Insight into IT Strategic Challenges

  • 3,102 views
Uploaded on

Top 10 and Insight into IT Strategic challenges Presented at the IT Strategy Forum organized by IIRME in Dubai, UAE, presented by Jorge Sebastiao for eSgulf …

Top 10 and Insight into IT Strategic challenges Presented at the IT Strategy Forum organized by IIRME in Dubai, UAE, presented by Jorge Sebastiao for eSgulf

More in: Business , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
3,102
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
0
Comments
0
Likes
14

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Introduction of presentation, speaker, and thank you. Introduction into an updated strategy for eSecurity effective for today’s technologies, and eGovernment environments.

Transcript

  • 1. Insight into today's IT Strategic Challenges Jorge Sebastião Founder and CEO [email_address] www.esgulf.com
  • 2. The Net is very different Internet Instantaneous Any- to-any Standards- based Always- on Mobility In person Phone Mail Private networks
  • 3.  
  • 4. How Do We Manage Enterprise Complexity? ERP Solutions Mainframe Client/Server Heterogeneous distributed databases Mission Critical Availability The Internet heightens availability requirements Inter-dependencies of applications with business
  • 5. Products Are Not Enough People Technology Process
  • 6. Management Requirements
  • 7. 10 Challenges
    • End User Awareness
    • Unavailability Technical skills
    • Leveraging New Generation Networks
    • New devices Mobile Computing
    • Security and Privacy
    • Evolving Risks
    • Compliance and Regulation
    • New Technologies Biometrics
    • Smart Cards and eGov Challenges
    • Infrastructure Management
  • 8.
      • “… disasters are not technical, they’re people and culture related…
      • “ The soft stuff is the hard stuff.”
            • Bryan Fiman
            • Principle and Co-Founder,
            • Implementation Management Associates
    User Awareness and Adoption?
  • 9. Support Requirements
    • “ … . uneducated users require 3 to 6 times more support than educated users over the life of a new technology and process.”
    Research Note
  • 10. Unavailability Technical skills
    • Rapid rate of change of technologies
    • Shortage of skilled staff
    • Key to recognize the risk areas
    • Take appropriate preventive actions:
      • obtaining training
      • hiring consultants
      • right people
    • These factors might apply to your team:
      • inadequate training
      • poor understanding of methods, tools, & techniques
      • inadequate application domain experience
      • new technologies or methods
      • ineffective, poorly documented, or neglected processes
  • 11. Professional Development
    • Balanced approach
      • Education
      • Training
      • Experience
      • Certification
      • Networking
      • Interpersonal / Soft Skills
  • 12. Professional Development
    • Professional Goals
      • S pecific
      • M easurable
      • A chievable
      • R elevant
      • T ime-bounded
    • Adapted over time
  • 13. Telephone Services Data Services (WWW, e-mail, etc) Video Services (TV, movie, etc) Telephone Services Network Video Services Network Data Services Network Policy Area 1 Policy Area 2 Policy Area 3 Legacy: Vertically-Integrated Networks pre-NGN Network Challenges - Legacy Networks
  • 14. Network Challenges– NGN challenges Source TIPHON Control Area lP/MPLS Core Network Transport Area Service/ Application Area PSTN Internet Soft Switch
    • IP Service and
    • Application Control
    • QoS
    • Authentication
    • Security
    • Multicast
    • Multimedia Call Control
    • VoIP and Video
    • IP endpoint control (H.323/SIP)
    • Media Gateway control (H.248)
    Messaging Application Media Gateways Application Hosting
    • Programmability
    • 3rd party applications
    • Web access
    • Open APl's
    Web based Service selection Application Mediation Layer Enterprise ASP 3rd party Application Policy Server Aggregation Network Metro Optical RAS DSL Cable Frame/ATM Wireless Service Switch
    • Manage QoS
    • Security
    • Interoperability
    • Openness
    • Programmability
    • Interworking
  • 15. Network Challenges– Business Drivers Service Control Layer lP/MPLS Core Network Layer Application Layer PSTN Internet Soft Switch
    • IP Service and
    • Application Control
    • QoS
    • Authentication
    • Security
    • Multicast
    • Multimedia Call Control
    • VoIP and Video
    • IP endpoint control (H.323/SIP)
    • Media Gateway control (H.248)
    Messaging Application Media Gateways Application Hosting
    • Programmability
    • 3rd party applications
    • Web access
    • Open APl's
    Web based Service selection Application Mediation Layer Enterprise ASP 3rd party Application Policy Server LDAP based Aggregation Network Metro Optical RAS DSL Cable Frame/ATM Wireless IP Service Switch IP Video Internet Offload IP Voice IP VPN IP Transport Multimedia Conferencing Unified Messaging Virtual Office Tele Education E-Business Margin
  • 16. Users Want Mobility? Home working 89% of top 100 US companies offer telecommuting 2 60%+ Britons & Germans equipped to work remotely 1 Mobility How many of us using Mobile Today ≥ 66% workers will use mobile & wireless computing 1 Branch Offices 60 % of employees work at Branches Virtual 58% companies consider theirs to be a virtual workplace today 1 interpretation of analyst data 2 ComputerWorld survey
  • 17. New Corporate Boundaries
    • Platforms
      • Data Center
      • Laptops
      • PDA
      • Mobiles
    • Distributed Access
      • Dialup, ADSL, VPN
      • VSAT
      • Wifi, WiMax
      • GPRS/3G
    • Communication Centric Applications
      • Web
      • Email
      • IPM
      • VoIP
    • Multiple Networks
      • Intranet
      • Extranet
      • Internet
    • Users
      • Employees
      • Partners
      • Suppliers
      • Customers
      • Consumers/Prospects
    • Location
      • Office
      • Internet Café/Restaurants
      • Airport
      • Hotels
      • Home
  • 18. Mobility and Access Management Control Loosely-coupled, Dynamic exterior Tightly-coupled, Persistent interior Intranet Extranets Customers Partners/Suppliers Employees Consumers Internet
  • 19. Mobility Devices
    • Laptops
    • Mobiles
    • Bluetooth
    • PDA
    • Smart Card
  • 20. What Is Privacy & Why Does It Matter?
    • Privacy is a malleable concept
    • Physical security and liberty as one version
    • Information privacy is another
    • Information privacy is the issue here
    • Privacy is a human right that preserves individual autonomy
    • That autonomy is necessary for a free and democratic society
    • It is a community interest
  • 21. Does New Technology Threaten Our Privacy?
    • US $200 and 24 hours will get you anything you want to know about someone (ex-partners, detailed asset lists, convictions, video rental preferences, etc.)
    • CVS Pharmacy, Doubleclick, Amazon
    • HRDC’s detailed, lifelong files on all of us - lacking real controls on use or disclosure
  • 22. Technology - Opportunities and Challenges
    • Some opportunities:
    • Easy access to central data-bases
    • Use of virtual records ( e.g. , health records)
    • Digital transaction security
    • Improved resource allocation and needs predictions
    • Some challenges:
    • Improper personal data access
    • Security breaches
    • Improper data-linkage, sharing and mining
  • 23. Mitigating Privacy Risks By Legislation
    • Establishing principles for all cases
    • Designing privacy into systems and programs
    • Building privacy into systems and programs
    • Dealing with boundary cases - the gray areas lawyers love
    • Public and private sector rules are needed
    • Public sector (provincial and federal legislation)
    • Private sector
  • 24. Mitigating Risks Using Technology
    • Privacy enhancing technologies (PETs)
    • Smart cards, toggles, digital certificates
    • Technology enhances privacy - it does not define it
    • Always ask: Who can override the security?
    • Remembering that design is key
    • What data, to whom, when and for what purposes?
    • What happens to it after that?
    • Data destruction
  • 25. Evolving Risks – Banking Ex
  • 26. Phishing new threat
  • 27. First Phishing – Now Ransomware
    • Phishing
    • Pharming
    • Ransomware- So far theses attacks are quite rare but it brings a new dimension to the usage of the internet and a new generation of attacks.
  • 28. IT and Corporate Governance Business BSC IT BSC CoBiT ITIL ( & BS15000) ISO27001/BS7799 IT Governance & ITSM
  • 29. Multitude of Governance
    • SOX
    • AML
    • ISO27001
    • ISO90000
    • ISO20000 (BS15000)
    • CoBIT
    • PAS56
    • Basel 2
    • HIPAA
    • EMV
    • ...
  • 30. Biometrics and IT Systems
    • The automated use behavioral and physiological characteristics to determine or verify an identity.
    PIN Rapid! Know Have Be
  • 31. Biometric Process-1 Enrollment stage Identification stage Biometric Present Sensor Signal Process Reject Accept Sensor Biometric Present Storage Decision Signal Process
  • 32. Biometrics and Statistics
    • FAR – Type I
    • FRR – Type II
    • FAR vs FRR protection vs ease of use
    • ERR=“FAR=FRR”
  • 33. Biometrics-enabled Authentication Applications
    • Cell phones, Laptops, Work Stations, PDA & Handheld device set.
    • 2. Door, Car, Garage Access
    • 3. ATM Access, Smart card
    • Forensic : Criminal Tracking
      • Fingerprints
      • DNA Matching
    • Car park Surveillance
    • Frequent Customers Tracking
  • 34. Biometrics-Problems
  • 35. Smartcards-The Wallet Computer
  • 36. SmartCards Influencing Implementation Multipurpose Secure Personal ID System
    • Policy
    • Government
    • Corporate
    • Processes
    • Issuance
    • Enrollment
    • Apps Update
    • Identity Verification
    • Technology
    • Architecture
    • Features
    • Standards
    User Privacy Acceptance Social
  • 37. SmartCards Impediments to use
    • infrastructure requirements?
    • Integration?
    • Common standards?
  • 38. SmartCard Issues-1 What information? Where it is stored? Who is entitled to access it? How it is protected from un-authorized access? Privacy Authority: oversees, administers, enforces ID program. Governance Card is either alternative or mandatory ID. Voluntary vs. Mandatory ID Requirements Policy
  • 39. Issues-2 Amount and type of information applied for risk profiling? Profiling Allowable means proving identity prior to ID issuance Mechanisms for Issuance Which standards? Interoperability? Standards Degree of authentication? Level of risk mgmt required? P ublic acceptance of the process? Level of Authentication Requirements Policy
  • 40. Infrastructure Management Challenges Reduce Complexity Bandwidth Utilization Network Resource Accountability Guaranteed Network Performance Security
  • 41. Infrastructure Mgmt Fragmented IT Desktop Help Desk LAN Admin DBA Operations Mainframe Security Network Management Chaos Business User Non IT Devices Applications Databases Systems Networks
  • 42. Fragmented Service Delivery Desktop Help Desk LAN Admin DBA Operations Mainframe Security Network Management 97% 97% 97% 97% 97% 97% 97% 97% Business User Non IT Devices Applications Databases Systems Networks 76% Availability
  • 43. Government Education Dept 0 1 2 3 4 5 Service Level Management Availability Management IT Service Continuity Financial Management Capacity Management Service Desk Incident Management Problem Management Config. Management Change Management Release Management Efficiency & effectiveness Process Maturity
  • 44. Project Failure Rates
    • Application Development Projects (The Standish Group)
    Challenged Succeeded Failed 28% 46% 26%
  • 45.
    • Mitigate Risk
    • Reduce Cost
    • Improve Productivity
    • Ensure Regulatory Compliance
    • Connect Geographically Dispersed Data Centers
    • Improve Systems and Data Availability and Recovery
    • Consolidate Data Centers and Storage / Server Resources
    • Reduce Capital and Operating Expense
    • Maintain / Increase Availability
    • Ensure Service Delivery
    • Reduce Capital and Operating Expense
    • Increase Productivity
    • Connect Geographically Dispersed Data Centers
    • Converge Networks
    • Enable New Applications Through Increased Bandwidth & Performance
    • Reduce Capital and Operating Expense
    Priorities By Function
    • Improve BC/DR Processes
    • Distribute and Protect Data
    • Reduce Infrastructure Spending
    • Improve IT ROI
    CIO Data Center Networking Operations VP Infrastructure
  • 46. People Business Processes Technology Delivering ROI Competitive Advantage
  • 47. Service Improvement A process led approach Maintaining the momentum Where do we want to be? Vision and Business objectives Where are we now? Assessments How do we get where we want? Process Change How do we know we have arrived? Metrics
  • 48. Maturity
  • 49. Process Maturity Framework The Five Levels of Service Management Process Maturity Ref: based on Norton / Nolan & CMM In terms of: - vision & strategy - steering - processes - people - technology - culture 1 Initial 2 Repeatable 3 Defined 4 Managed 5 Optimised
  • 50. Implementation Process Education Standards & Best Practices Support
  • 51. Solution Building Blocks INTEGRATED ICT SOLUTIONS VOICE FRAME/ATM MPLS BANDWIDTH INTERNET MANAGED WAN MANAGED LAN MANAGED VoIP MANAGED SECURITY MANAGED MOBILITY BUSINESS SERVICES VALUE ADDED SERVICES NETWORK SERVICES NETWORK PRODUCTS NETWORK & ACCESS INTEGRATED SOLUTIONS IT SERVICES & APPLICATIONS WIRELESS SATELLITE xDSL ETHERNET LEASED LINE HOSTING & STORAGE OUTSOURCED CALL CENTRE MESSAGING HOSTED MMVoIP MULTI-MEDIA CALL CENTRE VoIP PORTALS/ INTRANET CRM APPLICATIONS MANAGED DESKTOP SECURITY NETWORK. OUTSOURCING BUSINESS OUTSOURCING ENTERPRISE SECURITY SYSTEMS INTEGRATION TECHNOLOGY CONSULTING
  • 52. Implementation Challenges Theory… Practice:…
  • 53. Questions?