IT Next March 2010 Issue


Published on

IT Next Magazine is published by 9.9 Media and is basically targeted to the senior IT professional community.

Published in: Technology
1 Comment
  • SUNDE’s Zero Client is arguably the 'zero-est' zero client of all. It has no onboard processing, operating system, or intelligence whatsoever, but is simply an 'I/O redirector' that works via TCP/IP. The SUNDE device is inherently much simpler than a thin client, and because there is no firmware to be updated or 'hard associations' to be created between the zero client and the virtual machine that comprises a user's virtual desktop, it makes discovery and provisioning for VDI a much easier process.
    SUNDE is working with you to bring new ideas to life in IT Market. Get in touch with SUNDE by contacting by email at or by phone at 0086-20-3229381. For more information, please visit
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

IT Next March 2010 Issue

  1. 1. MARCH 2010 / Rs. 150 VoluMe 01 / Issue 03 WE JUST LOST OUR EDIT TEAM! A 9.9 Media Publication
  2. 2. MARCH 2010 / Rs. 150 VoluMe 01 / Issue 03 SO WHY ARE WE HAvIng SO MUcH FUn? A 9.9 Media Publication
  3. 3. Because We got you! The IT Next team was overwhelmed —and overjoyed—by the deluge of interesting stuff you sent in. Our thanks to everyone who made this special edition happen.
  4. 4. 40 IT practical 10 influencers 10 IT decision managers on on Best makers Tech Trends Practices as Editors
  5. 5. 15,000+ 300+ passionate & the subscribers members Journey on LinkedIn has just begun...
  6. 6. 4 Edu TEch December 2009
  7. 7. Editorial The power of collective It was in 2001 that Jimmy Wales and Larry Sanger decided to harness the power of the collective and launched an “This issue is based online encyclopaedia called Wikipedia. on the Wiki model— The collaborative model would let any netizen contribute and edit articles put up on the Web. ideated, shaped, The whole idea seemed preposterous at the start. Why would people driven and created by attempt writing pieces on wide ranging topics, and even if they did, how the community of IT would the write-ups match up to the standards of encyclopaedias like Britannica and Coliers? (Britannica has around 100 full-time editors on managers” its rolls and over 4,000 expert contributors, with a history that dates back S h u b h e n d u Pa r T h to the 18th century.) Today, Wikipedia is one of the leading reference sites, with over three million pages and over 11 million registered users. So far, there have been over 372 million page edits done by users themselves. Available in 262 languages, 24 of these editions have more than 100,000 articles and 81 have over 1,000 articles. If anyone ever doubted the power of collective, Wikipedia has put them to rest. As for the quality of content, according to a survey done by Nature there were 162 mistakes in Wikipedia versus 123 in Britannica on 42 randomly selected general science articles. This, by all means, is comparable. This issue of IT Next is based on the same Wiki model—ideated, shaped, driven and created by the community of IT managers. Here are some stats: around 40 IT managers shaped the Tech Trend pieces, 10 managers wrote the Best Practices, and there was an edit panel Blogs To Watch! of 10 senior IT experts who helped select and shape the content. The end Knowledge sharing communities result has been astounding. Martin McKea’s blog I am genuinely surprised and humbled by the response that we received after we invited you to create this special issue. And I believe, you too will Your views and opinion matter appreciate and savour this Wikified issue. to us. Send your feedback This experiment has worked, just like the Wikipedia experiment did at on stories and the magazine at shubhendu.parth@9dot9. the beginning of the decade, where the reader of the content is also its creator. in or SMS us at 567678 (type Let me know what you will like to create next! ITNEXT<space>your feedback) m a r c h 2 0 1 0 | it next 1
  8. 8. Content Facebook: http://www.facebook. com/home.php#/group. php?gid=195675030582 Twitter: http://t linked in groups?gid=2261770&trk=myg_ For the l atest technology uPDates go to march 2010 V o l u m e 0 1 | I s s u e 0 3 ugrp_ovr SOCIAL BI & BA MEDIA XaaS Page Page Page 16 48 44 SECURITY Page 12 P E O P L E W H O DATA CENTRE TRANSFORMATION Page 20 VIRTUALISATION Page 24 M A D E I T H A P P E N UNIFIED GREEN PRIVATE ENTERPRISE COMMUNICATIONS IT CLOUD MOBILITY Page Page Page Page Page 28 32 36 40 10 IT NEXT | M A R C H 2 0 1 0 10 M A R C H 2 0 1 0 | IT NEXT 11 insights 15-Minute regulars Manager Editorial _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 01 10 Technology Trends 53 Dare to lead? | In these Inbox _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 04 From the myriad and complex technology landscape, here is a days of cut-throat competi- Industry update _ _ _ _ _ _ _ _ _ _ 06 selection of ten technologies that are not only seeing traction tion, it is tough to become a Open debate _ _ _ _ _ _ _ _ _ _ _ _ _75 in the enterprise space, but will also possibly dominate in the leader. Here is a primer for the My log _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _76 years to come. These technologies have been assiduously cho- aspirants sen by a select panel and subsequently evaluated by a panel of c ov er des ign: anil T and Bi nesh sre edharan 40 IT managers, who have also crafted and shaped the content 54 Office Yoga | Meditate for advertiser index for the same. success iBM reverse gate fold eMC iFC 59 Best Practices 55 team Management | The Wipro 13-50 None knows the pain of a shoe better than who wears it. Similarly, traditional ways of leadership the challenges, the consequences, the headaches, the pitfalls of will not work with techies who Consumer Mate 52 different technologies can only be known by the IT manager who are talented, hands-on and re- industry 2.0 58 has been involved in either seting it up or managing it. Insights and spect doers, not preachers sigma Byte 60-71 experiences of 10 IT managers on different technologies—articles Quest iBC that not only provide tips on troubleshooting, but also on how to 56 Manage it | 5 simple steps to Wipro BC avoid implementation challenges. going open 2 it next | m a r c h 2 0 1 0
  9. 9. eDitOrial aDVisOrY BOarD ManageMent IT experts who helped us shape the March 2010 issue of IT Next Managing Director: dr Pramath raj sinha Printer & Publisher: vikas gupta eDitOrial group editor: r giridhar editor: shubhendu Parth Consulting editor: Pravin Prashant 1 2 associate editor: shashwat dc sr Correspondent: Jatinder singh Design sr Creative Director: Jayan K narayanan art Director: Binesh sreedharan associate art Director: anil vK Manager Design: chander shekhar 3 4 sr Visualisers: anoop Pc, santosh Kushwaha sr Designers: Prasanth Tr & anil T Chief Photographer: subhojit Paul sales & Marketing VP sales & Marketing: naveen chand singh (09971794688) Brand Manager: siddhant raizada (09990388390) 5 6 national Manager-events & special Projects: Mahantesh godi (09880436623) national Manager Online: nitin Walia (09811772466) gM south: vinodh Kaliappan(09740714817) gM north: Pranav saran(09312685289) gM West: sachin n Mhashilkar(09920348755) 7 8 assistant Brand Manager: arpita ganguli PrODuCtiOn & lOgistiCs sr. gM Operations: shivshankar M hiremath Production executive: vilas Mhatre logistics: MP singh, Mohamed ansari, shashi shekhar singh 9 10 OffiCe aDDress nine Dot nine Mediaworx Pvt ltd K-40, Connaught Place, Outer Circle, New Delhi–110 001, India Printed and published by Vikas gupta for Nine Dot Nine Mediaworx Pvt Ltd Dr Neena Pahuja Karandeep Singh CIO, Head IT – Infrastructure, K-40, Connaught Place, Outer Circle, Max Healthcare Group Fullerton Securities & Wealth New Delhi–110 001, India Advisors editor: vikas gupta S K Goel Shailesh Joshi Vice President, Om Logistics CIO, Godrej Properties K-40, Connaught Place, Outer Circle, Shiva Shankar Suresh Shanmugham New Delhi–110 001, India VP & Head—IT Infrastructure, Head–Business Information Security & Engineering, Technology Solutions, Printed at: nutech Photolithographers Please Reliance Communications MMFSL recycle B-240, Okhla Phase–I, This Dinesh Chandna Basant Chaturvedi Magazine New Delhi–110 020, India and CTO, Aksh Optifibre Head—IT, Perfetti Van Melle India reMove inserTs Pertisth Mankotia Hilal Khan BeFore © a ll righ Ts reserved: reProducTion in W hole or in ParT WiThou T WriTTen PerMission F roM nine doT nine recycling Head—IT, Sheela Foam Head—IT, Honda Motor India MediaWorx Pv T lT d is ProhiBiTed. m a r c h 2 0 1 0 | it next 3
  10. 10. INBoX SPINE COVER STORY | TECH TRENDS TECH TRENDS | COVER STORY It is comprehensive and has IT NEXT FEBRUARY / RS. 150 VOLUME 01 / ISSUE 02 27 30 52 THE BIG Q covered most of the IT challenges SECURITY: Is your GREEN IT: Can you STRATEGY: How do enterprise ready for cut the power cost you define IT project How to ensure adequate mobile devices? in the data centre? requirements? bandwidth? Page 55 The robust performance of the Indian of IT managers evaluate and rank them on and pain points. Keep up the good economy over the past few months has rein- four dimensions:. forced the belief that downturn, at least in 1. Leverage of existing IT assets: With India, is well and truly behind us. IT bud- increased organisational emphasis on cost TEN HOT TECHNOLOGIES gets that were hurriedly slashed a few quar- control, the ability to reuse and leverage exist- ters ago are being slowly reinstated. Shelved ing technology and infrastructure is a huge project plans are being revived, and IT man- agers are once again being tasked to iden- tify and evaluate technologies that can help plus since it not only helps optimise capital expenditure but also reduces the difficulty of transitioning to a new paradigm. YOU work! VOTED! their organisations capture and monetise 2. Maturity of technology: Technology new opportunities, and improve operational maturity often has a direct correlation to ease efficiencies. of installation, deployment and management. IT MANAGERS IDENTIFY rahUL mEhEr TEN HOT The beginning of a new year is also the IT managers responsible for ensuring appli- TECHNOLOGIES 10 time when industry experts and vendors cation and infrastructure reliability tend to VOLUME 01 | ISSUE 02 A 9.9 Media Publication managing Director | LEON computers INDIA’S IT MANAGERS REVIEW, ANALYSE ITNext Cover with Spine.indd 1 2/10/2010 7:06:27 PM february 2010 AND REFLECT ON THE LATEST TECHNOLOGY TECHNOLOGIES TRENDS—AND VOTE ON THE ONES THAT Congratulations! The maga- THAT WILL MAKE THE CUT THIS YEAR. BY DEEPAK KUMAR IT NEXT ThaNKS zine has a lot of interesting arti- MATTER I L LU ST R AT I O N : A N I L T identify the latest technology trends and make predictions for value technology maturity over novelty. ITS ReadeRS for The warm cles and good coverage. the year. This is also the time when IT managers responsible for creating, 3. Potential benefits and utility: Evaluating a trend or technology on this param- respoNse SUrENDra rEDDY maintaining and operating corporate eter helps organisations sift hype from reality. infrastructure and services recommend Issues like return-on-investment and time-to- and select the technologies and solutions market are important considerations here. for their organisations. A big challenge for 4. Cost of implementation: Superior or IT managers making these decisions is to new technologies often come at a significant Founder | Bluekaw, cloud Open Innova- cut through the hype and hyperbole—and cost, or can become expensive to deploy. A dis- tion Labs identify the ideas that will matter. crete assessment (of the technology) on cost The IT Next team identified a range of considerations ensures its relevance. groups?gid= technologies that have the potential to make We now present the Top 10 Technologies a mark in 2010—and asked the community that will matter this year. 2261770&trk= myg_ugrp_ovr 12 IT NEXT | F E B R U A R Y 2 0 1 0 F E B R U A R Y 2 0 1 0 | IT NEXT 13 Congratulations on the 300 members IT NEXT VaLUES YOUr FEEDBacK launch of IT Next magazine. I We want to know what you think about the magazine, and how we can make it liked going through it and would a better read. Your comments will go a long way in making IT NEXT the pre- doc/27254589/ say that you have picked a very IT-Next-Vol-1- ferred publication for the community. Send your comments, compliments, Issue-2- good target audience, which is complaints or questions about the magazine to february-2010 the IT manager and CIO frater- 518 views nity. The choice of articles is very apt—cloud, enterprise mobility, virtualisation, etc. I also liked the I must say that you guys have done a fantastic job. Read ThIs layout of the magazine, which is Issue oNlINe Sections like Insight, Indulge, and Cube Chat appealed me easy to read and catches attention. However, on the mobility the most. I suggest you also do some stories on management http://www.itnext. in/resources/ front, I think one of the top issues that IT managers are facing. Best wishes! magazine enterprise mobile applications raNJaN JUNEJa today is the one for mobile sales Engineering manager | Persistent Systems force, which probably got missed out in the article “Top 5 Mobile Applications”. Is India CaaS ready? I am impressed by both the content and the Besides, since the magazine is design of the magazine. The story on communication as a service meant for IT managers, and one (CaaS) is noteworthy. However, I doubt if Indian enterprises are ready of the rightly identified areas is to adopt it in a big way. If I have got it right, CaaS translates into renting how they can progress in career, or leasing out of software / communication / IT services. In a layman’s it may be a good idea to provide terminology, I will probably not be required to maintain a server, or some IT manager and CIO- a dedicated bandwidth. Can one (ITNext) talk about the security chal- related job sections. lenges that will arise in such a scenario, and are we ready to deal with Also, information on those? To draw an example scenario, Chunghwa Telecom is all set to movement of CIOs across the launch a cloud-based CaaS for enterprise users in April 2010 as a first industry and IT spending across step to tapping the Taiwan cloud computing market. industry verticals, will add to the LaVaNYa KUmar overall impact. Editorial assistant | The Economist Group VaDIraJ araLaPPaNaVar head-mobile applications | mindTree Well done ITNext. The magazine looks awesome in terms of the con- tent and its relevance, but it was the visual appeal that struck me first... I enjoyed reading the inaugu- your design team has done a fantastic job. ral issue of IT Next. It has a good maNISh JaIN interview and some very infor- head communication | Dell Perot mative articles. itnext<space> <your feedback> aBhIJIT SINha IT Next is the best KISS—knowledge and information sharing suite! and send it to advisor--communications | TErI raTNaKar NEmaNI cIO & head of IT Projects Wing | VST Industries Limited 56 78 76 *special rates apply (Note: Letters have been edited mini- mally, for brevity and clarity.) 4 it next | m a r c h 2 0 1 0
  11. 11. 4 Edu TEch December 2009
  12. 12. update Update i n d u s t r y trends deals Products services PeoPle asset/liability management forecasts with annual budgets and rolling forecasts. They provide the capability to go beyond measuring bottoms up historical performance to actively managing future risks and results. Oracle Financial Services Balance Sheet Planning is a budgeting solution made specifically for bank planning, budgeting and forecasting. This application leverages Oracle’s Hyperion Planning as a foundation to allow banks to plan future profitability and risk adjusted returns. The solution captures instrument characteristics and nuances of each customer relationship, to Oracle extends The solution makes best accurately model balance sheet behaviour and provide the most EPM capabilities use of the accurate net interest margin and divergent earnings forecasts possible. capabilities The solution makes best use TEch TIDINGS | Oracle has refurbished its suite of financial services of OFSA, of the divergent capabilities that and analytical applications for the enterprise performance manage- Hyperion, it has acquired over the past ment (EPM) space. The new solution is based on the merged capa- Reveleus and few years—Hyperion, Reveleus bilities of Oracle Financial Services Applications (OFSA), Hyperion, PeopleSoft and PeopleSoft. Meanwhile, Reveleus and PeopleSoft Enterprise Performance Management. the Oracle Financial Services The EPM Suite is designed to help institutions in planning future Asset Liability Management performance and lowering anticipated risk. It also assists in planning Analytics is an updated net interest margin, anticipate liquidity contingencies and reconcile version of the Oracle Asset Liability Management business intelligence application. It emphasises upon the critical teCh Global PC shipment is slated to touch US $223 billion by 2010, need to measure and manage ket mar a 2.6% rise from the 2009 market value interest-rate and liquidity (fIGUrES arE IN US $ bIllIoN) risk. Building on the existing majority of all 250 functionally-rich interest rate new purchases $238 risk content, new metrics, were driven by 200 $217 $223 reports and dashboards Photo graPhy: Photo s.c om introduction of 150 Windows 7 provide additional management 100 insight into “stressed” results, including liquidity gaps, 50 funding concentrations, deposit 2008 2009 2010 0 distribution profiles, marketable assets and liquidity ratios. source: gartner 6 it next | m a r c h 2 0 1 0
  13. 13. Green mOtherBOard seCure remOte FiLes triPLe yOur memOry aSUS has launched Protect 3.0 mother- Symantec has launched the all new Norton Transcend’s new rDP7 multi-card reader board that lowers emission and transmis- 360 suite that combines is a high-speed three-slot sion of harmful radiation by 50%, security with remote reader. It can accommodate minimising the negative impact access to safely backed- up to three USb peripherals on users’ health. It also claims up data. It also includes and can read most memory to deliver more stable features that helps card formats that are avail- system operations. reduces boot-up time. able in the market. Salesforce unveils visual compliance. Being part of the platform, enterprises can create process manager dynamic and sophisticated business processes within their current sales cloud2 and Service Cloud2 deployments, or in their TEch TIDINGS | custom applications. has unveiled a new visual process The platform also aims to manager——a platform provide tools such as process to help companies to rapidly designer, process stimulator and automate any business pro- process wizard builder, which cess. According to the company, may be added to a visual process the platform enables custom- design diagram through a simple ers to design complex business drag-and-drop action. processes such as sales, service, Moreover, the engine boasts finance, HR, legal and operations, of the capability to run all with an intuitive visual-design sophisticated processes of a tool. It allows processes to be run company, and automatically instantly on the cloud. scale up to meet the needs of The solution combines the any business size. elegance of visual process Enables enter- platform enabling customers to Visual Process Manager will design with the simplicity, low prises design continuously refine and enhance be available to Enterprise and cost, and quick results of the complex busi- processes to improve operational Unlimited Edition subscribers cloud computing ness processes efficiency or fulfill regulatory for $50 per user per month. around the World quick Byte Mobile, wireless industry to touch $89 billion by 2015 The mobile and wireless industry in South Asia, Middle East and North Africa is estimated to cross the $89 billion mark by 2015. According to a Frost & Sullivan report, India showed the highest microsoft ceo steve Ballmer on the comPany’s alliance With yahoo! subscription growth rate in South Asia, followed “i BeLieve that tOGether by Sri Lanka, Bangladesh and Pakistan. The miCrOsOFt and yahOO! wiLL PrOmOte ChOiCe, vaLue and report suggests that the low penetration levels in Greater innOvatiOn FOr South Asian countries indicate a large untapped Our CustOmers, as weLL market that may translate into a high subscriber as, FOr Our advertisers and PuBLishers.” growth rate between 2009 and 2015. m a r c h 2 0 1 0 | it next 7
  14. 14. update Demand for identity, access management to grow by 20% TEch TrENDS | A recent Gartner sur- adds that the IAM products will vey projects that audit and analytics, continue to attract investment during global identity and access management coming years, because it remains (IAM) revenue is expected to reach the a critical technological area for US $9.9 billion mark by 2010, bank- enabling businesses to improve and ing on the rapidly-growing enterprise automate processes relating to access requirement for compliance market. management. interview The figure would be an 8% rise from It further mentions factors such marK rEGISTEr the 2009 revenue of US $9.2 billion. It as merger and acquisition, economic VP—Information Management asia Pacific, Ibm is expected to rise further to US $11.9 downturn and consequent tightening billion by 2013. of IT budgets as key bottlenecks in According to the report, suite-based market evaluation. IT NEXT: what exactly is the iBm’s IAM is the most preferred technology The report also predicts that public information agenda campaign? by enterprises. Almost 40% cloud computing is expected mark: We believe that an enterprise of respondents indicated Global IaM to drive IAM standards. Market to needs to adopt a holistic approach for this preference, which is Gartner reasons that cloud- 9.9 touch managing its structured and unstructured slated to continue for the next computing “construction” for data. IT departments and managers can couple of years, together with an increasing reliance on $ “private” clouds will require specific IAM-as-a-service best leverage existing information within their systems by looking beyond just data managed security services and functionality, to accommodate IAM consulting services. by 2010 bn scale-and-standardised management or business analytics. source: gartner The research firm delivery needs. how big is the challenge of managing unstructured data? It is a huge puzzle that we are trying to Dell unveils zero-client solve. according to an estimate, there is 998 exabyte of data across the world, and I am sure the number must have already hardware for enterprises grown, considering the staggering pace at which data is growing. close to 80% of this data is unstructured in nature. You have TEch TIDINGS | Jumping on the the e-mails, blogs, tweets, videos, audio, virtual desktop infrastructure etc... and the stack is piling up. (VDI) bandwagon, Dell has launched its first zero-client what should the it manager do to device for enterprises. Accord- cope with this challenge? ing to the company, its existing There are a few things that IT managers FX100 will support the new must do. first, put a data management VMware View 4.0 app and PC- policy in place. This would help decide how over-IP streaming technology to classify and store data. Second, there is through a firmware upgrade. a need for improvement in the data quality, According to the company, the Photo graPhy: Jaya n k narayanan so that it can be meaningfully used. finally, device that is expected to hit the It offers rich evolutionary successor they can choose a solution that lets them Indian markets by end of May multimedia sup- to thin clients with even deal with such issues. for instance, Ibm will minimise the chances of port and faster fewer chips inside. The recently released cognos content analyt- hardware failure, as compared to response as com- company expects it will ics that brings the world of analytics to the more traditional thin- or fat- pared to standard be able to penetrate the unstructured data. client desktop PCs that have been virtualisation and market with its attractive converted for VDI use. streaming codecs cost option beginning US Zero clients are the $500 (per device). by Jatinder Singh 8 it next | m a r c h 2 0 1 0
  15. 15. update Indian enterprises too tech alliance emC, intel risk-averse, says ISACA to secure Lack of cloud engagement rSa, the security division of Emc, and budget is teaming up with Intel and limiting Vmware to build a transparent enterprises’ infrastructure for business-critical ability to take cloud services. The partnership in- IT-related tends to chart a way for technolo- business risks gies to combine and boost security in the cloud networks. The proof of concept will be used by service providers to help customers build private clouds within firewalls, or build cloud-like services. It will combine authen- tication technology inside Intel processors with Vmware technol- ogy that will collect data from physical and virtual infrastructure TEch TrENDS | One in three IT profes- management, 30% stressed that and then feed it to rSa’s security sionals in India believe that companies business lines were not willing to fully platform, which, in turn, will iden- should take bigger risks with IT busi- engage in risk management. tify potential threats. ness projects. According to a recent The survey also revealed that lack The information will then be ISACA survey, 34.4% of India’s IT pro- of engagement was the top hurdle handed to governance, risk and fessionals believe that organisations while addressing IT-related business compliance software that have been are too risk-averse and may be missing risks, followed by budget limits (29.6%) created by archer Technologies—a out on opportunities to increase value. and uncertainty of how to tailor best company recently acquired by the The global association of IT practices to the environment (18.1%). Emc. These controls will help com- governance, security and assurance Interestingly, compliance with panies enforce differentiated policies professionals, with over 5,000 government regulation did not emerge in private clouds such as formulate members in India alone, recently as the top driver for organisations’ physical hardware types that may conducted a survey of 463 IT risk management activities. Instead, help run virtual machines. professionals. While more than 85% 41.1% respondents said that aligning according to the companies, of these respondents indicated that current functionalities with business third-party vendors are expected to their organisations were effectively needs was the primary reason for risk start offering services based on the integrating IT risks into overall risk management programmes. proof of concept within six months. News @ GooGleCHIEF EXECUTIVE CAROL BARTZ it be believed. She took a potshot at War? Vs China: Was is to just a Word Google bloG YES, IF YAHOO’S while talking to the media at the company’s birthday bash | Miguel Helft in his blog <http://bits.blogs.nytimes. com/2010/03/02/a-yahoo-birthday-party-with-carol-bartz> Bartz suggested that Google flip-flopped on whether it would stay in China, or not. “It looked to me like it was more of a statement than an action,” she said commenting on Google’s January 12th threat to pull out of China. “If they wanted to pull out, they should have pulled out,” she said categorically. m a r c h 2 0 1 0 | it next 9
  16. 16. insight | technology trends bi & ba Page 16 security Page 12 data centre transforMation Page 20 Virtualisation Page 24 enterprise unified coMMunications Mobility Page Page 28 32 10 it next | m a r c h 2 0 1 0
  17. 17. social Media xaas Page Page 48 44 p e o p l e w h o M a d e i t h a p p e n Green priVate it cloud Page Page 36 40 m a r c h 2 0 1 0 | it next 11
  18. 18. Security Policy revisited A successful security implementation must rest on the foundation of a sound security policy, which in turn should not just address the potential threats, but also the compliance requirements jo Jose, GM—Syste Jo ms Un ,G n tN in Gr air oup ,M anag er—it, Ara me x sing, Manager v sub nt ram wa —i an B al t, i i an nd ,c oA SO s ia & DG n Fu segear M, iDBi B ank 12 it next | m a r c h 2 0 1 0
  19. 19. Security | insight Security has remained among the most challenging and perennial con- editor’s cerns of IT managers for the last few years, increasingly so because of the note dynamically changing computing and communication paradigms, largely initiated by the Internet and accelerated by a host of newer platforms and devices. As long as computing was largely desktop-dependent and notebook users were few, information security concerns were limited too, until first the Internet and later the USB drives arrived to give information portability disruptively new meanings. Ever since, security has been a nightmare for IT managers. The surge in notebook adoption and the associated growth of wireless networks has add- ed to the woes of IT managers, while the advent of smart phones has further complicated matters. and just when IT managers were beginning to arm their enterprises with new security arsenals, the mother of all breaches—the social networking sites and the ilk—surfaced, and then grew at a colossal pace, making all ‘security controls’ go flying in the wild. That’s right! Security controls don’t seem to work anymore in traditional ways! The answer to the problem lies, to a large extent, in setting up a policy-based security infrastructure. 75 over in today’s 2.0 world, how does one protect an organisation’s information assets that are poten- tially exposed to a cross-continent Facebook user policy continue to be plagued with the problem of its ineffectiveness. In this background, let’s look at organisations globally % base of 400 million? some of the essential objectives that a experienced cyber attacks A sound stepping stone to the answer, no security policy must be able to achieve. in 2009 doubt, will begin with a security policy that is Regulatory and legal compliance: Source: STaTe of enTerprISe thorough and relevant in today’s context. The IT (Amendment) Act 2008, which SecurITy 2010, SymanTec But, a ‘security policy’ itself is no new got notified in November 2009, requires that a concept and its importance has not been organisations must put due mechanisms in place emphasised any less any time. Yet, a large to ensure information security and privacy. A number of organisations still don’t have the new entry in the Act in the form of Section 43A policy in place. In fact, many of them are yet reads: “Where a body corporate, possessing, to fully grasp the seriousness and relevance of dealing or handling any sensitive personal data having such a policy in the first place. or information in a computer resource which Also, many organisations that do have a it owns, controls or operates is negligent in m a r c h 2 0 1 0 | it next 13
  20. 20. insight | Security red Per-record cost of data breach t Aler (average coST per-record of a daTa breach, 2005-2009 In $) $250 $200 $150 182 197 202 204 $100 138 fy 2005 fy 2009 fy 2006 fy 2008 fy 2007 $50 $0 SOurce: PONeMON iNStitute/PGP A security implementing and maintaining reasonable security practices and procedures and accepted and acknowledged security framework as a benchmark that is best policy thereby causes wrongful loss or wrongful in sync with your organisation’s and document gain to any person, such body corporate industry’s characteristics. should cleArly shall be liable to pay damages by way of compensation to the person so affected.” ISO 27001 provides a standard security framework that has been implemented stAte the Effective communication of objectives: by a large body of organisations. The response For the policy to be effective, it should be Data Security Council of India (DSCI), process to able to unambiguously define the security objectives of the organisation and ensure set up by Nasscom in August 2008, has formed a framework for data security and be followed that they are easy to read and understood privacy, listing 16 best practices that are an in cAse of An by all employees. extension of the ISO 27001 standard. incident Moreover, a process has to be put in place to ensure that any changes in policy The DSCI framework aims to address needs of IT BPOs, service providers, have not just been mailed to employees banking and financial services, but also that the changes have been read manufacturing, e-Governance, telecom, 13 and understood by employees with a fair PSUs and e-commerce organisations, amount of clarity. especially those dealing with overseas Clear statement of responsibilities: clients. DSCI is also said to be planning The policy should be able to clearly development of an implementation state and define the m e t h o do l o g y t h at various information addresses technical and million users in 190 countries and security roles. Roles and responsibilities could operational information needs. range from preparing Risk assessment and 31,901 cities affected by security policy and response mechanism: the mariposa botnet this making necessar y It is an important role year changes, communicating of the security policy and enforcing those document to state how Source: panda SecurITy changes, measuring risk assessments are to the effectiveness of the be performed. Realistic communication and the risk assessments impact of any changes, are key to successful response mechanism to be employed in information security implementations, as case of a security incident, and even the the right assessment also sets the basis for escalation procedure to be used by an establishing an effective control point in employee in case a security incident is not the security infrastructure. attended to within a stipulated timeframe. The policy document should also be Adherence to security framework: able to clearly state the exceptions to be It’s always a good idea to select a generally observed and the response process to be 14 it next | m a r c h 2 0 1 0