vBlog: Regulatory Compliance vs Operational Readiness (part 4 of 4): Government CO-OP

This month, I am taking a look at the differences between ‘Regulatory Compliance’ and ‘Operational Readiness’ through a series of videos.

Regulatory Compliance

The efforts to check the boxes before audits – often mandated by an industry (e.g. HIPAA), corporate (SOX) or legal (DOD 5.015.2-STD).

Operational Readiness

The IT efforts to ensure that key IT systems and data are resilient through high availability (HA), disaster recovery (DR) or business continuity (BC) technologies and services.

vblog-regulatory-compliance-vs-operational-readiness-part-1-of-4/index.html" target="_blank">First, I did an overview of the dichotomy between regulatory compliance and operational readiness (BC/DR/HA).

Then, I looked at regulations that affect vblog-regulatory-compliance-vs-operational-readiness-part-2-of-4-for-public-companies-and-financial-institutions-through-sarbanes-oxley-sox/index.html" target="_blank">US financial institutions (SEC) and publicly-held companies (SOX).

Last week, we looked at vblog-regulatory-compliance-vs-operational-readiness-part-3-of-4-hipaa/index.html">healthcare organizations and their regulatory mandates in HIPAA.

This week, we'll finish the series by looking at Continuity of Operations (CO-OP) mandates for Government agencies.

Week 4: Government agencies and contractors

I hope that you enjoyed the series -- and found value in the information. What should my next series be?

Thanks for watching.

Topics: Data Protection Information and Risk Management Jason Buffington business continuity disaster recovery BCDR regulatory compliance

Network Security Trumps Server Security in the Enterprise (Part 2)

I posted a blog at the end of March describing the fact that network-security-trumps-server-security-in-the-enterprise/index.html" target="_blank">network security processes, skills, and technical controls are often more thorough than server security processes, skills, and technical controls at enterprise organizations. As a review, recent ESG research revealed that:

Topics: Information Security IBM Check Point Palo Alto Networks Cisco network Information and Risk Management Sourcefire HP McAfee Security and Privacy Security IDS Juniper Networks Firewall SDN IDS/IPS

Actian Means Big Data Action, Must Pursue Big Data Execution

Actian Corporation ("Actian"), with backing from Garnett & Helfrich Capital, stands alone as the big data vendor with the bravado to charge down the acquisition path towards big data critical mass. Between start-up business intelligence ("BI")/analytics vendors, and Not Only SQL ("NoSQL") database vendors, other venture capital firms have invested roughly $1.5 billion in early stage big data related vendors. While large, established vendors playing in big data have made major acquisitions and investments down through the years, such as Microsoft, IBM, Oracle, SAP, SAS, and Teradata, not even these major players have placed, proportionally speaking, such a big bet on big data as Actian.

The capstone to Actian's big data buying blitz happened last week with the announcement of the immediate acquisition of ParAccel, a leading MPP NoSQL database/advanced analytics solution. A mere month ago in a report I authored on the BI/analytics platforms, I wrote the following excerpt regarding ParAccel:

Topics: Big Data Data Management & Analytics Enterprise Software NoSQL

This Week at the Oracle Industry Analyst World

I’m on my way back from the Oracle Industry Analyst World for 2013 held in beautiful Redwood City, California. What is great about events such as this are the insights you can glean from the presentations and conversations with company executives and leaders. What is unfortunate is how much of the good stuff can’t be discussed at this time. That’s like standing in line for the buffet when you’re hungry. You can see what you want but have to be patient. So here are some takeaways and observations from the conference:

  1. My favorite quote was from Oracle’s EVP of Systems, John Fowler. When talking about benchmarks on Oracle’s engineered systems, he said that they used “non-lunatic” configurations. I love the phrase but also the sentiment. Testing makes no sense when you use a perfect world test bed that no one can reproduce, let alone make any use of.
  2. The coolest idea I heard was from Chris Leone, Senior Vice President of Development for Oracle Fusion Human Capital Management, when talking about the use of predictive analytics for HCM. He talked about using analytics to determine an employee’s propensity to leave or perform. What a great tool for a manager. Most managers are pretty busy people but know that the care and feeding of their team is one of their prime responsibilities. Tools that throw up a red flag before an employee situation becomes acute is something that any manager will appreciate.
  3. Oracle President Mark Hurd talked about the impact of non-IT managers and knowledge workers on IT buying. He was frank about the increasing influence and outright buying power that the non-IT community is wielding in corporate IT buying. This is something that Oracle has recognized for some time, but it is refreshing to hear such a high level executive talk openly about it.
  4. However, where are the programs for those non-IT influencers and buyers? Jeb Dasteel, Chief Customer Officer, emphasized the importance of user groups and programs for maintaining high levels of customer satisfaction. These programs are still nascent at best. As David Vap, Group Vice President, Oracle Applications Development, pointed out, Oracle did run a program for non-IT attendees to Oracle OpenWorld. That’s a start, but hopefully we will see Oracle expand on those events and programs.
  5. Oracle was also enamored with diagrams showing systems layers. That’s great for explaining architecture to IT professionals but not for transmitting value to the non-IT buyer or influencer. One of the best diagrams was the mobius diagram Oracle uses to explain the totality of the cross channel customer experience. The diagram talks to the shift from episodic marketing campaigns to continuous customer engagement.
  6. There seemed to be confusion around the overlapping products in the various software portfolios. I don’t get that. In a company the size of Oracle, product portfolios are comprised of product lines that address different customers’ needs. It’s not strange to have the PeopleSoft, on-premises HR software in the same portfolio as the Fusion HCM cloud software. They address very different types of customers. I also don’t think it odd that Oracle would maintain older products for customers that don’t want to switch. Why would they want to force themselves into a bake-off with other vendors, which would be inevitable if they discontinued a product with a big installed base. Why not protect the revenue? Yes, it would be easier but would it be more profitable? I doubt it would.
  7. They have figured out how social, both social media and social collaboration, works in the Oracle milieu. By making social features a part of the infrastructure that is always there, they encourage customers to deploy social features in an intentional way. This, to me, recognizes a big problem with how social – social collaboration specifically – has rolled out in companies. With little guidance to users but a big commitment, companies have often felt that their social rollouts weren’t meeting expectations. That is because they need to justify a big expense and project. Oracle’s method clearly takes away the unwanted focus on social for social’s sake and makes it a tool that can be used when and where appropriate.

With a company the size and breadth of Oracle, trying to get to all the good stuff is nearly impossible. I know I’m missing something. That’s a good thing for customers who have an enormous amount of choice from Oracle.

Topics: Enterprise Software Oracle Social Enterprise

My thoughts on the 2013 OpenStack Summit in Portland

Topics: Cloud Computing VMware Private Cloud Infrastructure openstack Rackspace Public Cloud Service

Keeping Up with the OFS Vendors

Thrilled to have an IT Depends guest post from Kristine Kao. You'll see Kristine post here as she continues to play a key role as an analyst covering storage here at ESG, with a specific focus on Online File Sharing and Collaboration—or what we affectionately call OFS. - Terri

Topics: Cloud Computing Storage End-User Computing IT Infrastructure mobile Online File Sharing Public Cloud Service

Fusion-io’s Next Gen is NexGen

Just like the real world, there are various types of marriages in the storage ecosystem. Some are arranged (“Please buy us before we run out of VC money!”), some are expected (“As a systems behemoth, we need to acquire your cool new technology…”), and some are enjoyable emotional battles (“There’s no way I’m gonna let you hook up with him/her, so here’s a larger dowry…”). Every so often there’s one that doesn’t fit the standard mould, but actually when you look at it, it’s easy enough to see how the partners fit together.

And so, dearly beloved, we are here to bear testimony to yesterday's joining of Fusion-io and NexGen (well, of course the former actually bought the latter for $119m cash/stock, but let’s not spoil the story on such a brash technicality!). So what do we see for the happy couple?

Topics: Storage IT Infrastructure Fusion-io flash storage hybrid storage NexGen

Enterprises Are Experiencing a Wide Variety of Web Application Attacks

In a recent research survey of 200 security professionals, ESG discovered that 79% of enterprise organizations (i.e., more than 1,000 employees) have experienced web application security attacks over the past year.

Topics: Information and Risk Management Enterprise Software mobile Security and Privacy Social Enterprise web application security

What to do When an Integrated Computing Platform Breaks

ESG continues to research the interest in, advantages, and disadvantages of Integrated Computing Platforms (ICPs). As a quick review, ICP is the collapsing of server, storage, and networking infrastructure into a simple-to-consume, preconfigured, turn-key platform. We have published numerous reports on the topic including Virtual Computing Infrastructures: The Movement Toward Integrated Computing: The Foundations for Cloud and Virtualized Computing Infrastructure Preferences.

Topics: Cloud Computing Storage IT Infrastructure Private Cloud Infrastructure Networking Compute integrated computing platforms

vBlog: Regulatory Compliance vs Operational Readiness (part 3 of 4): HIPAA

This month, I am taking a look at the differences between ‘Regulatory Compliance’ and ‘Operational Readiness’ through a series of videos.

Regulatory Compliance

The efforts to check the boxes before audits – often mandated by an industry (e.g. HIPAA), corporate (SOX) or legal (DOD 5.015.2-STD).

Operational Readiness

The IT efforts to ensure that key IT systems and data are resilient through high availability (HA), disaster recovery (DR) or business continuity (BC) technologies and services.

vblog-regulatory-compliance-vs-operational-readiness-part-1-of-4/index.html" target="_blank">First, I did an overview of the dichotomy between regulatory compliance and operational readiness (BC/DR/HA).

Last week, I looked at regulations that affect vblog-regulatory-compliance-vs-operational-readiness-part-2-of-4-for-public-companies-and-financial-institutions-through-sarbanes-oxley-sox/index.html" target="_blank">US financial institutions (SEC) and publicly-held companies (SOX).

This week, we'll look at healthcare organizations and their regulatory mandates in HIPAA.

Week 3: Healthcare Organizations

Next week, we’ll look closer at what IT professionals delivering data protection in government organizations, agencies and contractors that are regulated by CO-OP.

Thanks for watching.

Topics: Data Protection Information and Risk Management Jason Buffington business continuity disaster recovery BCDR regulatory compliance

Thoughts From SNW and NAB

There are times when I feel as if my blog should appear on some travel website, rather than a high-tech one; it’s when we are in one of the show/analyst event seasons, as about now. A bit like Anthony Bourdain (well, without the exotic locations, camera crew, books, endorsements, and smoking….but you get the point), I travel to new cities, sample the local [flash, software, SAN, cloud etc.] fare and depart reinvigorated. Hey, even the title of his show – ‘No Reservations’ – could be viewed as a storage commentary! If ever they want a replacement for Mr Bourdain, I’d love it!

Anyhow, it’s been so busy of late that I’m going to combine some brief commentary on two recent storage events, as it allows me to catch up a.little, and also to compare and contrast.

Topics: Storage IT Infrastructure industry events

The Web Application Threat Landscape Is Getting Worse

ESG just published a new research report titled, Web Application Testing Tools and Services. The report is comprised of data collected in a survey of 200 North American-based security professionals working at enterprise organizations (i.e., more than 1,000 employees).

Topics: Information and Risk Management Enterprise Software Security and Privacy Veracode Imperva

User First, Not Mobile First

“A designer knows he has achieved perfection not when there is nothing left to add, but when there is nothing left to take away.”— Antoine de Saint Exupéry

One of the common refrains from software companies regarding application design is “mobile first.” This is in response to perceived changes in the applications market that is driven by the popularity of smartphones and tablets as computing platforms. There is no doubt that mobile platforms are starting to have an effect on the business application environment. It is not mobility per se that is driving these changes though. Yes, the fact that a computing platform can move around is providing opportunities for applications to use location to enhance user experience. More profound changes are coming from the limitations of the platforms. With small screens relative to desktop and laptop screens and less memory and compute resources, application designers have had to rethink the user experience. Part of this redesign has been to pare down applications to the most necessary features or create several applications for the same system that target different types of knowledge workers. The latter especially is a good way to approach application design, effectively eliminating the monolithic, one-size-fits-all, interfaces that confuse knowledge workers who need to use common business applications.

Topics: End-User Computing Endpoint & Application Virtualization Enterprise Software mobile Social Enterprise

NSPs Shine at ONS 2013

We attended Open Networking Summit 2013 this week at the Santa Clara convention center and I wanted to share a few takeaways for the network service provider space, and Bob Laliberte may do the same for enterprise and data center. Related, Wayne Pauley covered openstack-analyst-day-4152013-portland-oregon/index.html" target="_blank">OpenStack in Portland, Oregon.

Topics: IT Infrastructure Networking mobile ONS Open Networking Summit software-defined networking SDN OpenFlow

Advanced Business Value with Virtualization Strategies

This video captures the state of server virtualization and the impact it is having in adjacent IT initiatives. I also step through desktop virtualization, network virtualization, and storage virtualization and the potential economic impact these strategies have on the business.

Topics: Cloud Computing Storage End-User Computing Endpoint & Application Virtualization IT Infrastructure Private Cloud Infrastructure Networking desktop virtualization Server Virtualization storage virtualization

What I’m Learning about Mobile Computing Security Best Practices

When I started my career at EMC in 1987, the company ran the business on Prime Computers. I was able to convince my boss that I could improve the quality and efficiency of our group’s business reports with a PC, so the company purchased a Macintosh computer and printer for me to use. This may have made me the first PC user in EMC history, though I can’t be sure.

I’ve had PCs at every job since, but it wasn’t until the mid-to-late 1990s that any of these machines had any security software installed on them. In fact, I think it was the rise of spyware that drove the deployment of security software somewhere around 1999.

Topics: End-User Computing MDM Information and Risk Management mobile Security and Privacy Security endpoint security Good Technology MobileIron Zenprise mobile security

Will IBM Now "Flash Ahead"?

IBM's "Flash Ahead" announcement last week was way more than a formal coming out for the products IBM gained—and has updated—in its recent acquisition of Texas Memory Systems.

Instead, it was IBM's loud announcement that it too is a vendor that is wholly serious about solid-state storage as a vital, vibrant, and growing element within a storage hierarchy. Now, our industry isn't short of loud announcements—sometimes these multi-media message-fests are only matched in enthusiasm by the cries of "prove it" and "show me" that follow. For once, IBM did not equate the number of words on its PowerPoints with quality (let's be fair—it has succumbed to that temptation before!). Replacing that, there was a pleasing simplicity to its message, an elegance that was backed up in a couple of very concrete ways. Here's what was said in a nutshell: "We (IBM) believe in the future of solid-state as an economically viable element within pretty much any storage hierarchy; and we're putting our money where our mouth is, with our expertise provided in tandem."

Topics: Storage IT Infrastructure flash storage

Video Blog: What's the Big Deal with IT-as-a-Service?

Virtualization helps make IT more efficient, Clouds improve the ability for a company to be more agile when deploying technology-based resources. ITaaS requires some additional heavy lifting across the business with regard to the organizational changes required as well as employing a new service-based governance model. Once these are underway the technology will seem easy and will allow IT and the business to truly be more agile, accountable, and ready for new initiatives to stay competitive. This video blog highlights some of the possibilities when a company make the transformation to ITaaS.

Topics: Cloud Computing cloud Private Cloud Infrastructure Virtualization Governance ITaaS

vBlog: Regulatory Compliance vs Operational Readiness (part 2 of 4): SEC & SOX

This month, I am taking a look at the differences between ‘Regulatory Compliance’ and ‘Operational Readiness’ through a series of videos.

Regulatory Compliance

The efforts to check the boxes before audits – often mandated by an industry (e.g. HIPAA), corporate (SOX) or legal (DOD 5.015.2-STD).

Operational Readiness

The IT efforts to ensure that key IT systems and data are resilient through high availability (HA), disaster recovery (DR) or business continuity (BC) technologies and services.

vblog-regulatory-compliance-vs-operational-readiness-part-1-of-4/index.html" target="_blank">Last week, I did an overview of the dichotomy between regulatory compliance and operational readiness (BC/DR/HA). For the next few weeks, I will take closer looks at specific segments of companies and their respective regulations.

This week, let’s take a look at the regulations that affect US financial institutions (SEC) and publicly-held companies (SOX).

Week 2: Publicly-held Companies and Financial Institutions

Next week, we’ll look closer at what IT professionals delivering data protection in healthcare organizations should know about HIPAA.

Thanks for watching.

Topics: Data Protection Information and Risk Management Jason Buffington business continuity disaster recovery BCDR regulatory compliance High Availability

The Impact of Hybrid Cloud Models on the Online File Sharing Market

ESG’s research has shown that online file sharing (OFS) adoption is rising rapidly. However, many organizations are reluctant to trust their files to an OFS provider’s platform because of security concerns. One possible solution to these security concerns is a hybrid cloud model of OFS. In the hybrid cloud model, some of the organization’s files are stored in the OFS provider’s environment, while others remain within the organization’s own premises.

Are the hybrid cloud benefits compelling enough to drive more organizations to extend their storage with an OFS provider? To find out, ESG asked respondents if having the option to implement a hybrid cloud model was important to their organization when evaluating and selecting an OFS provider, and then aligned their responses with their organizations’ current attitude toward OFS.

Topics: Cloud Computing Storage IT Infrastructure Private Cloud Infrastructure Public Cloud Service

OpenStack Analyst Day 4/15/2013 - Portland, Oregon

Jonathan Bryce and Mark Collier started off the day talking about the impressive changes in interest and contributions to the OpenStack software. Just quarter over quarter stats from Q4’12 to Q1’13 when they went from 148 member companies to 189 and 175 developers to 252. Also just this past week Juniper and Erikson joined as Gold members with Juniper’s code seeing adoption already through their partnership with CloudScaling. Jonathan and Mark presented their strategic vision that includes three focuses for the OpenStack platform ecosystem – tech, users, and innovation.

Most of the rest of the day was filled with OpenStack customers who have built various forms of private and public clouds based on OpenStack. IBM, HP, and Rackspace all shared some thoughts on their public cloud implementations. Which included some of the challenges – such as having to add their own elements for portals and orchestration as well as synching their releases with OpenStack.

Topics: Cloud Computing cloud Private Cloud Infrastructure openstack OpenStack Summit Public Cloud Service

Microsoft Azure: Amazon Price Match with Service Consistency

The only constant in the cloud computing market is change, as Microsoft proves with Azure IaaS advancing it from public preview to primetime public general availability, and Microsoft is price matching Amazon.

Topics: Cloud Computing Azure Microsoft IT Infrastructure Private Cloud Infrastructure Public Cloud Service

For Channel Partners ... It’s All About Putting Money in the Bank!

Each year ESG surveys over 500 IT professionals within midmarket and enterprise companies to understand how they plan to spend their IT budget in 2013. Since most technology companies depend on an ecosystem of partners reselling their solutions, this is the first in a year-long series of blogs to focus on this research and the opportunities for channel organizations in 2013.

Topics: IT Infrastructure Networking

Are you Open to Alternative Approaches to Private Clouds?

I’ll admit it – I’ve been living in the proprietary world for a long time now. My personal technology is almost all based on proprietary tech and the companies I’ve worked for have had almost all proprietary tech. That said I’ve always been a proponent of the importance of tension and discourse in the technology ecosystems. It often drives change and innovation and sometimes a refactoring of how we measure value. Open source tends to foster this healthy tension and open-source-based cloud is currently creating a lot of great discourse.

One of the phenomena in the cloud world that has gotten a lot of press is the OpenStack project which is a free open source software set managed by the OpenStack Foundation. A few years ago most traditional manufacturers were all trying to find ways to extend their existing portfolios into the cloud. Some felt that private cloud was a great strategy. From their perspective – why not just convert all that great investment on the floor by converting it from being virtualized to cloud. To me this means making it self-service, on-demand, including a fee-for-use cost model, available to any endpoint, and able to scale elastically as needed.

Topics: Cloud Computing cloud Private Cloud Infrastructure openstack open source Public Cloud Service

The Big BLU Data BI-Analytics Juggernaut

Les Rechan, GM of IBM Software Business Analytics group, openly stated that the BI-analytics business at IBM is expected to account for about $20 billion of revenue by 2015. Mr. Rechan made his prediction at an IBM event focused on big data conducted at IBM’s Almaden Research Center during the first week of April. Naturally this $20 billion will stretch across all product and service lines, from software to services to hardware and perhaps even to financing. In my recently published Business Intelligence and Analytics Platforms in the Big Data Era: Do Big Data and Hadoop Really Alter the Balance? I opined that IBM was, by far, the largest BI/analytics vendor in the world, all in. My model estimates $11 billion for 2013 for IBM in business analytics, so either my estimate is conservative, or the IBM business analytics business will grow at a CAGR of around 40% for 2014-2015. Regardless, business analytics drives something north of 10% of IBM’s overall business. Why has IBM done so well?

  • Established footprint: IBM has been doing BI-analytics for decades in one form or another, and the resulting customer base and relationships keep the IBM pipeline well-greased.
  • On-going strategic commitment: IBM has underscored its commitment to BI-analytics time and time again through strategic acquisitions like Cognos and Netezza, plus its own R&D. About half of IBM’s $6 billion research budget focuses on BI-analytics related work.
  • Full solution provider, with flexibility: IBM has nearly one of everything you might need for a BI-analytics solution, from storage to software to services, plus the vertical domain expertise. But IBM also maintains a huge ecosystem, for example, offering truly value added reselling of SAP HANA. IBM’s flexibility to be only part of a BI-analytics deal has served them well down through the years, contributing significantly to their preeminent market position.

But big data keeps morphing, and not even IBM can afford to fall far behind the technology curve. A report I published a few months ago (see infographic) discussed how newer “Not Only SQL” databases, aka NoSQL, were well positioned for big data style BI-analytics, and other modern applications. Even the most established enterprise database providers have reacted to the NoSQL movement with offerings either through acquisition or their own R&D, such as Oracle NoSQL, Microsoft SQL Server 2012 xVelocity, SAP HANA and Sybase IQ, Teradata Aster, and Terracotta Big Memory (Software AG subsidiary). But where was IBM?

Before last week’s announcements, IBM already had several non-purely relational/SQL offerings: For analytics, for example, IBM could point to Netezza, but Netezza is delivered as an appliance rather than general purpose software offering a la DB2. For time series and spatial use cases beyond purely relational/SQL, IBM offers customers the venerable but rather long-in-the-tooth Informix. DB2 offers native variants for XML, popular for Web and document oriented implementations, and RDF (Resource Definition Framework) and SPARQL, enabling IBM to address the growing demand for graph analytics.

Despite these offerings, however, IBM had no answer for a blazing fast non-appliance columnar option necessary for advanced analytics. It also lacked that obvious performance jolt to keep up with the many entrees in the NoSQL segment, all of which seem to use performance as a differentiator, if not against one another, at least against legacy relational database for non-OLTP. Also, IBM did not offer support for the quite pervasive JSON, the risen star of RESTful APIs that has been pushing XML aside in Web/content oriented applications.

IBM provided the answers last week. While IBM announced a technology preview for JSON support, the highlight was about what IBM calls BLU Acceleration ("BLU"). BLU is IBM homegrown R&D that steps up the performance of IBM DB2 10.5 using a variety of technologies including in-memory advanced columnar compression and storage compression – definitely a NoSQL approach that should help advanced analytics processing fly.

IBM wanted to make using the BLU extremely easy, so a simple registry setting, DB2_WORKLOAD=Analytics, turns on BLU. That simple setting ensures that all subsequent database definitions will default to a columnar format, and all the technologies of acceleration will come to bear. IBM has plans to spread BLU Acceleration throughout its product line, including future availability for z/OS databases.

ESG believes that BLU Acceleration subtly but decisively underscores the architecture for DB2 going forward: a workload-driven, multi–data model approach that not only best matches each application use case, but also optimally marshals resources like memory and storage as appropriate for the workload class. IBM is not alone in this thinking: Amazon Web Services, and to some degree Microsoft through SQL Server 2012 and Azure, have taken the approach that a single data management or data service layer should support multiple data models to best serve different workload types. The highly anticipated Oracle Database 12c, while architecturally in that direction, will only support the relational model. SAP cites HANA for both transactional and operational, real-time BI-analytics purposes, but ESG believes that for advanced analytics most companies will want to keep the transactional water separated from the analytical oil. Regardless, IBM not only made up ground but moves towards the head of the class if you are a DBA or CIO who values the approach that one logical database that offers optimizations and data models for a wide range of workloads.

IBM also unveiled its plans to release a new PureData System for Hadoop appliance, using IBM’s InfoSphere BigInsights Hadoop distribution, in the latter half of 2013. For customers who want to use Hadoop, but don’t have the patience or skills or desire to add an increasingly unwieldy server farm to the data center, and have been surprised by how long it actually takes to deploy Hadoop using “commodity nodes,” appliances like PureData offer an attractive alternative. ESG has begun to see some customers using Hadoop as a data warehouse add-on; keeping the existing data warehouse for structured data, BI, and basic analytics, but plugging in Hadoop to deal with less structured data sources and more complex analytics. It looks like the upcoming PureData System for Hadoop should offer customers who want to apply Hadoop in that fashion.a fast on-ramp.

The other item that really caught my attention was IBM’s commitment to helping fill the skills gap of big data by partnering with over 200 universities to add or augment big data related courses to the curriculum. In addition, IBM is hosting http://www.bigdatauniversity.com/, which has registered over 75,000 students. Not only is this a great way to start addressing the well known lack of availability of data scientists and data analysts, it should create some loyalty that will continue to feed the world’s largest purveyor of BI-analytics.

Topics: IBM Big Data Data Management & Analytics Enterprise Software

Will ONS Help SDN Cross the Chasm?

The RSA security conference was once limited to discussions around encryption algorithms and cryptography, attracting a limited and highly technical audience. Likewise, VMworld was once a Mecca for software developers and testers only.

Topics: Cloud Computing Microsoft Cisco IT Infrastructure VMware Networking Information and Risk Management Juniper HP Security and Privacy Security ONS openstack software-defined networking SDN ONF Nicira VXLAN OpenFlow LAN & WAN Arista Networks

Microsoft Who? Top 4 Highlights of Microsoft Management Summit 2013

It’s challenging to absorb everything Microsoft at the cadence they would like IT pros to keep pace with, but here are four areas to pay close attention to:

The Microsoft Cloud OS strategy is a triangulation of on-premises private cloud, services from Azure, and hosting providers centered on Windows Server 2012 and wrapped with System Center 2012. The triangulation, consistency of experience and services across each of the consumption models is an important detail to consider. Comparably, VMware has a two-point strategy that is narrowed in on hosting VMs on-premises and off-premises while Amazon is an all in single platform commitment. Each approach may have a fit, but it’s important to understand and plan for the different approaches.

Topics: Cloud Computing Storage End-User Computing Endpoint & Application Virtualization IT Infrastructure Private Cloud Infrastructure mobile Public Cloud Service

Comparing The Data Storage Growth Trends Of North America and Western Europe

When you compare the storage environments of organizations in North America and Western Europe, there’s a common perception that “it’s different over there” – and it doesn’t matter which place ‘there’ is! But ESG’s latest research shows that the storage world is a lot more homogenous across the two regions than we have told ourselves. To recast an old saying – it’s two regions separated by a common IT language! Late in 2012 ESG took the Storage Market Trends survey that it had recently conducted in North America and posed the identical questions to a set of demographically equivalent respondents in the UK, France, and Germany. While this quick blog has chosen to mention storage growth, the research covers everything from challenges to technology use and buying intentions.

Frankly, we quietly expected dramatic – or at least (in more restrained research-speak) significant and statistically relevant! – divergence in the results….but the biggest surprise was to see the high degree of similarity between the two sets of responses. For example, data storage growth trends were about the same across the two regions, although we did notice a slight tendency to use more NAS (measured as a percentage of overall installed storage capacity) in Western Europe, and a slightly higher propensity (again as a % of the total) to use internal server-based storage in North America. Another example - as a share of their total installed storage capacity, Western European organizations have so far installed less solid-state storage, but they look to be catching up - as measured by their expected adoption- with their counterparts to the east of the Atlantic.

Topics: Storage IT Infrastructure data storage data storage growth

Video Blog: Implementing Private and Hybrid Clouds with Cloud Service Management

Today’s CIO is constantly challenged to keep up with not only the changes in technology, but also the changes that are affecting the business as a whole. Current global business dynamics are characterized by hyper-speed changes in the business climate that in turn require companies to be increasingly agile and efficient. Often just virtualizing the data center only improves efficiency of the operations and and doesn't necesarily improve the agility of the business. In this video blog I discuss some of the highlights from the cloud service management report to help IT begin to convert a virtualized data center to a private or hybrid cloud service.

Topics: Cloud Computing cloud Private Cloud Infrastructure Virtualization Cloud Service Management Public Cloud Service

Video Blog: Data Protection Matters-Archiving and Backup

I talk about the need for both disciplines - archiving and backup - as separate, but complementary tasks in this video blog.

Topics: Backup Data Protection Information and Risk Management Archiving

vBlog: Regulatory Compliance vs Operational Readiness (part 1 of 4)

This month, I am taking a look at the differences between ‘Regulatory Compliance’ and ‘Operational Readiness’ through a series of videos.

Regulatory Compliance

The efforts to check the boxes before audits – often mandated by an industry (e.g. HIPAA), corporate (SOX) or legal (DOD 5.015.2-STD).

Operational Readiness

The IT efforts to ensure that key IT systems and data are resilient through high availability (HA), disaster recovery (DR) or business continuity (BC) technologies and services.

For the next four weeks, I’ll take a look at some regulatory mandates and try to glean some pragmatic IT ideas for data protection from them. So come back each Tuesday in April.

Week 1: Overview of Regulatory Compliance vs. Operational Readiness

The rest of the series (blog post edited):

vblog-regulatory-compliance-vs-operational-readiness-part-2-of-4-for-public-companies-and-financial-institutions-through-sarbanes-oxley-sox/index.html">Part 2: Publicly traded companies (Sarbanes-Oxley / SOX) and Financial Institutions (SEC)

vblog-regulatory-compliance-vs-operational-readiness-part-3-of-4-hipaa/index.html">Part 3: Healthcare organizations (HIPAA)

vblog-regulatory-compliance-vs-operational-readiness-part-4-of-4-government-co-op/index.html">Part 4: Federal agencies and contractors (Continuity of Operations / CO-OP)

Thanks for watching.

Topics: Data Protection Information and Risk Management Jason Buffington business continuity disaster recovery BCDR regulatory compliance

HP's Moonshot - Aptly Named

I was a bit surprised at the lack of interest in HP's Moonshot announcement by the big media. I suppose I understand the complexity combined with HP's less than stellar PR maneuvers over the last few years could keep some folks at bay, but this announcement has all the makings of a MASSIVE and exciting outcome.

Moonshot Launch Poised to Rocket HP Beyond Company's Distress

If you haven’t heard about HP Moonshot, besides being an exciting name that steps outside the comfort zone standard HP product naming convention, Moonshot is a new class of ARM based servers engineered to address the IT challenges created by social, cloud, mobile, and big data. Think about some of the biggest data centers on the planet and look at how they have approached the server tier. The typical example is how Amazon has baked its own servers and customized the server platform with components used to build and designed a server. This approach, may work for the big dogs that are designing their own software, but doesn’t translate well to today’s modern data center.

ARM servers significantly reduce server footprint and consume less power. While this may seem boring, the exponential impact it could potentially have on the design and economics of IT transformation, cloud computing, and the next wave of modern applications is incredible.

Topics: Cloud Computing Big Data IT Infrastructure cloud Private Cloud Infrastructure mobile Compute social Public Cloud Service

Major IT & Networking Vendors Collaborate on New OpenDaylight Initiative to Fend Off SDN Fragmentation

SDN’s promise of dynamic, programmable networks to support new applications like VM mobility remain, but a plethora of competing vendors’ SDN marketing hype has been muddying the waters on defining SDN -its vision, roadmap, and deployment timescale. While small SDN islands already exist today, ‘plug and play’ type interoperability was unlikely despite the OpenFlow ‘protocol.' So by taking a page from the open Linux platform’s development, a flock of systems vendors have launched OpenDaylight to build an open SDN platform in a transparent and collaborative environment overseen by the non-profit Linux Foundation. Membership to the OpenDaylight project is open to those willing to donate software and engineering prowess to develop an open source SDN platform. Founding members include Big Switch Networks, Brocade, Cisco, Citrix, Ericsson, IBM, Juniper Networks, Microsoft, NEC, Red Hat, and VMware. Other initial contributors include Arista Networks, Dell, Fujitsu, HP, Intel, Nuage Networks, and PLUMgrid; most companies' preliminary contributions are outlined in the press release at www.opendaylight.org. Projects and donations include open controllers, protocol plug-ins, and switch device enhancements with a first code release expected 3Q13.

The service provider driven Open Networking Foundation (ONF) is doing a commendable job of advancing the principles, promise, and benefits of SDN, but the unexpected tsunami of interest in SDN, although welcomed, has led to an SDN bubble destined to pop. Allowing the market to decide on the best SDN solution isn’t necessarily the most expeditious or cost effective approach. Collaborative central planning within the SDN ecosystem could yield better results.

Topics: IT Infrastructure Networking software-defined networking SDN OpenFlow OpenDaylight

Cloud Storage: A Real IT Initiative, With Real Adoption

We all read the blogotwittosphere, and watch TV, and the news is clear – cloud is gradually taking over the world! Is that really so? It turns out that in the world of storage it just might be. Sure, it’s not going to be a complete switch overnight but the signs of a genuine shift (dare I say paradigm?) are revealed in our latest research.

So, just how many organizations are replacing their onsite storage infrastructure usage with cloud storage usage? That’s one of the questions that ESG set out to answer in its recent survey of 418 North American-based IT and data storage professionals. They told us how cloud storage services will likely affect traditional storage spending in their organizations in the short term, and provided a perspective on the future of cloud storage.

Topics: Cloud Computing Storage IT Infrastructure cloud storage

Video Blog: 2013 Cloud Spending Intentions

ESG recently surveyed 540 IT professionals representing midmarket (100 to 999 employees) and enterprise-class (1,000 employees or more) organizations in North America and Western Europe to find out what their public cloud spending intentions for 2013 were. In the following video blog I review some of the highlights of our findings.

Topics: Cloud Computing public cloud Public Cloud Service

Welcome to a Software-defined Spring

Living in New England, the changing of the seasons always seems to bring anticipation of good things to come. Coming off a cold and moderately snowy winter, the spring brings about change, the return of our ability to see our grass, and the ability to go outside without three layers of clothing.

Topics: IT Infrastructure Networking software-defined networking

IEEE Next Generation Service Overlay Networks (NSON)

SDN for service providers: It should be no surprise that industry analysts enjoy thinking about scenarios for the future, so I’ve been pondering a vision and roadmap for what could and should follow network architecture puzzle-pieces like federated controllers, generic switch-routers, Network Function Virtualization, virtualized appliances, and open orchestration (i.e., management). And how history has proven standards support (or lack thereof) can make or break a technology market (and of course that revenue thing, too). So when I saw a call for participation from our kindred spirits at the venerable IEEE, I had to shout-out my support for NGSON efforts. I’ll plan to update you on their progress in a future posting. Broader, related, and further along are standards for cloud portability and interoperability – P2301 and P2302 - http://standards.ieee.org/develop/project/2302.html

From their press release:

Topics: IT Infrastructure Networking software-defined networking SDN

Cisco Expands Wireless Capabilities with Ubiquisys Buy

In-building mobile coverage is often a problem for both mobile operators’ customers and enterprise employees. With its acquisition of UK-based small mobile cell maker Ubiquisys on April 3rd for about $310M, WLAN leader Cisco is increasingly well positioned to not only solve mobile in-building coverage, but also to integrate mobile calling, Wi-Fi, and voice key systems/PBX via automated location-based services for more seamless, user friendly, and higher fidelity voice communications.

While smartphones can easily transfer to Wi-Fi for data, they can’t yet do so for voice, and enterprise support for BYOD brings an expectation of being able to make and receive mobile calls on smartphones regardless of device or mobile operator. And for the enterprise sales force in particular, missing prospects’ calls can mean lost sales when a competitor answers the phone first. Integration of emerging high definition mobile VoLTE with enterprise VoWi-Fi/PBX could one day make multiple phone numbers, complex follow-me configuration and voice-mail-jail a thing of the past. The time is upon us for a clean sheet approach to voice calling that offloads the need for human action onto the network.

Topics: End-User Computing Cisco Networking mobile wireless

The Big Data Market - We've Seen This Movie Before

Nothing is ever truly new in IT, and Big Data is no exception.

Topics: Big Data

What's Driving the Growth of Online File Sharing Services?

The use of corporate file sharing services is growing, but what’s behind this growth? The BYOD trend has been a key driver for the online file sharing market. The preponderance of smartphones and tablets in the workplace has driven many companies to sign up for and deploy a corporate account with an online file sharing (OFS) service.

To investigate the relationship between BYOD and OFS, ESG surveyed nearly 500 IT professionals at organizations of all sizes. The survey found that 41% of organizations that are experiencing significant growth in smartpohne and tablet usage already have a corporate OFS account in place, and another 27% expect to set up a corporate OFS account in the next year. On the other end of the spectrum, more than half (52%) of organizations that are experiencing little or no growth in alternative endpoint devices have no interest in a corporate OFS account.

Topics: Storage End-User Computing IT Infrastructure mobile BYOD OFS Bring Your Own Device online file sharing and collaboration

What is the Winning Formula for Big Data Security Analytics Solutions?

The big data security analytics market is in its genesis with enterprise players (HP, IBM, RSA Security), security vendors (Lancope, LogRhythm, McAfee, Solera Networks, Splunk), government integrators (Boeing (Narus), LexisNexis, SAIC), and startups (21CT, Click Security, Packetloop, RedLambda) all jumping into the water. CISOs should expect abundant innovation and lots of competition over the next few years.

Topics: Information and Risk Management Security and Privacy

Is Big Data the Tail Wagging the Data Economy Dog?

Segmenting the overall IT market horizontally typically results in five sub-markets: Semiconductors, hardware, software, telecommunications, and professional services. But an anomaly buried in the usual segmentation has existed for several decades, glossed over because it was such a slender slice of IT (e.g., the "MRM" market?!). That hidden slice has widened considerably post-2000 however, and the time has come to give those IT suppliers, for want of a better term we will call them “data providers,” their fair due—recognition of their own market space which I refer to as the “Data Economy.”

Even though many data providers are not-for-profit, if one aggregates the revenues of all the data providers the “Data Economy” market now runs in excess of $100 billion in annual revenues. By comparison, ESG estimates the software and core services revenues associated with the BI/analytics platform market at around $20 billion. Even if you add all the adjunct products and services required for big data, such as servers, storage, networking, point software solutions, and professional services, it probably still slightly trails the Data Economy in terms of market size. And ESG believes the Data Economy is growing even faster than big data. Who are these data providers? Let’s barely scratch the surface of some of the Data Economy players.

Topics: Big Data Data Management & Analytics Enterprise Software

Defining Big Data Security Analytics

At the end of 2012, ESG conducted a research project looking at big data security analytics from the demand-side. It turns out that market demand is already apparent -- 44% of enterprise organizations consider their security analytics “big data” today, while another 44% believe that their security analytics requirements will be regarded as “big data” within the next two years.

Okay, enterprise organizations need big data security analytics solutions today; but just what is a “big data security analytics” solution anyway? ESG just published a market landscape report to answer this very question by looking at the supply side to gauge existing solutions and future directions for big data security analytics.

Topics: IBM Big Data Hadoop Information and Risk Management Security and Privacy Security NoSQL big data security analytics SIEM Narus LogRhythm RSA Security Solera Networks Cassandra Lancope click security Splunk Packetloop RedLambda