Cisco Midsize Cybersecurity Infographic

You face unprecedented challenges to protect your midsize business from cybersecurity threats. New trends such as mobility and cloud are changing how you need to secure devices, data and your network.

To deal with these challenges, you need a smart, scalable threat-centric security model. This model needs to provide cost-effective threat remediation and support standard security policies and controls.

Cisco can help. We deliver intelligent cybersecurity for the real world. Our threat-centric approach reduces complexity while delivering superior visibility and control—saving you time and reducing costs.

Download Infographic at: http://www.findwhitepapers.com/force-download.php?id=47507

Advertisements

Time for DevOps to get out of the weeds

Software and service providers face a battle to deliver new products, features and capabilities more quickly than ever. The overall success of the business is linked to its ability to meet rising customer expectations.

In response, development teams must deliver high-quality software while reducing release cycle times. Forrester Research recently found a strong correlation between release cycle times and business satisfaction. Teams with faster cycle times enjoy greater business satisfaction and teams with slower cycle times see less satisfaction. Only one-third of organisations consistently deliver new software to end-users within the ‘gold standard’ one to three-week cycle.

Pressure to shorten release cycle times and raise quality is emphasising the need for change-centric delivery.

Agile development has increased the rate and quality of output from planning and development teams. They now operate at high efficiency and can accommodate even faster release cycles. The bottleneck is increasingly a lack of efficient delivery.

To facilitate delivery streams capable of ingesting changes more quickly, delivery teams must reimagine core principles. DevOps has shouldered the burden of faster release cycles and has focused on automating delivery workflows through tools such as Git, Jenkins, Chef and Selenium, to name but a few.

Faster cycle Times

These tools have improved the delivery process, and DevOps has assembled cross-functional teams with the authority to implement delivery-related activities, which also results in faster cycle times.

So why is delivery still the constraint? Because focusing on bits of automation and cross-functional teams ignores the main purpose of the delivery stream – to reliably build, validate and deploy change. DevOps tooling has been completely change-agnostic.

Ask Jenkins or Chef what has changed since yesterday. There are some change-aware tools for their domain, but they are unaware of changes elsewhere in the delivery stream.

It is difficult to track changes while ‘in flight’. As change flows through the delivery stream, it becomes aggregated or ‘rebundled’ many times between build and deployment. CI servers process many tiny changesets, while QA deals with larger bodies of change. Both these delivery pipelines are continuously processing a distinct changeset, so the movement of any single change must be accounted for as it flows through various pipelines, artefacts and environments to reach some final destination.

Change-centric delivery frameworks

A change-centric delivery (CCD) framework organises the entire delivery process to continuously deliver a steady, never-ending stream of change to the consumers of digital services and products – end-users.

We can identify seven attributes of a CCD framework that can materially reduce cycle times: clearly identify every source of change; track change through the delivery pipeline; correlate every change back to a work item/business driver; implement change navigation and routing through the delivery stream; implement change bundling and rebundling during the delivery stream flow; relate binary artefacts back to changesets; track changes through environments from development to production and implement application/service assembly from loosely coupled components.

The bottom line

Automation tools alone will not produce the positive impact on the delivery stream that Agile has delivered for planning and development. But as more digital service providers adopt CCD frameworks, cycle times will continue to shrink, allowing new features and capabilities to reach end-users much more quickly, ultimately bringing the level of delivery efficiency in line with planning and development.

Source: www.computerweekly.com-Time for DevOps to get out of the weeds

Microsoft rolls out Skype for Business in Office update

Microsoft is rolling out its new Skype for Business product as part of the monthly April update for Office 2013, as well as to Office 365 customers around the world, marking the end of the road for its Lync unified communications brand.

Redmond first announced that Lync was to be superseded by a new Skype for Business solution in November 2014.

The intention is to fuse the widespread user familiarity of Skype with the enterprise-grade security, compliance and control features of Lync.

Lync Online users in Office 365 will start to see Skype for Business appearing in the next few weeks, although for customers that want a little more time to prepare for the changes, administrators will be able to switch between Skype for Business and the old Lync UI.

Skype’s Sean Wilson said Microsoft had taken the “unparalleled insight” it had gained into how Skype’s 300 million existing users work with Skype to build a more usable, familiar experience. It has included elements such as drag-and-drop file transfer, and even retained the regular Skype emoticons.

The new product is built into Office, so that features such as presence, instant messaging, voice and video calling and online meetings will become an integrated part of the Office experience.

It will also allow users to search for, and connect with, anybody in the Skype network, both inside and outside the organisation.

Skype for Business will also be made available as a cloud-based option, starting from $2 per head per month for a basic feature set.

Source: www.computerweekly.com-Microsoft rolls out Skype for Business in Office update

With cloud video conferencing, the sky’s the limit

In this three-part series on video conferencing, we look at some of the ways you can use the cloud to deliver enterprise-grade services. Part one explores the factors driving video conferencing adoption. Part two looks at the emergence of new conferencing services, and part three discusses the requirements for cloud-based video conferencing and considers ways to ensure a quality end-user experience.

Research tells us this: Video conferencing is really moving to the cloud. According to the Nemertes Research 2014-15 Enterprise Technology Benchmark, which gathered data from approximately 180 companies, nearly 30% of companies have already implemented cloud-based video conferencing services and another 2% plan to do so in 2015. An additional 16% are evaluating these services for possible deployment.

The single biggest driver for cloud video conferencing is saving money. Cloud services eliminate the need for companies to make large investments in multipoint control units (MCUs) and other server infrastructure to connect rooms, transcode between disparate endpoints and support features like call recording and playback.

The second biggest factor driving cloud purchases is the ease of extending video conferencing beyond company network boundaries. Many cloud services allow participants to connect using whatever endpoint they have. Endpoints can include a legacy H.323 system, one based on SIP or even a desktop client. And increasingly, thanks to WebRTC, the endpoint could be a browser.

Other factors driving the trend toward cloud video conferencing include speed of deployment and support for a wide range of endpoints, including smartphones and tablets.

Businesses using cloud video conferencing services rate their overall video conferencing success at an average of 7.5 on a 1-to-10 scale, with 10 being the ideal score. Comparatively, those businesses with no cloud video plans score their success as a 5.9.

The cloud landscape is becoming increasingly crowded and complex. Those businesses evaluating cloud video conferencing must choose from an increasing array of service options. Meet-me services from vendors like Blue­ Jeans and Zoom allow customers to buy always-on meeting rooms – much like they buy audio conferencing services in which people have their own dedicated meeting ID number – and connect via their own endpoint, video conferencing desktop app or browser.

Managed service providers, like AT&T and Glowpoint, offer managed service options that include scheduling and network performance management. Providers like Avaya, Google, Highfive, LifeSize, TrueConf and StarLeaf provide both endpoints and the back-end cloud services.

Alternatively, some companies build their own private cloud solutions using vendors like Acano and Pexip. Those companies may also work with a provider to build a hosted, customized solution using dedicated hardware but priced on a per-user or per-port basis.

Finally, just about all Web conferencing services have integrated video conferencing, though not all can extend their platforms to room systems or support browser-based access.

Companies considering cloud-based video conferencing should evaluate their need to integrate with their existing video conferencing infrastructure, as well as extend video conferencing outside the company to partners, suppliers, customers or remote workers. Security policies may limit video conferencing outside the organization or may require encryption. Those businesses looking into cloud-based services also need to pay special attention to endpoint options, cost and the ability to tie video conferencing into other collaboration applications.

Source: TechTarget-With cloud video conferencing, the sky’s the limit by  Irwin Lazar

Gartner Highlights Five Key Steps to Delivering an Agile I&O Culture

By 2018, 90 Percent of I&O Organizations Attempting to Use DevOps Without Specifically Addressing their Cultural Foundations Will Fail

Infrastructure and operations (I&O) leaders planning a bimodal IT strategy will miss out on the benefits of DevOps support for agile practices unless they transform their I&O culture, according to Gartner, Inc.

Gartner said that the implementation of a bimodal IT strategy requires careful planning and execution. Analysts predict that, by 2018, three quarters of enterprise IT organizations will have tried to create a bimodal capability, but that less than 50 percent of those will reap the benefits of improved agility and risk management.

“I&O leaders are under pressure to support customers who want to go faster, so they are utilizing agile development,” said Ian Head, research director at Gartner. “However, movement to agile will not, and should not, be a wholesale immediate change. Instead, it should first be implemented in areas where there is a very real business need for speed, and then carefully rolled out — taking the culture of the organization into account.”

Gartner has developed the strategy known as “bimodal IT,” which refers to having two modes of IT. Mode 1 is traditional, emphasizing scalability, efficiency, safety and accuracy, while Mode 2 is nonsequential, emphasizing agility and speed.

“Changing the behaviors and culture are fundamental to the success of a bimodal IT approach. We estimate that, by 2018, 90 percent of I&O organizations attempting to use DevOps without specifically addressing their cultural foundations will fail,” said Mr. Head.

“We do not advocate wholesale cultural change in a single organizationwide program. Instead, I&O leaders should focus their efforts on an initial, small Mode 2 team, establish the values and behaviors needed, and take incremental efforts to recognize and reinforce desired outcomes prior to scaling.”

The following five-step approach will help I&O leaders achieve an agile I&O culture:

  • Identify Your Mode 2 Behavioral Gap Analysis
  • Work With Key Stakeholders to Gain Consensus on the Approach
  • Start With a Small, Focused Pilot
  • Deploy Behaviors Incrementally to Successive Groups With Feedback Loops
  • Pursue Continual Improvement

Read more at: Gartner Highlights Five Key Steps to Delivering an Agile I&O Culture

Security, Privacy Rank Among the Top IoT Concerns: CompuCom

A new survey reveals that IT professionals are apprehensive about security and data privacy as the Internet of Things continues to expand

s the Internet of Things (IoT) shaping up to become a security nightmare?

The fast-growing market for IoT solutions and services may be giving IT professionals some pause, suggests a new study from Dallas-based IT outsourcing company CompuCom. Citing a forecast from IDC, the firm expects the IoT market to consist of 212 billion connected devices and be worth $8.9 trillion in 2020. Meanwhile, telecommunications giant Verizon predicts that by the same year, the industry will have established 5.4 billion business-to-business (B2B) IoT connections.

With so many devices flooding the Internet of Things with so much data, it’s little wonder that IT experts are a little wary.

A recent survey of 431 technology professionals conducted by CompuCom found that security and the potential rise in cyberattacks were the top concern for 44 percent of respondents. Data privacy and the risk of exposure of sensitive personal information emerged as a major worry for 28 percent of those polled.

“IT professionals have pretty much figured out security at the traditional end-point,” remarked Sam Gross, chief technology officer for CompuCom. “IoT accentuates a new set of security concerns that span securing the device, the edge network and the new classes of data that will be collected.”

Current approaches to safeguarding data and locking down networks may fall short in the IoT era, he added. “How we rethink security standards has driven innovation into the marketplace that will benefit us all.”

Some IT pros fear that their companies may be dragging their feet on the way to IoT readiness, the survey revealed. Nine percent pointed to a lack of organizational drive in committing to, or investing in, IoT-enabled technologies. Five percent of respondents expressed unease about finding ways to capitalize on IoT data.

Another five percent are worried that consumers may push back against IoT, fearing the possibility of invasive surveillance and other “Big Brother” scenarios. Technology and interoperability issues represent a big stumbling block for yet another five percent of survey takers.

Finally, as always, someone has to pay the bill. Four percent of respondents said implementation costs were giving them doubts about IoT.

At least one tech giant doesn’t look like it needs much convincing.

IBM on Tuesday announced a major bet on IoT, to the tune of $3 billion over the next four years. Some of that funding will go toward advancing Big Blue’s analytics capabilities, ultimately helping customers benefit from the business-enhancing insights that are locked away in mountains of IoT data.

Source: Security, Privacy Rank Among the Top IoT Concerns: CompuCom

CTO advocates automated tests and continuous delivery

Automated testing and continuous development have become the driving force for CTO Andy Piper as Push Technology evolves its middleware platform.

Andy Piper is CTO at London-based Push Technology, which provides a Java-based middleware platform that helps U.K. developers working on applications that require a lot of messaging to a lot of users. Most of their clients publish statistical information for either financial entities (like stocks and bonds) or for online gambling. Piper has pushed his development team forward by espousing continuous delivery and automated testing.

When it comes to functional testing, Piper says everything has to be automated. “Manual tests are almost valueless,” he said. Manual tests take too much time, and he said he needs tests that are quick, clear and repeatable. Those requirements naturally lead to automated tests. He also pointed out that there’s practically zero user interface to a middleware platform, which removes a lot of the need for user experience testing.

Conducting performance tests is one area where Piper sees benefits to manual testing. He pointed to Gil Tene’s research on latency at Azul and explained that for performance testing, he’s not looking for average behavior; he’s analyzing the effect of the outliers. He said that using tools like HdrHistogram and jHiccup and analyzing the results intuitively works better for his team than trying to set up reliable automated performance tests.

Piper said the important aspects of functional testing are maintaining quality and moving quickly. “It’s about enabling the developers to make changes more confidently,” he said, “so they work more efficiently.” Automation is an important part of keeping up with the pace at which his developers are able to make changes and making sure they get the feedback they need as soon as possible. But managing a large battery of automated tests can be challenging.

Some tests break bad

Most of the tests are very straightforward, according to Piper; they either pass or fail and the results are very accurate. However, some tests have a tendency to fail when they should pass — or they fail for the wrong reason. He calls these tests Heisentests, after the Heisenberg uncertainty principle. These tests are “a bit of a bugbear” for Piper right now.

The Heisentests are tricky because they can’t be trusted. A failed result may be accurate and require a developer to recheck the work and fix something. Or a failed result might mean that some detail is slightly different than expected and everything is actually working as it should. Developers don’t appreciate being sent on a wild goose chase, especially when the supposed target is an imaginary flaw in their code.

The Heisentests are a problem that persists at Push Technology for the same reason that technical debt persists at many organizations: There aren’t enough staff hours to fix the misfiring tests and meet project deadlines. However, the problem has reached a point where it must be addressed, and Piper is starting by having his team sort out the good tests from the bad. He said he has some testers working to sort the tests using JUnit categories. This way his developers will know which tests to question right away, and the team will know which tests to overhaul when they have time to pay down the technical debt.

Continuously delivering value

The search for efficiency has led Push Technology to adopt continuous delivery practices. Piper said they use Maven for source code and Jenkinsfor automation, which seems to be a popular combination. Right now, every change that his team commits is automatically merged into a new shippable version of the platform as soon as it passes the battery of automated tests.

Piper deliberately chose continuous delivery over continuous deploymentbecause “enterprise clients want to peg everything to particular releases.” It’s important for enterprise developers to update middleware at their own pace and to be able to rely on the platform to remain stable.

Push Technology is working on a cloud release that will likely be aimed at midsize businesses. That version “will probably be more of a continuous deployment model,” Piper said. He said that one of the challenges of moving to continuous development will be making sure all the code that goes into production is as hardened as it should be. “I love all my developers to death,” he said, “But I’d still feel like I was being irresponsible if I don’t keep a close eye on them.”

Source: TechTarget-CTO advocates automated tests and continuous delivery by James Denman

Expert handbook: Cloud development issues and trends

The developer is in demand now more than ever – and yet, this role is still ambiguous for the IT world.

With deeper insight into cloud computing, platforms, and ecosystems, development processes can be more clearly defined, and the responsibilities of the developer will come into focus.

In this handbook, explore issues and trends in cloud development, and discover why platforms are on the rise and how to choose the right one with help from IT analyst and consultant Denis Pombriant. Also inside, find definitions of terms and explore important issues in cloud development today.

Download it at:  Expert handbook: Cloud development issues and trends

Microsoft adds MDM capabilities to Office 365

Leveraging Microsoft Intune and Azure Active Directory, Microsoft extends built-in mobile device management capabilities to Office 365 commercial plans at no additional cost.

Microsoft announced the general availability of mobile device management (MDM) capabilities for Office 365, which is designed to give administrators the built-in capability to manage access to data in the cloud-based productivity suite across iOS, Android and Windows Phone devices. The MDM features are available at no additional cost in all Office 365 commercial plans, according to Microsoft.

“With today’s GA, the first app every organization will look to secure and protect now comes with MDM capabilities natively built into it,” Brad Anderson, corporate vice president, Enterprise Client & Mobility at Microsoft, wrote in a blog post. “This means IT admins can set up security policies on devices to ensure that O365 corporate email and data can be accessed only on phones and tablets that are managed and compliant.”

state of cios

More than 500 top IT leaders responded to our online survey to help us gauge the state of the

READ NOW

[ Related: MDM features and functions compared ]

Shobhit Sahay, technical product manager on the Office 365 team at Microsoft, notes that Office 365’s new MDM capabilities work in three ways to keep your data safe:

  • Conditional Access. Office 365 leverages Microsoft Intune and Microsoft Azure Active Directory to allow you to set up security policies on devices that connect to Office 365 so that only managed and compliant devices can connect. The Conditional Access policies apply to Word, Excel, PowerPoint and other business applications.
  • Device Management. You can set and manage security policies such as device-level pin lock and jailbreak detection to help prevent unauthorized users from connecting. Additional settings and rich reporting are also available within the admin center.
  • Selective Wipe. You can easily remove Office 365 data from an employee’s device while leaving their personal data in place.

“If you are looking for protection beyond what’s included in Office 365, you can subscribe to Microsoft Intune, part of the Microsoft Enterprise Mobility Suite, and receive additional device and application management capabilities for phones, tablets and PCs,” Sahay says. “This includes the ability to restrict actions such as cut, copy, paste and save to applications managed by Intune — helping keep corporate information even more secure.”

Anderson notes that Microsoft has architected its Enterprise Mobility Suite (which includes Active Azure Directory Premium and Microsoft Intune) and Office 365 to work together, bringing together multi-layer mobile security with identity and access management, mobile application management and data protection.

“The pivot of managing Office via Intune is a big (and really proactive) step for the industry,” he says. “In fact, Intune now sits as the only comprehensive MDM solution on the market that can manage the recently released Office mobile applications on iOS and Android. This enables the workforce to utilize the apps they love, while preventing data leakage — and it empowers IT teams to constantly improve and streamline the services they deliver while maintaining strict security.”

Sahay notes Microsoft will begin rolling out the new capabilities on Monday and expects they will be completed worldwide in four to six weeks.

Source: CIO.com-Microsoft adds MDM capabilities to Office 365

Customer-centric

Customer-centric is an approach to doing business that focuses on providing a positive customer experience both at the point of sale and after the sale in order to drive profit and gain competitive advantage.

Customer-centric is an approach to doing business that focuses on providing a positive customer experience both at the point of sale and after the sale in order to drive profit and gain competitive advantage. The philosophies and operations of customer-centric businesses revolve around their most valuable customers and making sure they’re happy.

Dr. Peter Fader, in his bookCustomer Centricity: Focus on the Right Customers for Strategic Advantage, explains that because not all customers turn out to be profitable, businesses that seek to be customer-centric and gain strategic advantage should identify the best customers and focus on building their products and services around the needs of those specific individuals. This is achieved by gatheringcustomer data from multiple channels and analyzing it to better understand andcategorize customers.

One way to figure out if a customer is high-quality, according to Fader, is to calculate their customer lifetime value (CLV), which predicts the net profit a business will acquire from its entire future relationship with a customer. High-quality customers are those who stay loyal to the company and don’t leave unless given a very strong incentive to do so. These customers have a high CLV and collectively have a low attrition rate. Customer-centric organizations strive to acquire, retain and develop this type of customer by enhancing their experience.

Source: TechTarget-customer-centric by Margaret Rouse