When you start are not readyto pay why it’s one of the use cases. doing thin provisioning in virtualisation, be more,so it’s a huge prepared to tolerate unpredictable opportunityfor us. [email protected]
EXPRESS COMPUTER MAY 1-15, 2014 33 COLUMN RAJESH MAURYA ALITTLE SECURITYFOR BIG DATA Securing big data ringing the issue of security into by securing access to the data. Like the big data discussion often most security policies, a proper in the enterprise produces two divergent schools of assessment of the threats to the Bthought from IT professionals— organisation’s big data never ends but requires smart policies categorical denial that big data should be revolves around ensuring the integrity enforcement, thorough treated any differently from existing of data at rest and during analysis. network infrastructure, and an opposite Performance is a key consideration analytics and high response towards over-engineering the when securing the collected data and the solution given the actual (or perceived) networks. Firewalls and other network performance tools value of the data involved. security devices, such as those for Big data—defined by Gartner as high- encryption, must be of sufficiently high volume, high-velocity and/or high-variety performance so they can handle the information assets that require new increased throughput, connections and forms of processing to enable enhanced application traffic. In a big data decision making, insight discovery and environment, policy creation and process optimisation—increases routine enforcement are more critical than usual security challenges in existing data because of the larger volumes of data and networks. the number of people who will require These are the four facets, as defined access to it. by IDC, that give rise to challenges but The sheer amount of data also also opportunities: proportionately increases the need to ● Volume: The amount of data is moving prevent data leakage. Data Loss from terabytes to zettabytes (1 Prevention technologies should be zettabyte is 1,000,000,000 terabytes) employed to ensure that information is and beyond not being leaked to unauthorised ● Velocity: The speed of data (in and parties. Internal intrusion detection out), from static one-time datasets to and data integrity systems must be ongoing streaming data used to detect advanced targeted ● Variety: The range of data types and attacks that have bypassed traditional sources - structured, un/semi- protection mechanisms, for example, structured or raw anomaly detection in the collection and ● Value: The importance of the data in aggregation layers. The inspection of context packet data, flow data, sessions and Yet, while big data presents new transactions should all be scrutinised. security challenges, the starting point to Because big data involves resolving these challenges remain the information residing over a wide area same as creating any other data security from multiple sources, organisations strategy: by determining data also need to have the ability to protect In a big data environment, confidentiality levels, identifying and data wherever it exists. In this regard, classifying the most sensitive data, virtualised security appliances policycreation and deciding where critical data is to be providing a complete range of security located, and establishing secure access functionality must be positioned at key enforcement are more critical models for both the data and analysis. locations throughout the public, private and hybrid cloud architectures than usual because of the Plan around the big data lifecycle frequently found in big data larger volumes of data and Properly defended big data environments. Resources must be necessitates defining specific security connected in a secure manner and data the number of people who requirements around the big data transported from the sources to the big lifecycle. Typically, this begins with data storage must also be secured, will require access to it securing the collection of data followed typically through an IPSec tunnel.
34 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
Leveraging big data with the As portable storage and bandwidth right tools SIEM: ABIG DATA continue to grow, the mobility of these While big data presents challenges, it larger datasets will also increase, also offers opportunities. With the right PROBLEM resulting in breaches and disclosure of tools, vast amounts of information could sensitive datasets. Threats will likely be analysed, and this allows an come from intruders manipulating the organisation to understand and o improve their security,some big data in such a way that business benchmark normal activities. If that Torganisations have Security analytics and business intelligence tools organisation could then monitor for users Information and Event Management could generate false results and lead to who stray from that norm, it could (SIEM) solutions to help them collect management decisions that could profit proactively get ahead of potential data and analyse security alerts and logging the intruders. and system breaches. systems.This may inadvertently, Even small changes in big data can This effort is aided by competent IT however,create a big data problem — have a big impact on results. So, staff and efficient deployment of the if every single log and alert is collected. organisations must not ignore the need to appropriate security tools. These tools To avoid this problem,organisations secure big data assets—for security include dedicated logging, analysis and should begin thinking less about reasons, business intelligence or reporting appliances that can securely security as a purely defensive system otherwise. They must address big data’s aggregate log data from security and and instead as an abstraction layer main needs in terms of authentication, other syslog-compatible devices. These above all pertinent enterprise data. authorisation, role-based access control, appliances will also analyse, report and They need to ask themselves what auditing, monitoring, and backup and archive security events, network traffic, data is relevant in a security context. recovery. Going forward, big data Web content, and messaging data. Obviously,network-level logs analytics involving behavioural Policy compliance could then be (i.e.,firewall,IPS,etc.) and user-access benchmarking and monitoring will also measured and easily customised reports logs would still be required.However, become increasingly crucial in produced. endpoint security logs,proxy- addressing next-generation information The difficulty in capturing, managing related logs and even deep packet security challenges. and processing information quickly in big inspection data may no longer data environments will continue to make be relevant. Rajesh Maurya is Country Manager, security an afterthought in many firms. India & SAARC, Fortinet.
EXPRESS COMPUTER MAY 1-15, 2014 35 COLUMN AJAY KAUL WhyCIOs Can't Ignore Enterprise Social Collaboration Regardless of giving or many CIOs, social media belongs A new form of communication in the realm of the marketing team For years, the social media revolution has headaches to many down the hall. The idea of bringing been affecting how people communicate IT heads, social FFacebook or Twitter into the on a daily basis. Daily life has become workplace seems to be one of sheer increasingly digitalised. With the collaboration tools are lunacy—surely this would create a host of workforce becoming dominated by security threats and privacy concerns. millennials, it is hard for employers to set to get a lot of likes However, the demand for enterprise attract and keep a young workforce that social collaboration is on the rise—and thrives on and even expects social media among enterprises with good reason. to be integrated into their office lives. In because of multiple Social media has become an integral addition, it allows for the mobile part of how people communicate in their communication that has become so vital benefits personal lives. It is natural that this new to modern business practices. ESC communication has begun to change how platforms allow information to be they collaborate and communicate accessed from anywhere at any time, professionally in the workplace. With across multiple devices. millennials becoming an increasingly larger part of the workforce, CIOs will be Overcome security issues forced to face enterprise social One of the biggest hesitations CIOs have collaboration (ESC) in the future. about adopting enterprise social Intelligent CIOs—who are ahead of the collaboration platforms is the potential trend—have embraced it now, leading to security issues and threat to business staggering results. critical data. While breaking down information silos and improving Why CIOs hesitate to take the plunge collaboration is great from a productivity A set of common concerns often come up standpoint, many believe that such when CIOs are presented with the platforms will result in the disclosure of question of whether to implement confidential information. However, the enterprise social collaboration tools. In opposite is true. Social collaboration tools addition to the concern that adopting have a host of security and governance such platforms will decrease employee measures in place to prevent such productivity, many executives fear the security breaches from happening. Not onlydoes it provide a failure associated with internal social Administrators can easily control access initiatives. In fact, 70 percent of internal rights for individual users and groups of centralised and organised place social initiatives eventually fail. For CIOs users, making sure the right people have who often lack practical knowledge about access to the right information. In for companycommunication, social media and fear change, this addition, advanced tools allow for the statistic is enough to keep them from creation of keyword-based profanity but enterprise social considering the potential benefits of filters. enterprise social collaboration. collaboration also creates a The question remains: why should No more email overload comprehensive knowledge CIOs implement enterprise social A common issue surrounding collaboration platforms if they’re communication in the workplace is email base and allows for easy seemingly destined to fail? The answer is overload: extended conversations quite simple: the benefits far exceed the between multiple parties that result in a document management risks. long string of emails that must be sorted
36 EXPRESS COMPUTER MAY 1-15, 2014 www.expresscomputeronline.com
through for the information needed. the solutions they require. Not only does islands to one integrated body. Whereas, While email communication is still great it provide a centralised and organised previously, each company branch would for quick messages, it is not conducive to place for company communication, but function individually; now every part of carrying on in-depth conversations. With also it creates a comprehensive the body is aware of what the other parts the ability to break things down into knowledge base and allows for easy are doing and all parts work together to topics, sub topics and specific groups, document management. Furthermore, accomplish company goals more ESC tools allow for quick and organised platforms can be adopted with ease. efficiently. communication. Many enterprise social collaboration Employees now expect companies to tools integrate with current business provide some means of the social Fewer hassles applications and systems, such as HRIS, collaboration they experience daily in The cost of developing infrastructure can CRM, Leave Management System and their personal lives. The forward- be high. Many platforms require constant more. Easy and seamless integration thinking CIO must educate him or herself upgrades and customisation in order to allows for maximised return on previous and fellow senior leaders on how the maximise the benefits for an individual investments in infrastructure. social media landscape functions outside company. Enterprise social collaboration of their company, in order to determine tools eliminate these hassles. Hosted and The future is here how it can be best leveraged as an cloud-based ESC solutions reduce the Getting social is inescapable. By 2016, 50 enterprise tool. Failure to do so simply need for further capital expenditure on percent of large businesses will have cheats themselves and their company out infrastructure. They are easy to scale up implemented an enterprise social of increased productivity, and the and down in order to suit the number of collaboration network. Thirty percent of opportunity to tap into employee ideas users on the platform, and require these will be considered as crucial as and talents. minimal or no customisation. Best of all, email and telephones are today (source: The time to go social is now. The they eliminate the inconvenience of Gartner) The enterprise collaboration business landscape will continue to constant upgrading. market as a whole is estimated to be change into a more collaborative, social worth $47.3 billion in 2014 and expected atmosphere—those who do not change The solution to many problems to grow to more than $70 billion by 2019 with the trends will find their company Today’s CIOs are facing a host of (source: Digital Journal). Whether CIOs left behind. challenges — and enterprise social like it or not, the structure of business is collaboration platforms provide many of changing from a network of isolated Ajay Kaul is a Managing Partner at AgreeYa Solutions.
EXPRESS COMPUTER MAY 1-15, 2014 37 NEWS
DATA CENTRE www.expresscomputeronline.com Emerson report predicts massive changes in data centres in next 10 years power to data centers. Solar will lead, followed by a nearly equal mix of nuclear, natural gas and wind. 65% believe it is likely hyperscale facilities will be powered by private power generation. ● Cloud forecasts are somewhat conservative: Industry experts predict two-thirds of data centre computing will be done in the cloud in 2025. That’s actually a fairly conservative estimate. According to Cisco’s Global Cloud Index, cloud workloads represent around 46% of current total data centre workloads, and will reach 63% by 2017. ● DCIM will play a prominent role: Twenty-nine percent of experts anticipate comprehensive visibility across all systems and layers, while 43% expect data centres to be self-healing and self optimising. Taken together, that would indicate 72% of the experts believe some level of DCIM will be deployed in 2025—significantly higher than most current estimates of DCIM adoption. EMERSON NETWORK POWER density that could radically change the ● Utilisation rates will be higher: recently released “Data Center 2025: physical environment of the data centre. That increased visibility is expected to Exploring the Possibilities,” a report that “We started the Data Center 2025 lead to more efficient performance offers a glimpse at the data centre in the initiative with a sincere desire to discover overall, as 72% of industry experts year 2025. what our customers, collaborators, expect IT resource utilisation rates to be The results range from the expected— colleagues and others in the data centre at least 60% in 2025. The average increased utilisation of the cloud—to the community believe the future holds for projection is 70%. That compares to ambitious—largely solar-powered data this industry,” said Steve Hassell, estimated averages today as low as 6- centers with power densities exceeding president, data centre solutions, 12%, with best practices somewhere 50 kW per rack. Emerson Network Power. “We between 30-50%. More than 800 data centre approached the research with an open “The data centre of 2025 certainly professionals from around the world mind, no expectations and no won’t be one data centre. The analogy I responded to the Data Center 2025 survey. preconceived notions of what we would like to use is to transport,” said Andy The feedback, viewed collectively, find. The results reflect a level of Lawrence, vice president of Datacenter indicates most in the field remain bullish sophisticated understanding, visionary Technologies and Eco-efficient IT at 451 on the data centre industry and on thinking and genuine optimism that I find Research. “On the road, we see sports continued innovation in the IT space and inspiring. I believe the true impact of this cars and family cars; we see buses and we beyond. report lies not only in its measurement of see trucks. They have different kinds of On average, experts predict density in current opinion, but in its ability to spark engines, different types of seating and 2025 will climb to 52 kW per rack. future innovation .” different characteristics in terms of According to the Data Center Users’ Other survey results and forecasts energy consumption and reliability. We Group, average density has remained from the report : are going to see something similar to that relatively flat since peaking around 6 kW ● Big changes in how data centres are in the data centre world. In fact that is nearly a decade ago, but experts are powered: The experts believe a mix of already happening, and I expect it to anticipating a dramatic upswing in sources will be used to provide electrical continue.”
38 EXPRESS COMPUTER MAY 1-15, 2014 NEWS
INDUSTRY www.expresscomputeronline.com Sanjay Deshmukh to join VMware
VMWARE, RECENTLY ANNOUNCED that Sanjay Deshmukh will join the company as Head of End User Computing Business, Asia Pacific Japan. The IT veteran will be responsible for VMware’s end-user computing (EUC) business throughout markets in the company’s Asia Pacific Japan (APJ) region. Deshmukh joines VMware from Citrix Systems India, where he was Area Vice President, Indian Subcontinent for more than four years. Reporting to Sanjay Mirchandani, VMware’s Senior Vice President and General Manager for the APJ region, Deshmukh will take up his new post on May 12 and will be based in Singapore. Before joining Citrix, he served SAP our development in end-user computing. announcement, VMware’s EUC strategy India as Vice President, Business User Sanjay’s experience and expertise will was reinforced in April when the company and Platform Group, after working as help us build on the establishment of our launched a comprehensive desktop Country Manager for Business Objects EUC portfolio across Asia Pacific as the solution, VMware Horizon 6 — that would Software India. During his 21-year solution of choice for enterprises in the enable enterprises to transform their career, he has built successful mobile cloud era.” applications and desktops for the mobile businesses in the areas of mobility, He added further, “VMware’s EUC cloud era — extending access to virtualisation and analytics. Deshmukh capability is the envy of our industry and employees on any device, anywhere, holds an MBA in Marketing from the offers the best solution in terms of simply, securely and cost-effectively. In Institute of Technology and empowering employees to access late February, VMware had acquired Management, Mumbai. enterprise applications and data on any AirWatch, a leader in enterprise mobile Speaking about the appointment, device from any location, securely and management and security solutions Mirchandani said, “We are making this cost-effectively.” covering laptops, peripherals and appointment at a very important stage of According to the release making the wearables. Public cloud services market to touch $557 million in India in 2014: Gartner
THE PUBLIC CLOUD services market in Research Vice President. “We India is on pace to grow 32.2% in 2014 to expect high growth rates across all total $556.8 million, an increase from cloud services market segments in 2013 revenue of $421 million, according to India.” Gartner, Inc. Spending on software as a BPaaS is expected to grow from $62.3 service (SaaS) will be around $220 million in 2013 to $204 million in 2018. million in 2014, growing 33.2 percent from SaaS is expected to grow from $166 last year. million in 2013 to $636 million in 2018, and SaaS is the largest overall cloud IaaS is forecast to grow from $58 million market segment, followed by in 2013 to $317 million in 2018. infrastructure as a service (IaaS), worth The total cloud market in India in 2013 $78 million and business process as a was $421 million, and the total market for service (BpaaS) is around $75 million. reflects the demand for new sourcing public cloud services in India is expected “Growth of cloud services in India models,” said Ed Anderson, Gartner’s to reach $1.7 billion in 2018.
EXPRESS COMPUTER MAY 1-15, 2014 39 NEWS
CLOUD COMPUTING www.expresscomputeronline.com IBM launches Enterprise Cloud marketplace with Global Partner Ecosystem M2Mi and Ustream have featured a wide array of cloud services on IBM marketplace for enterprise clients. The IBM cloud marketplace will be available to all IBM and non-IBM customers. Organisations will be able to test and experience hundreds of IBM and partner enterprise-grade cloud services online that are open, scalable and secure. Content is dynamically served up by job role and service pages offer easy access for those interested in categories such as Start-ups, Mobile, Gaming and others. IBM’s cloud marketplace has three key components for Line of Business Professionals: IBM Cloud marketplace for business will serve as a single stop where business and IT professionals can learn about, deploy and consume over 100 SaaS applications. For Developers: IBM’s Cloud marketplace Dev will provide an integrated, cloud-based development environment where individual developers, development shops and enterprise development teams can quickly and effectively build enterprise applications via leading services and application protocol interfaces (APIs). These applications can be easily and securely integrated in hybrid on premise and off premise cloud IBM RECENTLY ANNOUNCED the Bluemix platform-as-a-service with environments. It is built on an open launch of its Cloud marketplace. composable services, the SoftLayer environment so developers can choose According to the company, this single infrastructure-as-a-service and third any open source or third party tools and online destination will serve as the digital party cloud services. integrate apps, as needed. front door to cloud innovation bringing According to Robert LeBlanc, Senior together IBM’s capabilities-as-a-service Vice President, IBM Software & Cloud For IT Departments: and those of partners and third party Solutions. “IBM Cloud marketplace puts Ops will provide a secure set of cloud vendors. big data analytics, mobile, social, services built on Softlayer that will help This marketplace will serve as a cloud commerce, integration and the full power clients deploy cloud services. It will also innovation hub where technology will of IBM-as-a-Service and our ecosystem support high performance businesses at meet business with hundreds of cloud at our clients’ fingertips to help them enterprise scale. Services include Big services from IBM, partners and third quickly deliver innovative services to Data, Disaster Recovery, Hybrid party ecosystem. Enterprises will be able their constituents. Several IBM partners environments, Managed Security to access a full suite of IBM-as-a-Service including SendGrid, Zend, Redis Labs, Services, Cloud Environments for Small with 100 SaaS applications, IBM’s Sonian, Flow Search Corp, Deep DB, and Medium Business among others.
40 EXPRESS COMPUTER MAY 1-15, 2014 BUSINESS AVENUES www.expresscomputeronline.com
EXPRESS COMPUTER MAY 1-15, 2014 41 NEWS
SECURITY www.expresscomputeronline.com Over 69% of targeted attacks in India focus on large enterprises
ACCORDING TO THE latest Internet reputation of businesses at risk and carried out on non-traditional services Security Threat Report (ISRT) volume increasingly compromising consumers’ industries, like hospitality, business and 19 from Symantec, over 69% of targeted personal information from credit card personal services. This was followed by attacks in India focus on large enterprise. numbers and medical records to attacks on manufacturing, finance and Globally, there was a 62% rise in the count passwords and bank account details. insurance. of data breaches from 2012 resulting in Each of the eight top data breaches in India emerged as a key threat frontier, more than 552 million identities exposed, 2013 resulted in the loss of tens of millions ranking as the third highest source of proving that cybercrime remains a real of data records, while 2012 had a single overall malicious activity. It continued to and damaging threat to consumers and data breach. hold its position as the spam capital of the businesses. The report further observes that world with 9.8 % of spam zombies; along “One mega breach can be worth 50 globally, targeted attacks were up 91% with highest source of botnet spam close smaller attacks. While the level of and it lasted on an average three times to 1.45 billion spams or 6.6% originationg sophistication continues to grow among longer compared to 2012. In India, cyber from its borders everyday. attackers, what was surprising last year criminals are unrelenting in their focus India also ranked high in the number was their willingness to be a lot more on large enterprises with a staggering of top botnets like Cutwail, Kelihos, patient—waiting to strike until the 69% targeted attacks carried out against GRUM, and GHEG. Cutwail which is the reward is bigger and better,” said Tarun them. Despite stepping up their spam sending botnet for the malware Kaura, Director -Technology Sales, information security measures, business Pandex sends 8.06 billion spam messages Symantec India. in India continue to be an attractive every day, out of which the highest are The size and scope of breaches is target for cyber criminals. sent from India (over 620 million), exploding, putting the trust and In India, nearly four in 10 attacks were according to the report.
42 EXPRESS COMPUTER MAY 1-15, 2014 BUSINESS AVENUES www.expresscomputeronline.com
EXPRESS COMPUTER MAY 1-15, 2014 43 NEWS
SECURITY www.expresscomputeronline.com
India faced maximum phishing attacks in 2013 in the APAC region : RSA study 2014 PHISHING FORECAST Phishing, the cybercrime equivalent of pickpocketing, is a crime that is easily committed with very little cost to the attacker: cheap (criminal) hosting services—offered mostly on top of hijacked websites—are abundantly available. If spamming 500,000 emails addresses only set one back a mere $65, it is no surprise that phishing attack volumes are not dropping.
● Phishing volumes will not drop considerably, though there may be a slight decline. The decline will be mainly due to growing adoption of email authentication, namely DMARC, which together with tighter policy, should help in the reduction of phishing emails received by end users. However, wider global adoption (into LATAM and APJ) still plays a major factor in the battle against phishing.
● Big data analytics and broader intelligence collection will lead to faster detection and quicker mitigation, resulting in lower financial losses. With the millions of spam messages traversing RSA, THE SECURITY division of EMC, Key highlights from the report are: the internet on a daily basis, separating recently announced the findings of its ● Brands in the U.S, the U.K, India and the wheat from the chaff has become far 2013 Fraud Report. As per the report, Canada were targeted by almost 57% of more challenging. Advancements in India emerged as the top nation in phishing attacks in the first half of 2013. phishing techniques and methods also APAC region in terms of phishing serve to add a layer of complexity when it attacks by volume closely followed by ● USA and Canada remained the most comes to detection. Deploying analytics Australia and China. The estimated loss targeted countries by phishing attacks in into the detection process provides a way in India from phishing attacks stood at 2013, with a total of 63% of the phishing to see though the noise and get to the $225 million. attacks directed at them. phish faster. Coupled with broader The findings suggest that globally, loss intelligence collection, attacks may be due to phishing attack was close to $5.9 ● There has been a significant rise in prevented before they are launched. billion which is significantly higher than phishing attacks in every Quarter in 2013, $1.5 billion loss in 2012. The total number with Q4 seeing the most number of ● Greater end user awareness will serve of phishing attacks in 2013 stood at attacks. to reduce losses. Cyber awareness has 448,126 as against 445,004 the previous Top countries targeted by phishing are become a mainstream conversation year. The overall trend in attack number United States, United Kingdom, topic—people are becoming more aware showed a significant rise in volume Germany, India, South Africa, Canada, of the dangers in the digital world. More through the year, reaching an all-time Netherlands, Colombia, Australia and awareness translates directly into fewer high in Q4 2013 (1, 41,254). Brazil. losses.
44 EXPRESS COMPUTER MAY 1-15, 2014 NEWS
SOFTWARE www.expresscomputeronline.com
Sonata Software partners with Progress Pacific to deliver PaaS
PROGRESS SOFTWARE ANNOUNCED its partnership with Sonata Software, to deliver its Progress Pacific platform-as-a- service (PaaS). Speaking about the partnership, Sujit Mohanty, Head Technology Infrastructure Business, Sonata Software, stated, “Through our wide distribution network in India, we Accenture to deploy SAP ERP for Azure Power ACCENTURE HAS been selected by 2017,” said Inderpreet Wadhwa, CEO, Azure Power to implement an SAP Azure Power. “While we are growing at a intend to deliver Progress Pacific enterprise resource planning (ERP) very fast pace, it is essential for us to have solution to users, realising value in the solution to support and drive growth in our core business processes automated market for Progress Software and our its solar generation business. with adequate controls in place and we customers”. As part of the agreement, Accenture are excited to start our relationship with Progress Software provides data will provide implementation services in Accenture to manage our growth better.” application solutions to customers support of the SAP solution to Azure Sandeep Dutta, Managing Director - globally to help improve big data Power to help strengthen its business Resources Operating Group, Accenture integration, data interoperability, processes and improve planning, India, said, “We are seeing an increasing mobility and application budgeting, forecasting, supply chain and number of independent providers development needs of customers. revenue projections. The new solution entering the market to take advantage of Stephen McNulty, vice president and will help the company scale its rapidly the opportunity offered by solar, but it is managing director for Asia Pacific expanding solar footprint across India critical that these companies have the and Japan at Progress, said, “We are and will enable more effective right business framework in place to extremely pleased that Sonata management of complex business support the fast pace of growth in this Software has selected Progress to transactions. sector. We look forward to working with help its customers react quicker to “We are leading the solar revolution in Azure Power to implement integrated opportunities and increase India by bringing the cost of solar energy and agile business processes that can productivity to grow their from Rs17.97/KWhr in 2010 to help it outperform the competition and businesses. Progress sees Sonata Rs5.45/KWhr in 2014 and are working deliver on its expansion strategy.” Software as a key partner in the with the Government and all region to unleash the potential of the stakeholders to reach grid parity by Progress Pacific platform.”
EXPRESS COMPUTER MAY 1-15, 2014 45 NEWS
SOFTWARE www.expresscomputeronline.com
JDA Software launches SHVEnergysimplifies end-to-end supply chain its distribution model collaboration solution with SAP SAP AG HAS announced that SHV Energy Pvt Ltd (SEPL) has chosen its solution for transport management and supply network planning. SEPL is engaged in the business of importing and distribution of LPG to domestic, commercial and industrial customers. In India, SEPL markets its products and services under the brand name Super Gas. As the global marketplace grows,
JDA SOFTWARE GROUP, Inc, has JDA Cloud Services to deliver rapid, released JDA Flowcasting, an end-to-end sustained return on investment and supply chain collaboration and enhanced organisational agility. management solution. The solution will enable trading The JDA Flowcasting solution is partners to effectively collaborate on the designed to enable a completely supply chain parameters that drive time- integrated and unified supply chain for phased plans from the shelf to the factory manufacturers, distributors and retailers. versus just the outputs of the plans, such as Using inputs such as point-of-sale, the sales or order forecast. By enabling the inventory and promotions, the solution end-to-end supply chain to be modelled in a can eliminate the disconnect that exists common shared cloud instance, today in retail supply chains by providing a accelerated forms of simulation can take common set of plans for demand, place to extract new value streams that replenishment, transportation, capacity were not visible in the past. This will allow and financial projections that all trading trading partners to quickly evaluate the transportation management partners can agree upon and execute. trade-offs of different supply chain options becomes more complex and According to the company release, JDA that drive mutual benefit, make joint expensive. In their efforts to grow Flowcasting represents the next decisions, and then quickly execute. revenues and cut transportation generation of collaboration for trading “JDAFlowcasting provides companies costs SEPL aimed to gain better partners looking to create joint value for with dramatic new capabilities to drive control over their supply chains and their respective organisations and is a higher on-shelf availability at lower supply minimise coordination inefficiencies. massive leap forward from previous forms chain costs,” said Fred Baumann, Group Implemented in partnership with of collaboration such as Collaborative Vice President, JDA Software.“We are Hexaware, the deployment of SAP’s Planning, Forecasting, and Replenishment very excited about the business value this portfolio of customiwed solutions will (CPFR). Built on JDA’s rich end-to-end technology can bring to our customers help SEPL lower inventory and collaborative supply chain management and the long-standing problem it solves - logistics costs, improve processes capabilities, it leverages JDA’s scalable enabling a single source of forecast truth and increase visibility across its architectural platform and is deployed via for retailers and their suppliers.” national operations.
46 EXPRESS COMPUTER MAY 1-15, 2014