Posts

Top 10 Strategic Technology Trends for 2014-2015

Mobile and cloud hosting services are moving technology in new directions in 2014, as an infographic from ComputerSupport.com points out. Based on a report presented by Gartner at the Gartner Symposium/IT Expo, the infographic reveals ten clear strategic technology trends impacting businesses and consumers in 2014.

Mobile Device Diversity and Management

The rapid adoption of Bring Your Own Device (BYOD) in many workplaces has brought new challenges for security professionals. 2014 is the year professionals will realize the risks related to mobile devices and strengthen policies to address these risks.

Mobile Apps and Applications

Gartner predicts that apps will continue to grow in popularity and applications will start to dwindle as users go increasingly mobile. For developers, the push toward HTML5 and the browser as a delivery mechanism will change the development environment.

The Internet of Everything

For both businesses and consumers, internet connectivity will go beyond devices to include wearable items, household appliances, field equipment, and much more.

Hybrid Cloud and IT as a Service Broker

In its report, Gartner stresses the importance of bringing personal clouds and external private cloud services. Cloud environments should be set up with a hybrid future in mind.

Client/Cloud Architecture

The architecture of client/cloud computing is changing, with the client serving as the application on a PC or mobile device and the cloud requiring scalability. Applications must be able to run on multiple devices.

The Era of Personal Cloud

Thanks to the emerging personal cloud, services will become more important than services. While equipment will still be important, they will merely be a conduit to the apps and data a user needs.

Software Defined Anything

Known as SDx, Software Defined Anything encapsulates the networking, data centers, storage, and storage networks that make up technology today. SDx calls for improved standards for cloud computing and development.

Web-Scale IT

Calling upon the experience of large cloud providers like Amazon and Google, Gartner created a term called “Web-Scale IT.” This term refers to the need for enterprises to examine the IT value chain for improvements in every area across the organization.

Smart Machines

Devices will become more sophisticated through the year 2020 as machines like IBM’s Watson show more human qualities. Gartner predicts this smart machine era will be among the most disruptive in IT history.

3-D Printing

2014 will be the year mainstream 3-D adoption begins to grow, as the number of units shipped this year should grow by 75 percent. Gartner predicts this will be followed by double growth in 2015.

Gartner Announces Leaders in End-User Outsourcing

Leaders In End-user Outsourcing 2013 Leaders In End-user Outsourcing 2013

 

In its recent Magic Quadrant for End-User Outsourcing Services report, Gartner acknowledged growing interest in the use of service providers to help businesses with IT processes. The report specifically looked at the popularity of outsourcing service desk, desktop, and mobility needs. While Gartner anticipates desktop support outsourcing will hold steady over the next few years, compound growth of 14 percent is expected between now and the year 2018 in the area of mobile device outsourcing.

Through its series of Magic Quadrant reports, Gartner seeks to provide insight into trends in the market. The unbiased report ranks vendors on two major qualities: completeness of vision and ability to execute. Within those two criteria, vendors are grouped into four quadrants based on their levels of innovation and depth of service.

Leaders

  • CSC: This Virginia IT company provides end-user outsourcing services using MyWorkStyle, which gives businesses five work personas.
  • IBM: With the goal of providing a virtualized workplace, IBM supports approximately 3.5 million end users.
  • Unisys: In 2013, Unisys’s end-user outsourcing business grew 14 percent, with 2,275 desktop technicians supporting users.
  • CompuCom: Based in Dallas, CompuCom has more than 600 defined personas and can pinpoint systems that need to be replaced before they become problematic.
  • HP: Supporting more than 5.4 million users globally, HP offers everything from client virtualization to Context Analytics.
  • Dell: Client solutions are tailored to meet their own specific needs, and the company plans to further customize its offerings by creating plans designed for larger clients.
  • HCL Technologies: The India-based company uses remote delivery and automation to reduce the need for on-site technical support.
  • Atos: This French IT services company provides a low-cost base price that lets clients add on services as needed.

Visionaries

  • Fujitsu: The company’s Workplace Anywhere uses its own cloud and Citrix-based technology to provide support for both mobile and virtualization.
  • Cognizant: With its monthly risk-free subscription, Cognizant has grown significantly.

Challengers

  • Xerox: The Connecticut company takes a service catalog approach for its document management offerings.
  • Pomeroy: The company has an emphasis on mobile, supporting four mobile devices for every 10 PCs.
  • Wipro: This India-based company is expected to boost its end-user outsourcing performance in the next few years.

Niche Players

  • CGI: The Montreal company hosted a technology trial and 140-day review in order to give customers a chance to try out its hosted virtual desktop service.
  • Stefanini: This Brazilian company encourages performance improvements through rewarding employees for any savings it can bring to clients.
  • Long View Systems: This Calgary-based firm has a focus on mobile technology, rebadging employees to other companies when needed.
  • C3i: C3i focuses on the life science industry, providing support for labs and medical facilities.
  • Maintech: Clients benefit from training through Maintech’s IT Infrastructure Library.

 

Cloud Services Need More Data Security Transparency for Better Risk Management

Customers of commercial cloud computing services, notably SaaS (software as a service), are realizing serious data security holes in the contractual provisions of what is acclaimed by many as a practical cost-cutting IT solution. The IT market analyst Gartner has released a comprehensive report pointing out some discomforting oversights in cloud computing contracts which it characterized as containing “ambiguous terms” involving the maintenance of data integrity, confidentiality, and data recovery after a system failure leading to loss or compromised data housed in remote cloud computing servers.

The Problem Uncovered by the Garner Report

The situation has highlighted risks to data security that has led to jitters among cloud service customers while making it more difficult for service providers to rationalize the risk they expose their clients to without any clear contractual provision that can allay their data security fears. According to the Gartner report, 80% of IT professionals overseeing the contractual purchase of cloud services will remain dismayed over the inadequacy of data security protection in SaaS agreements with providers up to the year 2015.

The analysis section comprising the main body of the Gartner Report has sub-section titles that clearly indict the current state of SaaS contracts in the area of data risk management. It cautions cloud users not to use SaaS contracts as a “Hedge against Risks,” and not to be complacent in assuming that these contracts provide the company with “Risk Transparency” or the “Adequate Service Levels for Security and Recovery.”

At the moment, there is no standard or consensus among cloud service vendors on how best to provide the proper data security commitments. SaaS vendors would naturally want to expose themselves to as little commitment as possible. Among them, a single failure that compromise data security could affect several hosted customers so that even modest compensation costs could easily rack up. As a result, most cloud providers deliberately avoid such contractual obligations, some preferring to provide less expensive penalties in the form of services in kind in the event they fail to live up to any part of the SLA.

Putting in the right SLA provisions

According to Alexa Bona, VP of the prestigious firm, cloud service users are getting frustrated over the lack of transparency provided by current and prospective cloud service providers in risk management. She added that at the very least, cloud users should ensure that the SaaS agreement they enter with providers contain a provision that allow for an annual 3rd party security audit and certification, as well as the option for a unilateral termination of the contract should the provider fail to perform such measures.

Cloud customers should demand that SaaS providers respond to audit assessment as required in mitigating the risks. Bona refers to the Cloud Security Alliance (CSA) whose “Cloud Controls Matrix” in spreadsheet form effectively provides a comprehensive model listing the necessary control objectives considered by CSA participants as having high priority in cloud computing security. The more users demand this level of commitment, there is a higher chance that service level standards will improve, and covering data protection risks can become common practice among vendors through regular assessments as simple as service questionnaires, responses to 3rd party audit assessments, and client’s own on-site audit checks.

The report’s analysis section ends with the admonition that users should not assume that SaaS contracts have enough data security and recovery provisions in their service levels. This has obviously been the case so far and users reviewing their contracts with cloud service providers are recognizing the loopholes that expose them to the risk of data losses and recovery problems they didn’t have before going into cloud computing.

IT professionals responsible for procuring cloud services must ensure that their SLAs contain specific provisions that contractually obligates service provides to meet company expectations in protecting data from external attacks, theft and implementing data recovery. The Gartner report recommends that SLA provisions should include data recovery objectives, recovery time thresholds, and data integrity measures with sufficient penalties if missed. IT service procurement executives should ensure that there is enough security commitments in writing which, at the bare minimum, provide for regular penetration assessments by 3rd party security auditors, and an obligation to correct any potential problem uncovered by such audits. Needless to say, failure to act on the audit assessments should give customers the option to cancel the contract as well as demand a meaningful monetary compensation for any failure to address shortfalls in the security audit.

The risk implications to the business have driven IT professionals in the areas of data recovery, security, business continuity, and standards compliance to voice their concerns in the purchasing process when getting into commercial cloud services. Bona sees their active participation from here on in reviewing contracted SLAs to ensure that such agreements hold up to the company’s data security standards by having sustainable deals for adequate risk management on the part of cloud service providers. Lastly, Bona advises that cloud customers should seriously consider 2-3 year fee liability limits, instead of the usual 1-year period, along with procuring added risk and liability insurance policies whenever possible.