BT Let's Talk Quarterly for ICT Decision Makers

  • 520 views
Uploaded on

In this edition of the BT Let's Talk quarterly discover an interview with sustainability expert Nial Dunne, Cisco's view on recent trends in data centres, how to tackle the barriers to cloud adoption …

In this edition of the BT Let's Talk quarterly discover an interview with sustainability expert Nial Dunne, Cisco's view on recent trends in data centres, how to tackle the barriers to cloud adoption and much more!

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
520
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
16
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. A quarterly magazine for the ICT Decision Maker Let’sTalk March 2014 who will history judge as winners? to cloud adoption & Europe’s digital economy at an international metals & mining business SUSTAINABILITY LEADERS: TACKLING THE BARRIERS BUILDING AN INTEGRATED IT PLATFORM
  • 2. Editorial Welcome by Joris van Oers, CEO BT Benelux Sustainability leaders: who will history judge as winners? Interview with Niall Dunne, BT’s Chief Sustainability Officer You’re in charge Charles Fox, Enterprise Architect Cyber Warfare at BT Recent trends in Data Centres Interview with Bob Stemmerik , responsible for Cisco’s Data Centre Architecture Tackling the barriers to cloud adoption & Europe’s digital economy Interview with Danielle Jacobs, Director of BELTUG Building an integrated IT platform at an international metals & mining business Interview with Erwin von Dölling, Group Manager of IT Infrastructure, Operations and Planning for Nyrstar Mobilising the city for innovation and growth: the case of Rotterdam Interview with Fred van Beuningen, Director Rotterdam Partners March, 2014 Welcome to the March edition of Let’s Talk Magazine! I am pleased to present the newest edition of the magazine in a refreshed format. Demand for cloud services keeps growing as the business benefits become clearer. The focus is shifting towards real-life deployment strategies and solutions. Cloud security is a crucial element in this. Delivering a secured cloud infrastructure is a joint effort of the business and the Cloud Service Provider. And it is not just about technology. The challenges and responsibilities regarding cloud security are clear but often overlooked. Awareness of the different security aspects of a cloud infrastructure is crucial, as well as proactively mapping and addressing potential risks and regulatory compliance. In this edition of the magazine, we cover many different angles of cloud computing. We spoke to Charles Fox, a Cyber Warfare expert at BT. Our Chief Sustainability Officer Niall Dunne shares his view on how technology can play a role in creating a better future. Bob Stemmerik from Cisco provides a view on the future of the data centre. Danielle Jacobs from BELTUG shares what she sees as main obstacles for cloud uptake in Europe. Erwin von Dölling from Nyrstar gives some insight into how an international mining company is dealing with ICT challenges. Finally, we were pleased to talk to Rotterdam Partners, as we will soon be opening a brand new data centre in Rotterdam. Meanwhile, I invite you to join me in our LinkedIn group for ICT decision makers: http://www.bt.com/be/linkedin And to visit our blog: http://letstalk.globalservices.bt.com I do hope you enjoy the interviews and I am looking forward to talking to you at one of our future events or on LinkedIn. Joris van Oers, CEO BT Benelux Contents 3 4 8 12 14 18 22 32
  • 3. Sustainability leaders: who will history judge as winners? Many would argue that businesses and sustainability advocates are caught in an inherently conflictual relationship. Not so, says Niall Dunne, BT’s Chief Sustainability Officer. According to Niall, large businesses and their brands are potentially the most powerful platforms for changing our world for the better. To say that Niall is passionate about sustainability is an understatement. He’s spent his entire career helping companies define and execute on their sustainability goals. And he has global influence in that regard too; Niall is a World Economic Forum (WEF) Young Global Leader and he’s vice-chair of the WEF’s Global Agenda Council on Sustainable Consumption. We asked Niall about the sustainability agenda in this era of global crises and new oil & gas booms. Niall, please tell us what your role as Chief Sustainability Officer entails. At BT we have six strategic priorities for growth, and one of those priorities is to be a sustainable business leader. My responsibility is to make sure that we achieve that goal. That entails understanding what sustainability leadership means, qualifying that and translating it into strategies that we can actually execute. You’ve been in your role for about two and half years now, coming from Saatchi & Saatchi. That must have been quite a change, moving from an agency to a large corporate enterprise. Looking back, what have you learned? The change has been pretty dramatic, coming from an agency to being part of a large organisation that is ideologically aligned with you, that has given you license to really think deeply about what sustainability leadership constitutes and most importantly is putting the resources behind you to bring sustainability to life, not only in this organisation but also far beyond. It’s a fantastic opportunity and I think BT is still only scratching the surface of its potential. That said, at Saatchi & Saatchi I got to see how fast some organisations, like Walmart and Toyota, can move on sustainability, particularly when it’s linked to a crisis. Most organisations though tend to be quite slow moving and even when they do have a burning platform still fail to act. It’s hard to see how most of these organisations will exist in twenty years’ time. Sustainability seems to come in many guises: cradle-to-cradle, circular economy, natural capitalism, etc. What is it with all these concepts? What are we to make of them? Actually there are a number of very good concepts, including cradle to cradle, the circular economy, the sharing economy and conscious capitalism. A lot of these concepts have traction among businesses and governments but most of them unfortunately have not yet succeeded in appealing to mainstream consumers, especially young people. I think these concepts have grown out of the B2B space but the consumer angle is missing and that limits them. The victor, the one who will receive the most plaudits from history, will be the one that successfully engages the mainstream all around the world. And the litmus test will be around young people. We have to find a language and a narrative that works for young people, because it’s ultimately their future. Interview with Niall Dunne, BT’s Chief Sustainability Officer So how is BT taking on that challenge? Firstly we depart from the fact that ICT can actually do more good than harm. A report we worked on over the last couple of years, called Smart2020, proposed that if ICT was deployed more effectively and extensively all around the world, it could abate global carbon emissions by up to 16%. That’s a staggering fact, yet not one ICT player has clearly outlined how they intend to help achieve that goal, what their methodology is, what their measures are and how they’re linking it to their growth strategy. That is why, under our previous CEO Ian Livingston, we launched NetGood, which is ultimately about growing our business in ways that abate carbon as opposed to create carbon; it is basically about delivering on the Smart2020 hypothesis. Key to this strategy is that we have committed to helping our customers save three times as much carbon as the end impact of our business. In other words, we are taking responsibility across our entire value chain, covering our suppliers, our own operations and our customers. We’ve calculated that in our current portfolio, worth approximately 2.3 billion pounds, we’re actually taking carbon out of the atmosphere through our technology. The fact that BT exists means that there is slightly less carbon in the atmosphere. But that’s not enough. We want to grow and almost triple the impact of this portfolio to get us to that three-to-one ratio. We’ll also have to rely very heavily on innovation, especially in the areas of cloud computing, smart cities, smart grids, the internet of things and so on. We have to make sure that our technology, as we grow the business, is actually helping the world do more with less. You mentioned the cloud; how can cloud computing help us achieve sustainability goals? The UN and many governments around the world have been very focused on sustainable development, as articulated by the UN’s Millennium goals, which will take us to 2015. The post-2015 agenda is currently being developed and I think aspects such as cloud computing, Big Data and analytics will play a huge role in helping us achieve those objectives. For example, our BT for LifeSciences cloud based platform will allow us to do analytics around global health challenges and thereby enable sustainable development. Similarly, other cloud based services like BT Trace, which provide companies with much improved visibility of their supply chains, will help companies make smarter decisions about their energy use and help them save money and carbon emissions. I think we’re only in the beta phase of understanding the power and potential of the cloud in this regard. “Large businesses and their brands are potentially the most powerful platforms for changing our world for the better.” 54
  • 4. “There are still 4.4 billion people who are not connected, especially in emerging markets. Most of our largest customers are looking at those regions for growth but that growth won’t happen without connectivity.” Interview with Niall Dunne, BT’s Chief Sustainability Officer At a recent conference, you mentioned that children better understand where the world is going and that kids “act locally but think globally”. What do you mean by that? Kids have been the biggest beneficiaries of our more connected world. That’s because older people tend not to be the earliest adopters and are more concerned about privacy. In China alone there 500 million Millennials online using social platforms such as Weibo and QQ. Young people are using all of these different social platforms to share experiences with each other and they’re also sharing opinions about which brands are more sustainable. They want to see businesses being more purposeful and will use their networks to make that happen. For example, in the US young people launched a campaign called #FitchtheHomeless, targeting retail brand Abercrombie & Fitch because they felt it was acting unethically. They were able to drive huge levels of consumer activism using a very compelling digital campaign. This ultimately impacted not just the top-line revenue of that organisation but they also provoked a shareholder revolt. Young people the world over are very plugged in. They’re very aware of a lot of ethical and environmental issues, and critically, they are looking to brands to resolve a lot of these issues. And they will reward brands who are building this into their core market proposition. How does that relate to your earlier point on business struggling to engage young people? How can brands appeal to young people and engage them in sustainability issues? In the US there are a lot of brands - such as Chevrolet, Cadillac, Marriott - that are relevant to the baby boomers but that have lost all relevance among this younger demographic. Instead, new disruptive brands such as ZipCar and Airbnb are emerging that do appeal to younger people, that challenge the old order. Why own a car, why go to a hotel, when the sharing economy offers good alternatives? The internet is enabling more and more of these disruptive business models that are showing us the way forward. If traditional brands want to reconnect with younger people then they have to move away from marketing at them and dumbing them down to actually marketing with them. They have to rely more on digital channels to create new experiences and in many instances learn from these disruptive business models. One of the biggest home improvement retailers in the UK, Kingfisher, is openly embracing the sharing economy and recognising it as being key to the future growth of their business. They see the opportunity in a model where consumers as a community share home improvement equipment such as drills or other tools that are used very occasionally, and where they help each other in using such equipment more effectively. If you are willing to innovate and change your marketing tactics then I think there are fantastic opportunities for traditional brands to engage young people. Niall Dunne, BT’s Chief Sustainability Officer Are there other examples of traditional brands doing the right thing? I think the leaders are companies such as Unilever, Nike, Kingfisher, Marks & Spencer, and ourselves. Coca-Cola and SAB Miller are doing great things around water management. It depends on the theme you’re looking at. I don’t think any one company has got all the bases covered, but there are leaders in distinct areas. Nike is brilliant at product innovation, having really embraced the circular economy and bringing it to scale. M&S has brought its Plan A to life in their supply chain using initiatives such as Schwopping, where consumers donate an item of clothing to charity whenever they purchase something new. Our own Net Good project has been very well received and we’ve made a great deal of progress since its launch. Brands are also beginning to realise that they need to work together to address sustainability challenges and engage with young people. At Davos this year, Coca-Cola, Unilever, M&S and BT launched a strategy whereby we’ll work together to engage young people in a much more effective and compelling way than we’ve ever done before. It was probably the most talked-about initiative at Davos and there’s been huge interest from numerous international organisations who are struggling to engage young people. This has been an initiative waiting to happen for a long while. Can you tell us a more about the project? We worked with the World Economic Forum to develop insight into how young people actually make decisions. Relying on a completely new methodology we learned that young people really want to be empowered and that they’ll reward brands who engage them in meaningful and purposeful ways around sustainability. We also learned that they depend very heavily on non-traditional media such as Tumblr and Vice, and are even turning away in some instances from Facebook and Twitter. We’ve all been disappointed in the effectiveness of traditional media as a means to engage the mainstream. If anything, they seem to have created misinformation about where the world is going. And thus we’re going to focus on non-traditional channels. We’re going to put our resources on the table and actually make sure that this isn’t just an amazing campaign but an actual movement. You sound like an optimist. In these times of continual crisis and a new oil & gas boom, isn’t sustainability somewhat off the agenda? We seem to have reached a plateau. The latest UN Global Compact survey among CEOs, done by Accenture, showed a flattening of attitudes toward sustainability. Basically people are realising that sustainability is actually very hard. It is easy to deliver the quick wins in areas such as energy efficiency, to push out the obvious and stupid uses of resources. But after that you get into more difficult conversations about how to allocate capital differently, with a longer-term view. It means asking leaders internally - the people who own the P&L in market-facing units - to make a decision that could ultimately get them fired. You’re asking them to take a bet on a different business case, but you’re also betting on the support of your organisation, that BT will want to see its leaders making those decisions, that they will back those decisions. Yes, there has been a flattening of attitudes toward sustainability but there is new generation of leaders, also in BT, who are completely committed to these objectives, who feel these concepts in their DNA. All we need to do is build energy around them and see to it that they have the resources and support they need to deliver on those goals. Any final remarks? A call to action. I want to hear from other people in our business, and from other businesses, who want to be a part of this movement, who feel that they have a meaningful contribution to make but haven’t had an opportunity to do so. We all need to support each other. By getting connected we can help and coach each other, we can become more effective leaders and address these challenges. If you are a purposeful leader, if you believe that you can change the world through business and especially through technology, then lets figure out how we can do it together. I am reachable on Facebook (facebook.com/nialldunne) and through Twitter (@bluNiall). 76
  • 5. “Nearly 4 out of 10 customers have experienced data loss from their cloud infrastructure due to staff accidentally deleting data.” Interview with Charles Fox, Enterprise Architect Cyber Warfare at BT You’re in charge Charles Fox, Enterprise Architect Cyber Warfare at BT, takes the cyber threat seriously. While cloud computing has obvious benefits, it also carries risk. And as a customer of cloud computing services, it is crucially important that you understand your responsibilities. Charles explains. What in your opinion are the key risks associated with cloud computing? The risks will depend on the model that you’re using: public cloud versus private cloud. Public cloud services are popular because they offer agility and instant on-demand processing, but they also carry significant security risks. Bear in mind that most of the classic security risks pertaining to premises-based infrastructure still exist in a cloud setup; where your data is partially controlled by a third party, you are in effect taking on additional risks. When you procure a public cloud service you typically lose some control over IT architecture, over where your data is stored and over access control. And often there is confusion about the respective responsibilities of customer and cloud service provider. In a private cloud setup you have much more control over all of these issues and that is why a lot of enterprise customers opt for a hybrid cloud model where they try to harness the best of both worlds: private cloud for mission critical and Personally Identifiable Information (PII) and public cloud for less sensitive data and non-critical applications. Are we exaggerating the security risks or is it just the opposite; we’re not taking them seriously enough? I don’t think we are overrating the security issues, for at least two reasons. Firstly, cloud computing is simply one aspect of a broader trend that also includes mobility, social media and BYOD. Those trends are inter-connected and compound the security risk. Irrespective of whether you are adopting cloud computing for enterprise computing, your employees are likely to be using both their own devices and consumer-geared public cloud services and could unintentionally be leaking sensitive data. For example, last year the Oregon Health and Science University had to notify more than 3000 patients that some of their medical information was stored on a non-HIPAA compliant public cloud service. 98
  • 6. Charles Fox, Enterprise Architect Cyber Warfare at BT Interview with Charles Fox, Enterprise Architect Cyber Warfare at BT “The top threat associated with cloud computing is data breaching - the theft of corporate data - not just by criminals but increasingly we’re seeing state actors being involved.” So how do we protect ourselves against these threats and what can I expect from my cloud service provider in that regard? When choosing a cloud service provider, make sure that your provider has a strong record of operational best practices and is compliant with international standards such as ISO 27001. At every level of their operations a cloud service provider should comply with best practice. This includes the vetting of personnel, the controls over subcontractors and suppliers, the physical security measures at data centres, identity and access management, and security governance. This latter point also covers potential conflicts of interest, for example that no person should be responsible for both inputting and auditing data. Ultimately, however, you remain responsible for your own data. That is probably the most important message I can impart here. You as the customer are the owner and controller of your data, and hence you are responsible for that data and will need to make sure that you are complying with the regulatory regimes. If your data is moved from one location to another and that happens to break a Data Protection law, then you are liable. Therefore it is your responsibility to have in place a robust security governance system, a system that not only covers your own security measures but also the SLAs with your cloud service provider. Do not simply rely on default contracts because these often do not go far enough in covering all the security and compliance risks. Most companies’ Business Continuity plans were designed to cover their classic on-premises infrastructure but as they move to a cloud model, they often neglect to extend the scope of their Business Continuity plans to include those 3rd party providers. They assume that the cloud service provider will take responsibility for backing up data and other such issues, but that is not always the case. Providers do have a clear responsibility at the level of physical infrastructure and the network, but at the level of server configuration and especially at the data level it is the customer who is responsible. The most important tip I can provide is that you should engage your security team holistically across your overall cloud strategy and make sure that you understand where your data is and who has access to it. Make sure that you retain control over your data, since ultimately you will have to deal with the consequences of losing your data. Some of their physicians-in-training had decided to use Google Drive to share personally identifiable patient information, probably because the existing enterprise system was too cumbersome to use. The intent might have been good, but they ended up violating HIPAA (which in itself can result in civil and criminal penalties) and causing significant reputational damage to the institute. This case illustrates the importance of good security governance; your employees really need to understand security policies. Secondly, the demand for public and community cloud solutions is leading to an awful lot of consolidation of intellectual property and personal data in multi-tenant infrastructures. These concentrated setups are becoming very attractive to criminals and hence they’ll spend a lot of money and effort to break in. Adobe recently reported a cyber attack that stole the source code of several of its software products and the personal data (including passwords) of approximately 3 million customers. They later had to up that number to 38 million. So in response to your question, no, I don’t think we’re underestimating the security risks. How do you see security risks evolving in the future? Will the cyber threat get worse or better? It’s always difficult to predict the future, obviously, but it does seem clear that both the nature of the threat and the actors involved are changing. The top threat associated with cloud computing is data breaching - the theft of corporate data - not just by criminals but increasingly we’re seeing state actors getting involved. There have been a number of reports showing that state actors are actively stealing IP that is valuable to the economy. Looking at the type of attacks I expect to hear more about session hijacking, spear phishing, vulnerable APIs and denial of service attacks. Unintentional data loss is also set to rise, in fact we have already seen a significant amount of such data loss. Nearly 4 out of 10 customers have experienced data loss from their cloud infrastructure due to staff accidently deleting data. Cloud computing isn’t only an opportunity for the good guys, the bad guys are increasingly exploiting the benefits of cloud computing. For example, criminals are sourcing huge volumes of processing power from cloud providers to power their attacks. The running joke in the industry is that next to SaaS, Iaas and PaaS, there is tremendous demand for AaaS, otherwise known as Attack as a Service. In a multi-tenant environment there is also the risk that criminals will break through partitions and make it look as if legitimate customers are attacking each other, causing reputational damage. You have described two types of threats: those from entities with criminal or malicious intent, and unintentional threats, typically from staff. How do they weigh up against other? Malicious threats tend to have a bigger profile, however I would like to draw attention to the fact that the unintentional insider threat is usually much bigger than the malicious insider threat! Note that the insider threat isn’t limited to your own staff; mistakes can also be made by personnel at your cloud service provider or other ICT suppliers. 1110
  • 7. Recent trends in Data Centres Bob Stemmerik knows a thing or two about Data Centres. Following a 3-year stint running Cisco’s 46 data centres around the world (with a focus on space planning, power, cabling, cooling and capacity management), Bob currently leads a sales team responsible for Cisco’s Data Centre Architecture solutions in Northern Europe. We asked Bob about recent Data Centre trends and their implications for enterprise customers. Data Centres aren’t new, but how have they changed in recent years? What are some of the key trends in that regard? Well, in the first 30 years of their existence, from the 1960s to the ‘90s, there was very little evolution - they were simply cooled rooms with storage of mainframe computers. However, in the past 10 years Data Centres have advanced dramatically, especially in the areas of cooling (e.g. the use of free cooling), power efficiency, high-density computing, and of course the whole virtual technology revolution which in turn enabled cloud computing. Basically, Data Centres have become vastly more efficient and flexible in the way resources are managed and consumed. Today, the end user has control and we are moving towards self-service consumption models. Just think of the way consumer services like DropBox have totally reinvented the way that ordinary users can manage their data storage. Something parallel is happening in the enterprise market, in the requirements that companies have of their Data Centres. People are talking about “Data Centre transformation”? What does that mean? What will the next-generation Data Centre look like? A modern Data Centre is a complex system, so you cannot address components in isolation from each other. A holistic framework is needed to manage them. At Cisco we developed such a framework and use it to help customers simplify their Data Centre transformations. Our framework asks customers to consider 10 key domains such as infrastructure, virtualisation, applications, security and governance. In each domain there is an evolving body of best practices. For example, at an infrastructure level it is important that the cabling of the Data Centre has a highly modular and flexible design. You want to be able to cope with major changes in your server setup without having to redo the cabling of the entire Data Centre. You could say that the next-generation Data Centre is simply one that complies with best practice in all these areas: it is highly efficient, virtualised, flexible, secure and so on. Data traffic in Data Centres is obviously growing fast, the question is how fast? And what is driving it? Cisco has been monitoring Data Centre traffic for some time using the Cisco Global Cloud Index. Our latest forecast from October 2013 makes a number of interesting projections. We estimate that global data traffic will grow three-fold from 2012 to 2017, reaching 7.7 zetabytes per year. By then, over two-thirds of all Data Centre traffic will come from the cloud and nearly two out of three workloads will be processes in the cloud. Clearly we’re in the midst of a Big Data revolution, with data being generated at immense speed by a myriad of new sensors, devices, and applications. Also, the bulk of data being created today is unstructured data - just think of the explosion in social media and Rich Media Content. All of this data flows through Data Centres where it is stored and increasingly processed too. Indeed, the role of high-performance analytics is set to expand radically. Companies are looking to analyse all their data, much of it on the fly, to create information and support decision making. This means that the demands we place on Data Centres have changed fundamentally. In the past, large companies tended to have their own Data Centres, which they used for the storage, archiving and accessing of structured data. Today most companies have their data scattered in various cloud services. Interview with Bob Stemmerik , responsible for Cisco’s Data Centre Architecture The question now is how to connect these cloud services without incurring major security issues. Cloud computing as a trend is unstoppable but we do need to ensure that we deliver a trustworthy service. Our data must be available anywhere, anytime from any device - reliably so. Furthermore, it is imperative that we protect intellectual property and comply with regulation. What are some of the key cloud adoption trends in the enterprise market? The private cloud is at present the dominant model in the enterprise market and certainly the fastest growing segment of the market, whereas public cloud services have really taken off in the consumer market. In the enterprise market most companies remain hesitant about public cloud services and have policies in place that prevent their employees from using public cloud services for business purposes. However, with the view of the “world of many clouds” this will need to change rapidly and will drive business to a hybrid cloud model. The need to connect these services seamlessly, not recreating them, is what will drive optimum usage of multiple cloud services at the most effective cost. Also interesting is the strong trend toward outsourcing. In some countries, like Finland, the majority of large companies have taken steps to outsource their private cloud to cloud service providers. An obvious next step is to integrate public cloud services and create the hybrid cloud model but that remains difficult still from a security perspective. It is the number one obstacle to further cloud adoption and its scope is not to be underestimated. Too often people only think about the technical or physical aspects of security, but the business rules and policy aspects are equally if not more important. Given these concerns I think service providers have an excellent opportunity to start offering generic public cloud services from a secure multitenant environment that is compliant with all necessary regulation. To conclude, can you tell us a little about the BT-Cisco partnership? It is a long-standing and very comprehensive partnership. At Cisco we don’t simply regard BT as a reseller of our products. On the contrary, we’re playing a proactive role helping BT develop its cloud solutions. Practically, this entails reconfiguring their Data Centres so that they’re cloud-enabled, and working closely together to evolve in ways we best serve shared clients. “We estimate the global data traffic will grow three-fold from 2012 to 2017, reaching 7.7 zetabytes per year.” Bob Stemmerik , responsible for Cisco’s Data Centre Architecture 1312
  • 8. Tackling the barriers to cloud adoption & Europe’s digital economy If you want to know what Belgium’s ICT managers are talking about, ask Danielle Jacobs. As Director of BELTUG, Belgium’s largest association of ICT managers, with a special focus on networks and communications, Danielle is in a unique position to tell us about ICT and cloud-related trends in Belgium. Since 2011, Danielle is also Chair of INTUG (the International Telecommunications Users Group), which advises policy makers on all matters concerning international telecommunications and ICT solutions. In Europe, this is of crucial importance because the current regulatory environment is one of the key barriers to the development of Europe’s digital economy. How would you describe the state of cloud adoption in Belgium? At this stage it is still impossible to make generalisations about cloud adoption - there is too much variety in companies’ cloud strategies. Some companies are going all out for the cloud, others have no plans whatsoever and probably the bulk have some sort of hybrid strategy whereby they plan to move some non-sensitive applications to the cloud while keeping sensitive data under firm control. I can say, however, that there is widespread interest in the cloud. For example, in our latest member survey their cloud-related priorities came to the fore. Most companies are looking very seriously at the cloud but at this stage there is still a great deal of concern about security and regulatory compliance. Also, the market is changing so fast and there are a myriad of new players in the field. They bring interesting new solutions to the market but do we have enough information on these companies? What are their long-term corporate and financial stability? Are they trustworthy enough to set up a long term business relationship with them? Interview with Danielle Jacobs, Director of BELTUG “One of the most important barriers to cloud adoption, especially in Europe, is the fragmented regulatory environment.” 1514
  • 9. Nevertheless, some users complain that providers are particularly flexible when it comes to scaling up resources, but decidedly inflexible with regard to downscaling. When upscaling an on-demand model is applied in the true sense of the term, but downscaling has to be renegotiated via annual contracts. Probably one of the most important stumbling blocks for many companies is the different business model that the cloud entails. All parties involved, including the customer’s internal organisations, the vendors, the integrators and the service providers have to change their way of working. Managing that transition isn’t easy. The IT department especially is anxious about losing control. For example, if the marketing people bring in a SaaS tool, unbeknownst to IT, that leads to a sudden spike in traffic on the company’s website then the site’s performance could be seriously degraded. The problem isn’t the SaaS tool - it can have a lot of added value for the company - but if you don’t coordinate well then you can’t harness that value. On the contrary, you’ll create problems. Companies also have concerns about upgrades. For example, companies with purely premise-based infrastructure are accustomed to planning the timing of their upgrades internally. But as they begin to make use of cloud services, typically in a hybrid sense where they still do a fair amount of their own development, they realise they are being forced to make upgrades when their cloud provider does so. Your planning is to some extent controlled by external factors whereas in the past it was a purely internal decision. The change in pricing models is another key issue, creating headaches for a lot of IT departments. For example, a lot of public cloud services charge on the basis of users but the company may be used to CPU-based licensing schemes. All this means that customers are looking for trustworthy partners. They’re becoming far more dependent on their cloud service providers, and given the prominence of security and other concerns, establishing a business partnership on basis of trust is more important than ever. Looking back over the past few years, would you say that the discussion among ICT managers has changed in any fundamental sense? Or is it still a discussion about the pros and cons of what in essence is outsourcing? In the past a lot of the discussion did indeed focus on the merits of outsourcing versus maintaining one’s own premise-based infrastructure. Today the discussion is more about talent, about how to manage the transition from a department that was very focused on maintaining infrastructure to one that is focused on innovation, on building competitive advantage for the business. Nearly everybody understands that cloud computing is unavoidable. It is mainly a question of how to introduce and integrate this technology in the existing infrastructure and processes without causing major upsets and disruptions. Danielle Jacobs, Director of BELTUG In the light of all this uncertainty BELTUG developed a cloud service provider checklist to help our members ask the right questions when evaluating a provider. Clearly we were on the mark with this paper because each time we present it to members we attract a full house. Can you tell us about the paper? What are some of the highlights? A lot of the questions addressed deal, not surprisingly, with security and regulatory concerns. One of the most important points we make is that customers remain responsible for their data. Outsourcing an application and its data to a cloud service provider does not entail a transfer of the responsibilities associated with that data. Companies have to pay particular attention to privacy rules and regulations on where the data is stored and what to do in case of data loss or data breaches. So what can customers of cloud service providers do to ensure that they are managing those responsibilities properly? You can work on several fronts. For example, you will want to make sure that your cloud service provider has all the necessary certifications and that it allows auditing by customers and third party organisations if required. You will need to understand the details of your provider’s “no data loss” guarantee, if they have any. For example, some providers offer “no data loss” guarantees but without specifying a Recovery Time Objective. You will also need to know where your service provider’s datacenters are physically located. And if you make use of shared, multi-tenant services then it is important that you have done a thorough risk assessment. Understand where potential single points of failure are. And insist on greater isolation of resources for your more sensitive data. Security, privacy, regulation - these are the classic concerns that companies have about cloud services. Indeed, it always comes down to the same issues: data backup, regulation, combined SLAs, exit strategies and so on. The point is that ICT decision makers are looking for very practical help in addressing these barriers. Did you come across any more unexpected issues in your conversations with members? Yes we did. For example, members tell us that it can be difficult to make changes to contracts and that fully tailored solutions are hard to come by, which seems to fly in the face of the cloud’s supposed flexibility benefits. Looking at it from a provider’s perspective, however, it does make sense because the cloud is essentially about economies of scale and resource sharing, hence a degree of standardisation is only to be expected. “Outsourcing an application and its data to a cloud service provider does not entail a transfer of the responsibilities associated with that data.” In your role at BELTUG and INTUG you also spend a lot of time talking to policy makers. Can you tell us about some of your key objectives in that regard? One of the most important barriers to cloud adoption, especially in Europe, is the fragmented regulatory environment. Each member state in Europe has its own legislation governing data privacy and data retention, and much of it is out of date. For example, in Belgium our privacy laws date from a time when the cloud hardly existed. In a way, international companies are operating in a legal vacuum. Say you’re a Belgian company with data in Ireland and France, and you encounter a data breach, what will be the legal implications? That can be very complex to figure out. And much of the legislation is simply too vague. For example, if you have a data breach you have a notification duty. What does that mean? A full page ad in a major newspaper, or a press release buried on your corporate site? Then there is the crucial distinction in responsibilities between customers (the data controllers) and cloud service providers (the data processors). Basically our regulatory framework needs urgent updating to the new realities and it needs to be harmonised as far as possible, certainly across Europe but also beyond. With BELTUG and INTUG we have looked very closely at the development of the EU’s new General Data Protection Regulation which is set to replace the old Data Protection Directive. What matters now is that this regulation is ratified as quickly as possible; we hope by March before the EU parliament stops its activities. Otherwise a long delay is likely given the coming elections. That would be a pity. Companies are spending far too much on legal fees to cover themselves in this uncertain regulatory environment. And more importantly any delay will further hinder the development of Europe’s digital economy. Interview with Danielle Jacobs, Director of BELTUG 1716
  • 10. Building an integrated IT platform at an international metals & mining business It is no simple task transforming global IT infrastructure at Nyrstar, an international mining and metals business. How do you serve 6500+ users, many of whom work in harsh, remote areas? And how do you consolidate and simplify IT infrastructure that bears the legacy of rapid acquisition-driven growth? We spoke to Erwin von Dölling, Group Manager of IT Infrastructure, Operations and Planning for Nyrstar, about his challenges and priorities. Can you tell us a little about yourself and your career thus far? After my electrical engineering studies, I started my career as an Engineer in South Africa working in industry. One of my roles allowed me to work on multiple mining greenfield plant projects in Botswana giving me the experience needed to relocate to Switzerland where I took on a role as project manager for ICT projects, moving into a Technology consultant role and process & IT services Director in Europe and Asia for a multinational in the cement industry. In 2013, I joined Nyrstar to lead the infrastructure and operations team of the integrated Business Systems area. Switzerland has become my home, but I really value the international perspective that my roles entail. How is IT organised at Nyrstar? I’m responsible for IT infrastructure and operations worldwide, which covers our data centres, our network infrastructure, and the operations of all such services. I work in close partnership with the Group Manager for Business Applications and we both report to the CIO/Group Management Business Systems. Crucially, at Nyrstar information technology is simply one element of a broader Business Systems concept, which focuses on enabling the business through solutions that integrate processes, applications and infrastructure. What are the particular demands of the mining business on ICT and how does this translate into your main challenges today? Commodity prices fluctuate continuously so it is imperative that we are highly flexible in our cost structures and operations. Agility is extremely important both for operations and for our business vision. As a result, we require excellent visibility and control over our business systems. Our overarching goal is to move toward an integrated Business Systems operational model and this in a company that has grown dramatically over the past 8 years via acquisition. The rapid pace of expansion led to 15+ separate IT organisations joining us since Nyrstar was created in 2007; each with its own separate cost centre, charter of accounts and its own way of working. Such fragmentation obviously had inefficiencies and impaired visibility over our assets. Hence our goal has been to build a single, integrated model , whereby we could deliver IT services on the basis of service levels agreed internally with the business. We are two years into this transformation process, and we have made significant progress. All the planning is done and we are now operating on a single cost structure which has improved cost visibility tremendously. However, we still have work to do to achieve 100% visibility over all our infrastructure and applications at the various Nyrstar sites. Many of these projects take time. For example, we recently completed a global network migration with BT Global Services, replacing our earlier fragmented networks with a global wide area network based on the same configuration principles, with the same reference architecture and now in the future we will be able to better predict network impact of new projects, new applications and better optimise the use of it. Projects of that scale are pretty challenging. Interview with Erwin von Dölling, Group Manager of IT Infrastructure, Operations and Planning for Nyrstar “The focus on cost efficiency is important. We are an exceptionally lean IT organisation, operating at approximatively 0.8% of revenue. That is a tremendous achievement for the business compared to the industry norm of between 1.2 to 1.5 %.” 1918
  • 11. Are there specific opportunities in the business that can help you achieve your objectives? We are fortunate in being able to make this IT transformation at the same time as the overall Nyrstar business transformation, of becoming an integrated global business with 3 vertical segments, namely Mining, Metal Processing and Marketing, Sourcing & Sales, is underway. The Nyrstar overall company transformation has perfectly supported our vision of one global business systems organisation and the associated transformational activities allow us to deliver solutions and value by understanding and mapping the business processes, and automating them with applications where appropriate. The principle of unlocking untapped value is also pertinent here. As we gain visibility over our IT infrastructure we’re discovering a lot of opportunities for cost reduction or improving service. For example, as part of our enterprise agreement with Microsoft we are licensed to use Lync, but to date we were using another service for online meetings. Currently, we have now deployed Lync globally and will be retiring the other 3rd party additional cost service for desktop sharing by the end of Q1 2014. There also is an opportunity to improve the configuration of our videoconferencing infrastructure so that users can initiate sessions more easily and that all of the video conference environment can be maintained and managed globally by a centralised team. Until recently this has been problematic because devices have been configured differently depending on the location and were not accessible for remote management. We aim to be a global reference for how things should be configured optimally and managed as a common ecosystem by a global team responsible for a global service (irrespective of where the personnel are located). Looking ahead, there will be numerous opportunities to explore in order to better leverage our new improved BT network, including potentially using Voice over IP, exploring how we can better leverage our video conference setup, and further driving our centralised data centre strategy for the delivery of even more services currently hosted locally owing to network resilience concerns in the past. The focus on cost and efficiency is important. We are an exceptionally lean IT organisation, operating below 0.8% of revenue. That is a tremendous achievement for the business compared to the industry norm of between 1.2 to 1.5%, while not sacrificing the delivery of high quality IT services and value for the business. UC and collaboration – what technologies have you implemented so far and what you are planning in the future? Is this important to the way you do business? We certainly aim to improve our collaboration. The upgrade and planned further use of Microsoft SharePoint and Lync form part of that strategy. However, a lot of our sites are very remote with difficult mobile access, so collaboration with mobile access and enablement is very relevant for us, but the challenge is far greater than with users based in highly connected cities. This is an exciting and important opportunity where we hope BT can also help us and bring innovative and cost effective proposals of how we could do even more to better enable collaboration in our remote locations. Bring Your Own Device (BYOD) - any initiatives in that regard? BYOD is something we have enabled - people can connect to their corporate mail account using their own devices - but we are not actively promoting a BYOD strategy in the organisation. We conducted a poll among employees and discovered that support for BYOD was mixed at best. Many people prefer the company to supply a mobile device. Again, in some of our regions BYOD just doesn’t make sense. As a result, we enabled BYOD for those who want it but haven’t pushed it across the entire organisation. What is your perspective on social media? An opportunity, a threat? Social media is a communications channel that we employ; however, we are not as active as the average company. We recognize the risks associated with social media in addition to the value that it can add in promoting our brand and informing key stakeholders – internally and externally. Currently we are focused on extracting value out of our existing infrastructure. I don’t think social media is a threat if it is well understood, managed and the implications thereof understood. Of course if people start talking inappropriately about the company on Facebook and LinkedIn there could be a reputational issue. But such matters are covered by company policies and corporate communication is highly involved. Generally speaking we don’t see employees using social media to promote ideas externally; they’re more interested in promoting ideas internally, which we encourage. How would you describe the role of IT in your organisation? Is it recognised as a “business enabler”? And has your role changed in that regard? The name of our division, Business Systems, points to the fact that our company and CIO’s vision is to be a business enabler. Being responsible for any company’s IT today requires a business oriented leader and the need to deliver value and to help the business do better, not just use technology for the sake of technology and innovation. We’re in ongoing conversations with the business to see how we can improve efficiency and productivity. I would say that my role transitioned a long time ago from technical specialist to a business oriented leader. What is your view on cloud computing? I think there is a lot of hype around the cloud at present. Nonetheless, cloud computing has developed to a point where it can offer tremendous benefits, especially in terms of flexibility. It is great for avoiding capital expenditure and the price per unit is often much lower, with significantly improved service levels compared to those of a decade ago. We’re certainly looking forward to BT offering telephony as a cloud service. Coupled with mobile devices, some cloud services can be especially useful, for example, services that enable you to process travel expenses using the camera of your phone. The same principle applies to ‘goods received’ notes and such. Cloud services could add complexity in the sense of knowing what services you have where, but such challenges are manageable if tackled with discipline in planning and the maintenance of your environment’s configuration documentation. What about security? Security is often seen as a key obstacle to cloud adoption. Security is a fundamental issue for every company and should be managed as such. We have clear security policies that govern all our IT services. All new IT services undergo a thorough vetting process. We have a number of new services in production already and are now vetting each service in-flight from a security perspective to ensure that they comply with our security measures and our recently updated Information Security Framework. It is a huge exercise and therefore we are focusing on the business-critical processes first. Erwin von Dölling, Group Manager of IT Infrastructure, Operations and Planning for Nyrstar Our ERP system, risk management platform, email and mobile platforms are our current priorities. Security is a never-ending process, you constantly have to keep up to speed with new issues, but it won’t stop us from using cloud services where appropriate and aligned with our enterprise architecture. You mentioned the partnership with BT - how is that going? Nyrstar has signed a global contract with BT for our worldwide network. I would describe it as a very strong partnership. We’re very happy with the relationship and the commitment shown by BT over the past 6 months, especially the last mile of the entire migration where multiple sites had to be migrated in a very short space of time. The global network migration was a very challenging project given the fact that we work in remote locations and that we did it immediately after a global Data Centre migration. To get everything ready to do a site migration without business disruption in a single day requires excellent coordination. It went well in the end. We shared our fair share of challenges, inefficient processes, coordination shortcomings and project manager changes during the flight of the project, but this did not stop us from working together, finding solutions and driving the migration to completion before March 2014. And now, one year on in the commercial agreement with BT, the partnership is going strong and we are working with each other to improve end-to-end service management and service delivery. Once we’re comfortable that a robust, predictable network is in place we look forward to potentially deploying additional services such as VoIP and offnet dialling. We certainly don’t see any value in replacing our PBX infrastructure with capital expenditure and would be happy to consider hiring telephony as an operating expense and service, as long as it is the most beneficial business case and the least total cost of ownership for Nyrstar. What are your expectations from an ICT provider? I don’t expect them to be order takers. They shouldn’t wait for me to tell them what do. On the contrary, I expect them to understand my business and identify new technologies that can help move my business forward. I expect them to be true partners; partner with me in making sure the environment is understood, share ideas and opportunities to improve and work together to make them succeed. So with regard to BT as our primary network partner, I expect them to identify network-related opportunities and be proactive in bringing solutions. And obviously I expect them to deliver on what they promise, on time, and within budget. They should focus on value, of course, but certainly must not ignore costs, because we’re in a business where costs do matter. Interview with Erwin von Dölling, Group Manager of IT Infrastructure, Operations and Planning for Nyrstar 2120
  • 12. Mobilising the city for innovation and growth: the case of Rotterdam The city of Rotterdam has recently merged its three economic development and city marketing agencies into a new, bolstered entity called Rotterdam Partners. We spoke to its newly appointed Director, Fred van Beuningen, about Rotterdam’s economic development strategies and the role of technology therein. Can you tell us a little about Rotterdam Partners? Rotterdam Partners was officially started on the 1st of January 2014, merging Rotterdam Investment Agency, Rotterdam Marketing and the Economic Development Board of Rotterdam. Today, from a single organisation, we offer a broad suite of services focused on tourism, inbound investment, and bringing together the city’s key stakeholders around economic development issues. What are your objectives? In brief, we want to make a positive contribution to the balanced growth of Rotterdam’s economy. That entails working together with all our stakeholders in the city, specifically in the tourism sector, business and industry, the city’s knowledge institutes, and obviously the city’s government. We will launch a range of new initiatives but in each case we will choose partners who can best help us achieve our common objectives. One overriding goal is to more actively involve businesses and institutes in the city’s marketing and development. Essentially, we are the link connecting the city’s businesses, institutes and government. This must be an interesting new career challenge for you, coming from industry? Indeed. But my roots in Rotterdam are strong. I was born and bred in the city and following my studies at Erasmus University, I spent the bulk of my career working in manufacturing and maritime- related industries, at companies such as Shell, Hoek Loos, Ahlers and the Eitzen Group. In recent years I have been very focused on clean tech and sustainability. I spent five years working on Akzo Nobel’s sustainability strategy, launched a clean-tech investment fund and am a member of the Bio-Renewables Business Platform. I think it’s a very exciting opportunity and I’m really looking forward to doing our best for this dynamic city. Interview with Fred van Beuningen, Director Rotterdam Partners What are some of the unique challenges to city marketing and city management? There obviously is a lot in common with business management; for example, we have a marketing department and can approach our target markets such as residents, students, entrepreneurs and knowledge institutes with reasonably classic marketing approaches. Rotterdam was recently highlighted as a Must-See city by both the New York Times and the Rough Guides. With good PR you can make an impact. The biggest difference is that we can’t directly ‘control the product’, as you would in a cookie factory. Obviously we can offer advice and guidance to the many stakeholders that constitute the city, our product as it were, but ultimately success depends on good cooperation and partnership. We all have to work together to achieve our common goals - being innovative at a city level demands partnerships. Like a business, a city needs to keep its ‘customers’ happy, but you can’t achieve that alone. That’s why we are focusing so heavily on the bringing together of partners. Another key difference compared to managing in a business context is that your strategy is set by city government, which in turn is established by democratic means. That means that strategy can change as government changes. As an organisation we can obviously advise on strategy but we don’t make the decisions ourselves. Our role is focused mainly on execution. How do you see the role of technology in your work? Or more broadly, in enabling the city’s economic goals? As it relates to our own operation, one of our core tasks is city marketing, which means social media and digital marketing have become increasingly relevant. At a city level, however, the role of technology is absolutely pivotal. Rotterdam is an international city with important economic clusters such as the Port of Rotterdam, commercial services especially in the maritime area, creative industries, clean-tech and the medical and healthcare-related sectors. All of these activities are inherently reliant on ICT. Fred van Beuningen, Director Rotterdam Partners So it is imperative that the city’s ICT infrastructure is absolutely world-class, which is why we’re so pleased that a leading communications and IT company like BT decided to build a new datacenter in our city. It certainly helps us in our task to attract more companies and sectors to Rotterdam. Joris van Oers, CEO BT Benelux adds to this: “We see a major surge in demand for secure, resilient and cost effective managed services. Business processes become ever more connected; today ubiquitous real-time access to data and applications is a standard requirement. Our new data center in Rotterdam will expand our capacity in the Benelux with 50%. And we will need it. Rotterdam is ideally located and will be a key hub in our global network to disclose our cloud services to our Benelux and European customers.” There is often opportunity to link technology and entrepreneurship for economic development - what is Rotterdam doing in that regard? As a city we are trying to build on our existing strengths. Erasmus Medical Centre is a major academic hospital and is the second largest employer in the city. It has a world-class reputation for its research so there is opportunity to build on the knowledge and technology being developed there via a tech transfer infrastructure. Rotterdam is also known for its port and industrial complex, which translates into a major opportunity to develop and deploy clean technologies here. Initiatives like Clean Tech Delta and a start up campus were established to stimulate innovation in this sphere. Internet-based innovation is another key area. Rotterdam Internet Valley, for example, is an initiative to support internet entrepreneurs with their projects. Supporting innovation generally is something I’m very interested in. Ultimately it is about building an environment that is conducive to entrepreneurship and innovation; so we have to look at the bigger picture too, and see to it that all such initiatives hang together well. In light of your interest in sustainability, what does a sustainable city mean to you? Is a smart city a sustainable city? Well, yes, but I define ‘smart’ in a broader sense than seems typical today. When I was involved in the EU’s Smart Cities project, part of Horizon2020, I noticed that the conversation was dominated almost entirely by the ICT industry. Smart is taken to mean connected or digital. I welcome a broader perspective to include elements such as physical infrastructure and buildings, social cohesion, the environment and the knowledge infrastructure. A smart city is one where all these elements are in balance and aligned behind ambitious sustainability goals. “It is imperative that the city’s ICT infrastructure is absolutely world-class, which is why we’re so pleased that a leading communications and IT company like BT decided to build a new datacenter in our city.” 2322
  • 13. Also, take a look at our blog: http://letstalk.globalservices.bt.com Follow us on LinkedIn: http://www.bt.com/be/linkedin BT Netherlands Offices Minerva Herikerbergweg 2 1101 CM Amsterdam Zuid-Oost The Netherlands Phone: +31 (0)88 212 8000 www.bt.nl bt.benelux.marketing@bt.com BT Belgium Telecomlaan 9 1831 Diegem Belgium Phone: +32 (0)2 700 22 11 www.bt.be bt.benelux.marketing@bt.com BT Luxembourg Rue Eugene Ruppert 12 L-2453 Luxembourg Phone: +352 (0)40 56 37 1 www.globalservices.bt.com bt.benelux.marketing@bt.com Offices worldwide The telecommunications services described in this publication are subject to availability and may be modified from time to time. Services and equipment are provided subject to British Telecommunications plc’s respective standard conditions of contract. Nothing in this publication forms any part of any contract. © British Telecommunications plc 2014 Registered office: 81 Newgate Street, London EC1A 7AJ Registered in England No: 1800000 bt.com/globalservices