The document discusses the evolving complexities of IT management, highlighting strategic challenges such as user education, technology adoption, and compliance risks. It emphasizes the necessity for effective infrastructure management and the integration of new technologies, while also addressing privacy concerns and the need for systematized governance. The text advocates for a balanced approach to professional development and emphasizes the importance of metrics in assessing service management processes.

1. Insight into today's IT Strategic Challenges Jorge Sebastião Founder and CEO [email_address] www.esgulf.com

2. The Net is very different Internet Instantaneous Any- to-any Standards- based Always- on Mobility In person Phone Mail Private networks

4. How Do We Manage Enterprise Complexity? ERP Solutions Mainframe Client/Server Heterogeneous distributed databases Mission Critical Availability The Internet heightens availability requirements Inter-dependencies of applications with business

5. Products Are Not Enough People Technology Process

6. Management Requirements

7. 10 Challenges End User Awareness Unavailability Technical skills Leveraging New Generation Networks New devices Mobile Computing Security and Privacy Evolving Risks Compliance and Regulation New Technologies Biometrics Smart Cards and eGov Challenges Infrastructure Management

8. “… disasters are not technical, they’re people and culture related… “ The soft stuff is the hard stuff.” Bryan Fiman Principle and Co-Founder, Implementation Management Associates User Awareness and Adoption?

9. Support Requirements “ … . uneducated users require 3 to 6 times more support than educated users over the life of a new technology and process.” Research Note

10. Unavailability Technical skills Rapid rate of change of technologies Shortage of skilled staff Key to recognize the risk areas Take appropriate preventive actions: obtaining training hiring consultants right people These factors might apply to your team: inadequate training poor understanding of methods, tools, & techniques inadequate application domain experience new technologies or methods ineffective, poorly documented, or neglected processes

11. Professional Development Balanced approach Education Training Experience Certification Networking Interpersonal / Soft Skills

12. Professional Development Professional Goals S pecific M easurable A chievable R elevant T ime-bounded Adapted over time

13. Telephone Services Data Services (WWW, e-mail, etc) Video Services (TV, movie, etc) Telephone Services Network Video Services Network Data Services Network Policy Area 1 Policy Area 2 Policy Area 3 Legacy: Vertically-Integrated Networks pre-NGN Network Challenges - Legacy Networks

14. Network Challenges– NGN challenges Source TIPHON Control Area lP/MPLS Core Network Transport Area Service/ Application Area PSTN Internet Soft Switch IP Service and Application Control QoS Authentication Security Multicast Multimedia Call Control VoIP and Video IP endpoint control (H.323/SIP) Media Gateway control (H.248) Messaging Application Media Gateways Application Hosting Programmability 3rd party applications Web access Open APl's Web based Service selection Application Mediation Layer Enterprise ASP 3rd party Application Policy Server Aggregation Network Metro Optical RAS DSL Cable Frame/ATM Wireless Service Switch Manage QoS Security Interoperability Openness Programmability Interworking

15. Network Challenges– Business Drivers Service Control Layer lP/MPLS Core Network Layer Application Layer PSTN Internet Soft Switch IP Service and Application Control QoS Authentication Security Multicast Multimedia Call Control VoIP and Video IP endpoint control (H.323/SIP) Media Gateway control (H.248) Messaging Application Media Gateways Application Hosting Programmability 3rd party applications Web access Open APl's Web based Service selection Application Mediation Layer Enterprise ASP 3rd party Application Policy Server LDAP based Aggregation Network Metro Optical RAS DSL Cable Frame/ATM Wireless IP Service Switch IP Video Internet Offload IP Voice IP VPN IP Transport Multimedia Conferencing Unified Messaging Virtual Office Tele Education E-Business Margin

16. Users Want Mobility? Home working 89% of top 100 US companies offer telecommuting 2 60%+ Britons & Germans equipped to work remotely 1 Mobility How many of us using Mobile Today ≥ 66% workers will use mobile & wireless computing 1 Branch Offices 60 % of employees work at Branches Virtual 58% companies consider theirs to be a virtual workplace today 1 interpretation of analyst data 2 ComputerWorld survey

17. New Corporate Boundaries Platforms Data Center Laptops PDA Mobiles Distributed Access Dialup, ADSL, VPN VSAT Wifi, WiMax GPRS/3G Communication Centric Applications Web Email IPM VoIP Multiple Networks Intranet Extranet Internet Users Employees Partners Suppliers Customers Consumers/Prospects Location Office Internet Café/Restaurants Airport Hotels Home

18. Mobility and Access Management Control Loosely-coupled, Dynamic exterior Tightly-coupled, Persistent interior Intranet Extranets Customers Partners/Suppliers Employees Consumers Internet

19. Mobility Devices Laptops Mobiles Bluetooth PDA Smart Card

20. What Is Privacy & Why Does It Matter? Privacy is a malleable concept Physical security and liberty as one version Information privacy is another Information privacy is the issue here Privacy is a human right that preserves individual autonomy That autonomy is necessary for a free and democratic society It is a community interest

21. Does New Technology Threaten Our Privacy? US $200 and 24 hours will get you anything you want to know about someone (ex-partners, detailed asset lists, convictions, video rental preferences, etc.) CVS Pharmacy, Doubleclick, Amazon HRDC’s detailed, lifelong files on all of us - lacking real controls on use or disclosure

22. Technology - Opportunities and Challenges Some opportunities: Easy access to central data-bases Use of virtual records ( e.g. , health records) Digital transaction security Improved resource allocation and needs predictions Some challenges: Improper personal data access Security breaches Improper data-linkage, sharing and mining

23. Mitigating Privacy Risks By Legislation Establishing principles for all cases Designing privacy into systems and programs Building privacy into systems and programs Dealing with boundary cases - the gray areas lawyers love Public and private sector rules are needed Public sector (provincial and federal legislation) Private sector

24. Mitigating Risks Using Technology Privacy enhancing technologies (PETs) Smart cards, toggles, digital certificates Technology enhances privacy - it does not define it Always ask: Who can override the security? Remembering that design is key What data, to whom, when and for what purposes? What happens to it after that? Data destruction

25. Evolving Risks – Banking Ex

26. Phishing new threat

27. First Phishing – Now Ransomware Phishing Pharming Ransomware- So far theses attacks are quite rare but it brings a new dimension to the usage of the internet and a new generation of attacks.

28. IT and Corporate Governance Business BSC IT BSC CoBiT ITIL ( & BS15000) ISO27001/BS7799 IT Governance & ITSM

29. Multitude of Governance SOX AML ISO27001 ISO90000 ISO20000 (BS15000) CoBIT PAS56 Basel 2 HIPAA EMV ...

30. Biometrics and IT Systems The automated use behavioral and physiological characteristics to determine or verify an identity. PIN Rapid! Know Have Be

31. Biometric Process-1 Enrollment stage Identification stage Biometric Present Sensor Signal Process Reject Accept Sensor Biometric Present Storage Decision Signal Process

32. Biometrics and Statistics FAR – Type I FRR – Type II FAR vs FRR protection vs ease of use ERR=“FAR=FRR”

33. Biometrics-enabled Authentication Applications Cell phones, Laptops, Work Stations, PDA & Handheld device set. 2. Door, Car, Garage Access 3. ATM Access, Smart card Forensic : Criminal Tracking Fingerprints DNA Matching Car park Surveillance Frequent Customers Tracking

34. Biometrics-Problems

35. Smartcards-The Wallet Computer

36. SmartCards Influencing Implementation Multipurpose Secure Personal ID System Policy Government Corporate Processes Issuance Enrollment Apps Update Identity Verification Technology Architecture Features Standards User Privacy Acceptance Social

37. SmartCards Impediments to use infrastructure requirements? Integration? Common standards?

38. SmartCard Issues-1 What information? Where it is stored? Who is entitled to access it? How it is protected from un-authorized access? Privacy Authority: oversees, administers, enforces ID program. Governance Card is either alternative or mandatory ID. Voluntary vs. Mandatory ID Requirements Policy

39. Issues-2 Amount and type of information applied for risk profiling? Profiling Allowable means proving identity prior to ID issuance Mechanisms for Issuance Which standards? Interoperability? Standards Degree of authentication? Level of risk mgmt required? P ublic acceptance of the process? Level of Authentication Requirements Policy

40. Infrastructure Management Challenges Reduce Complexity Bandwidth Utilization Network Resource Accountability Guaranteed Network Performance Security

41. Infrastructure Mgmt Fragmented IT Desktop Help Desk LAN Admin DBA Operations Mainframe Security Network Management Chaos Business User Non IT Devices Applications Databases Systems Networks

42. Fragmented Service Delivery Desktop Help Desk LAN Admin DBA Operations Mainframe Security Network Management 97% 97% 97% 97% 97% 97% 97% 97% Business User Non IT Devices Applications Databases Systems Networks 76% Availability

43. Government Education Dept 0 1 2 3 4 5 Service Level Management Availability Management IT Service Continuity Financial Management Capacity Management Service Desk Incident Management Problem Management Config. Management Change Management Release Management Efficiency & effectiveness Process Maturity

44. Project Failure Rates Application Development Projects (The Standish Group) Challenged Succeeded Failed 28% 46% 26%

45. Mitigate Risk Reduce Cost Improve Productivity Ensure Regulatory Compliance Connect Geographically Dispersed Data Centers Improve Systems and Data Availability and Recovery Consolidate Data Centers and Storage / Server Resources Reduce Capital and Operating Expense Maintain / Increase Availability Ensure Service Delivery Reduce Capital and Operating Expense Increase Productivity Connect Geographically Dispersed Data Centers Converge Networks Enable New Applications Through Increased Bandwidth & Performance Reduce Capital and Operating Expense Priorities By Function Improve BC/DR Processes Distribute and Protect Data Reduce Infrastructure Spending Improve IT ROI CIO Data Center Networking Operations VP Infrastructure

46. People Business Processes Technology Delivering ROI Competitive Advantage

47. Service Improvement A process led approach Maintaining the momentum Where do we want to be? Vision and Business objectives Where are we now? Assessments How do we get where we want? Process Change How do we know we have arrived? Metrics

48. Maturity

49. Process Maturity Framework The Five Levels of Service Management Process Maturity Ref: based on Norton / Nolan & CMM In terms of: - vision & strategy - steering - processes - people - technology - culture 1 Initial 2 Repeatable 3 Defined 4 Managed 5 Optimised

50. Implementation Process Education Standards & Best Practices Support

51. Solution Building Blocks INTEGRATED ICT SOLUTIONS VOICE FRAME/ATM MPLS BANDWIDTH INTERNET MANAGED WAN MANAGED LAN MANAGED VoIP MANAGED SECURITY MANAGED MOBILITY BUSINESS SERVICES VALUE ADDED SERVICES NETWORK SERVICES NETWORK PRODUCTS NETWORK & ACCESS INTEGRATED SOLUTIONS IT SERVICES & APPLICATIONS WIRELESS SATELLITE xDSL ETHERNET LEASED LINE HOSTING & STORAGE OUTSOURCED CALL CENTRE MESSAGING HOSTED MMVoIP MULTI-MEDIA CALL CENTRE VoIP PORTALS/ INTRANET CRM APPLICATIONS MANAGED DESKTOP SECURITY NETWORK. OUTSOURCING BUSINESS OUTSOURCING ENTERPRISE SECURITY SYSTEMS INTEGRATION TECHNOLOGY CONSULTING

52. Implementation Challenges Theory… Practice:…

53. Questions?