All posts by nigelmoulton

Is your IT department a zoo or a safari park? It’s time to converge your company’s skills

Picture credit: “San Diego Safari Park”, by “Eric Gorski”, used under CC BY NC SA

When did you last take a walk around your IT division? What did you see? More importantly, what did you not see? Are the professionals responsible for storage, networking and your server virtualisation program working together or apart? Could any of them step into another’s shoes, move across teams or come into work tomorrow morning prepared to turn things upside down and do it all differently?

In short, would you say your IT department resembles a free range safari park or a set of zoo enclosures? The answer is important. The skillset and culture of your IT infrastructure team could make or break your company’s chances of becoming a successful digital enterprise.

The simple truth is that you cannot build an agile, customer-centric business on a disconnected IT infrastructure, managed by a disconnected team. To achieve the integration, speed, scalability and resilience, a digital business needs you to converge your IT infrastructure – and to do the same with your team.

It is easy to underestimate how radical and unsettling this could be for the IT professionals in your organisation. First of all, IT convergence involves breaking down barriers between organisational silos, standardising and automating processes and changing the way these are monitored and managed.

Converged infrastructures can resemble IT services more than hardware systems. For many of the professionals working in infrastructure, that can be quite a leap, professionally and emotionally. Most IT professionals will instinctively translate these changes into, at best, a loss of familiarity, influence or authority and at worst, unemployment. Few will see it for what it can also be: a chance to upskill, future-proof their professional career and invigorate their skills, or a release from the monotony of maintenance to add creative value elsewhere.

Secondly, today’s highly-trained IT professional is likely to have followed an established course of education and professional development, sometimes up to chartered status and beyond. The learning frameworks for these qualifications can be slow to change. Many still reflect the requirements of an earlier, more traditional IT environment, with computing, networking and data storage covered in isolated modules. New courses are needed, and needed now.

A converged environment, for example, requires a deep, blended skill set including all the above areas, as well as a good grasp of management, design, software, service delivery and wider business needs. 

Further, the introduction of convergence supports other emerging IT roles, which themselves combine different skill sets. These include information architects, who blend system administration skills with an understanding of how these systems integrate with existing technical operations and business processes, and DevOps professionals, who fuse development and operations to transform the speed at which applications are created and deployed. 

Change in one area influences and is influenced by change elsewhere. One by one established IT operations, development and service roles are being transformed. CIOs and their frontline IT managers need to work with HR to understand and address the implications of this ripple effect. 

Industry commentators are divided on how well CIOs understand this. According to Gartner, 81 per cent of CIOs are overly focused on the near term, the next three years at most. At the same time, the IT industry trade association, CompTIA expressed surprise at the revelation in its 2015 global workforce survey that in an age of digital technologies it’s the skills gaps in networking, storage and computing that are accorded the greatest priority. There is clearly a gap between the infrastructure skills companies have and the skills they need.

Training in new infrastructure solutions such as converged and hyper-converged technologies is becoming business-critical. Not just informal, on-the-job training to meet immediate needs, but robust, certified training. The practical benefit as well as the emotional reassurance of this should not be underestimated. CompTIA’s study showed that a significant 44 per cent of respondents in the UK say that IT certified staff offer more value to the organisation, with certification in infrastructure technologies topping the list in terms of overall added value and ROI.

Our own VCE Certified Professionals Program, for example, introduced in April 2014, helps IT professionals to develop the skills needed to design, deploy and manage converged infrastructure as a seamless, single environment. Every month, around 500 newly certified VCE converged infrastructure professionals return to their desks ready to change the world.

It is time to break down the walls of resistance and tradition that are suffocating IT. No-one embarks on a career in technology hoping that every day will be the same as the one before. IT professionals need to rediscover their thirst for knowledge, their passion and their aspiration to become more, and CIOs need to lead by example. The age of cages is over and the open savannah awaits.

Managing the risks of cloud collaboration in business today

(c)iStock.com/Alija

Gartner predicts that cloud office systems will account for 33% of the overall office market by 2017. This is a big step considering a few years ago collaboration in businesses typically involved emails, phone calls, and perhaps a few instant messages exchanged within the company.

However, nowadays the arrival of cloud computing and all the remunerations that come with it have shaped the path for collaborative cloud-based services, which is reforming how businesses work over the internet. Many collaborative services offer a specific business need, such as social networking, productivity apps, storage, or good old fashioned email.

Yet whilst collaborative cloud-based services offer a whole range of benefits to businesses of all sizes, they also can pose a number of risks if not appropriately integrated into the corporate sphere. When using the messaging and conference call applications within the cloud, users need to be aware that the same rules associated with data privacy should also apply to this. Companies need to ensure that the “data” transferred over these systems cannot be captured by someone trying to maliciously record the call or video, and that there is an audit trail on how this messaging is done within these interactive sessions, so it cannot be detained by unwanted users.

Even if employees are exchanging corporate messages privately, organisations need to make sure that there is a higher degree of security around the confidentiality of that data. This is simply because it could be severely compromising in a situation where cybercriminals hack into a corporate collaboration system and start to make private company details public.

This has been seen already in the infamous phone hackings of company voicemails, so it is imperative that organisations ensure there are appropriate security measures in place which are resilient, as well as a service level agreement (SLA) which will provide a high degree of compensation if the systems are breached and the company is compromised.

The big question companies need to ask themselves is: will the in-house IT department do a superior job at protecting the corporate collaboration system, or is this a responsibility which you place offsite with a cloud provider? Nowadays, SMEs in particular are taking the view that this task is best managed off premise with a provider which they trust and pay to manage their cloud collaboration systems for them.

This approach has many benefits – providing the company forms a relationship with a trustworthy vendor. It is imperative that before handing over the responsibility of managing and storing company data, organisations check the track record of their cloud provider and ensure that there have been no former breaches of confidentially.

It is also wise for companies to try and understand the technology the provider utilises in its own data centres, and the tools they use to make the service more secure. One of the key examples of this is to check if the sessions that run between the organisations and the service provider are encrypted. This means that the data, such as voice messages, are encrypted within a VPN, and the resulting file that is used to record the call is also encrypted and can only be played back by authorised users.

Another risk which has emerged into the ever-connected world of business is bring your own device (BYOD). By enabling a BYOD program, enterprises permit employees access to corporate resources from anywhere in the world, however, securing these devices and supporting different mobile platforms can create complex issues for IT departments. Companies need to lay down careful policies on the security required, how this data should be handled and how employees are expected to behave – including security awareness of the dangers of insecure networks and over-sharing in social networks.

One of the specific areas of concern to be addressed is the mobility of data and how to capitalise on the benefits while securing the company.  Firstly, security policies must be revised to reflect the changes in working practices.  It’s no longer possible for IT departments to defend the traditional network perimeter. Instead, they must apply a security ‘wrapper’ around every employee – so that they are protected wherever they work and whatever device they use. 

As well as a focus on technology, organisations need to better educate their employees. It’s essential that employers understand the risks involved with using mobile devices and communicate this effectively with employees. They also need to put in place robust security processes to reduce the risk of any data breaches or leaks occurring. This means deploying anti-malware apps, controlling the applications that employees have access to, and also being able to block access to, and where necessary, erase sensitive data stored on a lost device.

The relatively recent purchase of AirWatch by VMWare shows how enterprise software vendors are adding additional functionality to compliment the services already offered by the mobile device operating systems, and in this way providing additional levels of control and security into mobile devices.