Talking About the Next Steps in IT Automation (ESG 360 Video Series)

It’s easy to talk about automation within IT as an inherently ‘good thing’; but, as Steve Duplessie explains in this conversation, things in IT are invariably done for far more pragmatic reasons than just some vague intrinsic nice-ness! As we move from functional automation (where the real value usually emphasizes cost saving) to more holistic or system-wide automation - both across and between systems – the motivation is more about getting better ROI from better and faster business decisions; moreover those improvements can often be based upon inputs from disparate data sources and applications.

Topics: Storage IT infrastructure automation

Five Ways to Get Started with DevSecOps

Integrating, and thus automating, security via the continuous integration and delivery (CI/CD) processes of DevOps, an approach referred to as “DevSecOps,” is a topic that had, until somewhat recently, been discussed largely only at DevOps and cloud-specific forums and events. But DevSecOps is coming of age. The ongoing adoption of DevOps by enterprise organizations, and the growing interest in bringing security along for the ride, is getting the topic a bigger stage, with DevSecOps being presented in sessions at more mainstream events such as RSA Conference, the CISO Summit at Black Hat, and VMworld. The adoption of application containers and the Kubernetes environment that orchestrates their lifecycle across the build-ship-run continuum has also been a catalyst for CI/CD integrated security. Because DevSecOps starts with a cultural shift, leverages CI/CD methods, and requires purposeful controls, it is an amorphous concept not only hard to define, but challenging to make actionable.

Topics: Cybersecurity DevSecOps

Talking About Linking Development and Security (ESG 360 Video Series)

This conversation with Doug Cahill examines the crucial - but all-too-often overlooked - necessity for cooperation between DevOps and Security teams. While there’s pretty much universal agreement that built-in security is better than bolted-on security, nonetheless the apparently (or at least potentially) competing objectives of DevOps (faster, faster, leaner) and Security (careful, careful, preclude risk) can appear to run counter to everyone’s desires. 

Topics: Cybersecurity DevSecOps

Cybersecurity Challenges at Smaller Organizations

Hello dedicated readers! My blog is back from a restful week’s vacation on Cape Cod and ready to tackle the falling leaves, changing temperatures, and cybersecurity issues of Autumn.

Back in August, I wrote a few blogs about cybersecurity trends in small and mid-sized organizations (i.e. between 50 and 499 employees). The first blog looked at the state of cybersecurity at SMB firms and the second blog examined what they are doing to address these issues. 

Topics: Cybersecurity SMB

Is Microsoft’s Managed Desktop Right for You?

Before I peel into Microsoft’s Managed Desktop (MMD), I think it’s important to understand the potential value of intelligent data and the power of what can be done with the data in the form of AI and ML. So, while applications and devices typically provide the appeal on the surface (pun intended), the charge that Microsoft can inject into a service pivots completely around taking action on intelligent data. Steve Duplessie explains this concept well in his blog, “The True Value of SaaS and Managed Service Offerings.” He writes, “It’s not what they ‘do,’ it’s what they ‘could do’ that makes them so valuable.”

Topics: Enterprise Mobility

Talking Connectivity and Experience (ESG 360 Video Series)

In this conversation, Bob Laliberte talks about the increasing relevance of [optimized] networking in the contemporary IT world; of course, networking has always mattered, but it has often been the most likely component of IT infrastructure to be viewed as "plumbing."

These days, however, with the emphases on mobility, clouds, the edge, and distributed-everything (data and applications just as much as endpoint-access), the integral impact of networking on connectivity and experience is becoming ever clearer. When everything-IT is interlinked, the linkages matter intently! Bob outlines the main points and then talks about how this new focus on optimized networking is being - and can be - made manifest.  

Topics: Networking ESG 360 Video Series

The True Value of SaaS and Managed Service Offerings

SaaS companies carry huge valuations when compared with traditional licensed software companies. It took me forever to figure out why, but I did.

Topics: software-as-a-service (SaaS)

Lenovo and NetApp Join Forces

Today, Lenovo and NetApp announced a new partnership collaborating to deliver IT data center solutions, which at least for now, is focused on enterprise storage. This new partnership has tremendous potential for both companies. Lenovo gets a partner to co-develop solutions for the robust and growing hybrid/all-flash array storage market; a partner that won’t be going away (or getting bought) any time soon. NetApp gets a possible path into emerging markets in Asia and a partner with a robust X86 server portfolio. It is a win-win.

Topics: Storage Lenovo NetApp All-Flash Array

Ubiquity on Full Display at VMworld 2018 (Video)

Yes, VMworld is a vendor event.

But it is also as near to a general IT event as there is.

The 2018 version in Las Vegas showed this “parallel dichotomy” in full force. A focus on the company’s own progress, innovation, and execution was pretty much matched by a focus on its partnerships and its integral position in the overall IT ecosystem. It’s hard to cover everything; but an extensive ESG contingent did its best to distill down some of the key new announcements and take-aways. It means that our On Location video is a little longer than usual at 7 minutes, but it’s packed with insights.

Topics: Storage VMworld

CISOs Recommend Future Actions for their Organizations

Each year, ESG conducts a research project with the Information Systems Security Association (ISSA) on the mindset of cybersecurity professionals (the 2017 report is available here). As part of last year’s research, we asked respondents to identify the top actions their organizations should take in the future to improve cybersecurity. We then looked at this data based upon respondents’ roles, so we could look at the specific recommendations from CISOs (or other titles with equivalent job descriptions). 

Based upon this analysis:

Topics: Cybersecurity CISO