Page 1

Where technology means business ISSUE 232 | may 2011 |

owning the cloud

The Jumeirah Group profits with centralisation and shared infrastructure

Saeed Al Dashti, CIO, Jumeirah Group

INSIDE: working the web | banking technology | virtualisation roundtables | content theft

ULTIMATE UC EXPERIENCE FROM THE ULTIMATE UC LEADER—POLYCOM. It’s the latest buzz. Polycom is the world leader in Unified Communications. That’s because only Polycom offers a total communications solution—one that will work for you today and grow with you as your business evolves. It’s because our products are best-in-class and backed by Polycom’s history as an industry innovator. Oh, and we’re the only provider of collaboration solutions built on open, standardsbased architecture. Increase your productivity even as you reduce your costs and lower your carbon footprint with Polycom. Transform your business.

©2010 Polycom, Inc.



owning the cloud

The Jumeirah Group has grown a private cloud, within a hybrid environment, to connect disparate offices and improve efficiency.

6 Half way to the cloud >> In a series of roundtables conducted by CNME and Citrix across the UAE, Qatar and Kuwait, Dave Reeder and Sathya Mithra Ashok find that end users may look at virtualisation and its benefits differently. 8 CIOs talk management >> At the recent IBM Maximo Middle East User Group conference, end-users got together to discuss the perils and pitfalls of effective IT decentralisation and management. Pallavi Sharma reports. 10 Securing the virtualisation journey >> At the two separate roundtables, conducted by CNME and Trend Micro, end-users from the oil and gas industry and government discussed the best ways to ensure security in a virtualised environment. 14 Round-up >> A quick round-up of IT industry news. FEATURE 24 Into the vortex >> Everyone says the cloud is the future. Not without the proper service level agreements (SLAs) – contracts that specify the quality of service and the compensation that customers get when problems occur. 30 Caught in the web >> CNME reports on the growing web culture in the region and how it can be improved 36 Making it count >> The banking and finance sector in the region is investing in technology solutions to manage data flows and guarantee data security in a bid to regain customer confidence, Pallavi Sharma reports.





INTERVIEW 42 An epic story >> Recently declared the global leader for emergency telecoms, the World Food Programme (WFP), takes its responsibility seriously. CNME spoke to Ernesto Baca,CIO and director IT and management services, WFP, to discuss the dynamic role IT plays in disaster relief. EVENTS 46 Security Strategist 2011 >> This event, which brought together over 100 security experts from across the region, served as a crucial platform to share insights on the changing threat landscape and how regional businesses can face them better. 50 CIO Perspectives >> CPI’s CIO Perspectives 2011 brought together key IT decision makers and CIOs in Abu Dhabi to explore and share best practices on how organisations can achieve greater benefits through IT and business integration. INSIGHT 52 Mainframe meets cloud >> Mainframes are stable, secure and under your control – perfect for anchoring a private cloud – but where’s user provisioning? How to 56 Battle content theft >> The bad news is there is no sure fire way to stop content theft. The good news? There are ways to ensure your Web content maintains an upper hand on the Web. 58 What we’re reading >> We select the best international technology blogs and books.

Publisher Dominic De Sousa

Path to the future

Sathya Mithra Ashok Senior Editor

COO Nadeem Hood

You don’t want to hear about the month we just finished. The CNME team conducted a set of five roundtables - located in three different countries and supported by two vendors - in the 30 days gone by. First off, we had the two roundtables that we conducted along with Trend Micro in Abu Dhabi. These sessions brought together end-users from the energy and government sectors to discuss the journey to virtualisation, the role that security plays in virtualised environments and how defensive measures can be integrated from the beginning of a project. (Learn more about the roundtables in our Analysis section on page 10) Then we had a set of three roundtables that we conducted along with Citrix. These took place in Qatar, Kuwait and Abu Dhabi, where we discussed with end-users the challenges that they faced, and continue to face, when deploying virtualisation solutions in the region. The perspectives that we received from these end-users were both different and alike. Different, in the way they approved virtualisation and the rate at which they were ready to adopt technologies connected to it. Alike, in the challenges that they faced on the ground – continuing connectivity issues, training and finding skilled personnel and achieving the right support. (You can read more about the range of thoughts we heard at the Citrix roundtables when you turn to page 6). The roundtables proved to be absolute eye-openers on how varied regional perspectives can be on virtualisation and the surprisingly different adoption levels. These discussions proved that understood or not, there is a lot to be done by vendors to educate end-users and there is yet a whole untapped market of opportunity for virtualisation in the region. While they understood that the cloud was the inevitable be the future, CIOs stated that there was no way for them to effectively move to the future without the right contracts. According to them, most ISPs did not provide SLAs to enterprise end-users, even if they were on the highest service level. Personally, I find this absolutely shocking. The lack of SLAs in the Middle East market leaves end-users vulnerable to the service provider's whim. They have no metrics to measure the performance level against and and no recourse if the network or service goes down. This situation needs to be fast rectified, and a set of regulations brought into place that standardise cloud services. Only such measures can provide CIOs a clear path to a future that involves clouds in the region. Speaking about the future, this month we are turning our focus on June's mega event Cloud Congress 2011. Visit, register for the event, check the agenda, and write to me if you would like to speak at the event. Until then, have a lovely month ahead!

Commercial Director Richard Judd +971 4 4490126 Sales Director Raz Islam +971 4 440 9129 Editorial Dave Reeder +971 4 4409106 Senior Editor Sathya Mithra Ashok +971 4 4409111 Sub-Editor Pallavi Sharma +971 4 4409103 Advertising Sales Manager Arun Shankar +971 4 4409142 Advertising Executive Robair Boctor +971 4 440 9130 CIO Programmes CIO Programmes and Events Lead Kavitha Rajasekhar +971 4 4409132 Circulation Database and Circulation Manager Rajeesh M +971 4 4409147 Production and Design Production Manager James P Tharian +971 4 4409146 Designer Analou Balbero +971 4 4409104 Digital DIGITAL SERVICES Digital Services Manager Tristan Troy P Maagma Web Developers Jerus King Bation Erik Briones Jefferson de Joya Louie Alma +971 4 440 9100 Published by

1013 Centre Road, New Castle County, Wilmington, Delaware, USA

Where technology means business ISSUE 232 | may 2011 |

Head Office PO Box 13700 Dubai, UAE Tel: +971 4 440 9100 Fax: +971 4 447 2409

Not your copy? If you'd like to receive your own copy of CNME every month just log on and request a subscription:

Printed by Printwell Printing Press LLC

owning the cloud

Regional partner of

The Jumeirah Group profits with centralisation and shared infrastructure

Saeed Al Dashti, CIO, Jumeirah Group

INSIDE: working the web | banking technology | virtualisation roundtables | content theft

© Copyright 2011 CPI All rights reserved While the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.

How can I cut data centre costs by 15%? By choosing InfraStruxure and its triple promise of 24/7/365 availability, fast deployment, and energy efficiency Introducing Next Generation InfraStruxure

Whether your company just acquired another company or is planning ‘follow the moon’ virtualization to streamline energy use, you’re most likely facing pressing demands on your company’s IT infrastructure. Your legacy data centre infrastructure may not be able to handle these business changes. That’s where APC by Schneider Electric™ steps in with its proven high-performance, scalable, data centre infrastructure. Only InfraStruxure™ ensures that your data centre can adapt effectively, efficiently, and quickly to business changes, making you the company hero! What’s more, it gives you the capabilities you need to monitor and manage your data centre proactively and easily to ensure healthy operations at all times.

InfraStruxure data centres mean business!

InfraStruxure data centres also enable you to: 1) Accommodate high densities easily 2) Add cooling quickly and easily 3) Monitor threats proactively

We say that InfraStruxure data centres mean business. But what does that mean to you? The answer is simple. A data centre means business when it is always available 24/7/365, and performs at the highest level at all times, is able to grow at the breakneck speed of business, lets you add capacity without waiting on logistical delays (e.g., work orders), continues to achieve greater and greater energy efficiency— from planning through operations, and is able to grow with the business itself. In addition, open architecture capabilities deliver any-IT vendor compatibility, affording you the flexibility and adaptability you need for speedy deployment of upgrades without overhauls.

4) Upgrade instead of overhaul

The triple promise of InfraStruxure deployment

9) Optimize reliability and efficiency

InfraStruxure fulfils our triple promise of superior quality, which ensures highest availability; speed, which ensures easy and quick alignment of IT to business needs; and cost savings based on energy efficiency. What better way to ‘mean business’ than to enable quality, speed, and cost savings—simultaneously?

5) Manage in a ‘single-pane’ view 6) Model capacity changes 7) Ensure your business drives your IT 8) Manage new equipment in seconds 10) Move at business speed

Download your white paper(s) within the next 30 days for FREE and get a chance to WIN a Lenovo® all-in-one touch screen PC! Visit Key Code 88632t • Call +9714-7099690 (Arabic)/+9714-7099691 (English) • Fax +9714-7099650 ©2011 Schneider Electric. All Rights Reserved. Schneider Electric, APC, and InfraStruxure are trademarks owned by Schneider Electric Industries SAS or its affiliated companies. All other trademarks are property of their respective owners. APC Middle East, PO Box - 53852, Dubai, United Arab Emirates, • 998-3861_GB

analysis | month in view way to > Half the cloud In a series of three roundtables conducted by CNME and Citrix across the UAE, Qatar and Kuwait, Dave Reeder and Sathya Mithra Ashok find that end-users may look at virtualisation and its benefits differently, but face the same challenges when it comes to implementation and usage. Virtualisation has long moved

from being just a technology that is spoken about, to being one that is actively being implemented across enterprises. The stage of implementation projects might vary, and enterprises might start at different points in time, but it is true to say that most enterprises in the region are currently involved in some aspect of consoldation and virtulisation. During a series of three roundtables conducted last month by CPI and Citrix, end-users gathered at Qatar, Kuwait and Abu Dhabi to discuss the challenges that they were facing with implementing and managing virtualisation solutions – and it was uncanny the way they were different and alike all at the same time.

Alex Filocca, regional marketing manager at Citrix



“Virtualisation at every point – from the server to the desktop – holds a lot of benefits – no doubt. While server virtualisation has been proven and is increasingly adopted, the value of desktop virtualisation is yet to be clearly established for organisations here,” stated Rajan A D, IT infrastructure manager at Ali Bin Ali Group. Most end-users who had gathered at the Qatar roundtable stated that while they had started the journey to virtualisation with the server end, they were keen on looking at the advantages that desktop virtualisation could bring to the table. They had two key concerns though – licensing and connectivity. “Licensing in a desktop virtualisation environment can be a difficult process. Therefore, vendors like Microsoft should work to make this bit more affordable and effective for not just large enterprises but even small businesses, so we can adopt it faster and with less investment,” stated V V Prasad, acting IT manager at Midmac Contracting. “Connectivity and network issues are my major concern with desktop virtualisation. We have a branch outside Doha where we have to do with limited connectivity provided by WiMAX. Our students also work extensively with AutoCAD solutions and because of that I am worried about my network quality and costs if I have to turn my current workstations into thin clients for VDI,” stated Saeed Assadi, IT manager at Qatar Aeronautical College. Alex Filocca, regional marketing manager at Citrix stated, “The cost of maintaining hundreds of desktop systems is no longer viable. Increasingly, we’ll all be delivering IT as open-demand services. The shift to server virtualisation was step one, now we’re moving on to other areas such as desktop virtualisation and network virtualisation. That’s really exciting with, for example, appliances becoming virtual appliances.” However, despite his optimism, the discussion at the Kuwait roundtable also suggested that the transition might not be universal.

may 2011

Aaron White, regional director, Middle East and Africa at Citrix

“Here we have a problem with the infrastructure,” explains Abdulnaser Al-Turkait, IT Department Manager of Salhia, a real estate group. “Many of us are still using DSL, so data transfer is expensive. To move down the virtualisation route, we need to be abvle to rely on the network.” Although a fibre roll-out is underway in the country, priority is being given to government departments. According to Amr Moussa, IT Manager of manufacturing company the SGI Group, “Internet speed is very limiting for us here as well as costly. Yes, we see clouding [cloud computing] as the future but at the moment it doesn’t help us. Only government can afford the sophistication of cable. The challenge I’m facing is this: connectivity to the data amd internet cost are expensive centre is hard, bandwidth is a problem so how do we cope as the business expands?” At the Abu Dhabi chapter of the roundtable, the concerns exhibited by the end-users remained very similar. Osama Abushaban, head of ICT at the United Al Saqer Group, who was part of the discussion in the UAE stated, “The service providers or enablers here are not truly enablers. They restrict our scope by not providing proper service level agreements (SLAs) for the quality of

service and the strength of the network. Without SLAs, and without a regulatory framework, it is difficult to plan for growth and almost impossible to move to the next stage.” Abdulla Al Dhaheri, IT manager at Dewan Al Ain said, “We have had a virtualised environment for over two years now and we are seriously considering the next stage in the evolution. This will include desktop virtualisation and also the cloud. There are a lot of issues related to cloud and cloud provision. Key among these are security and the quality of the service provision. With the current state of service provision in the UAE, it is very difficult to consider the public cloud seriously. Bigger organisations, and ones that consider data critically (like us), will choose the private cloud so that we have better control over our data and how it gets delivered.” Despite all these challenges that seem to unite the end-users across the three countries, all of them were sure that with the potential advantages that desktop virtualisation offered - especially in the light of a cloud ecosystem that can support it – they would be avidly looking into it in the future. It’s a trend that Citrix is riding. Aaron White, regional director for the Middle East and Africa at Citrix stated, “Citrix has grown from an apps-delivery solution

Abdulla Al Dhaheri, IT manager at Dewan Al Ain

“Connectivity and network issues are my major concern with desktop virtualisation. We have a branch outside Doha where we have to do with limited connectivity provided by WiMAX. Our students also work extensively with AutoCAD solutions and I am worried about my network quality and costs if I have to turn my current workstations into thin clients for VDI.” provider to one that provides end-to-end virtualisation solutions for end-users. This makes us a viable choice right from the server down to the desktop.” Filocca is also very bullish about the new Citrix Receiver – a lightweight software client that enables application and desktop virtualisation on any device. “What that means, for example, is that we could roll out Windows 7 across both PCs and devices – access Windows 7 apps, on an iPad even! Because virtualisation uses server power not PC or device power, you can even run Windows 7 on what traditionally would have earlier been thought of as an extremely low-powered machine.” At present, Citrix is developing a solution that will allow senior executives at Emirates to access their normal IT services on iPads, using Citrix Receiver to create a tunnel to the service. “I think what we’ll see developing,” explains Filocca,” is a trio of access platforms: a smart phone as a notification device that alerts you, a tablet that provides ubiquitous viewing of information and a laptop as your powerful work engine.” White assures that Citrix also has the right initiatives, partners and methods to support the training requirements of enterprises in the region, and takes the consultative approach to address their needs on a continuous basis. Filocca believes desktop virtualisation will be a key trend across the region, for large enterprises. “The thing is, we have

may 2011

Osama Abushaban, head of ICT at the United Al Saqer Group

to reach someone at the right point in the refresh cycle for desktops. Our key competitor is the staus quo strategy that replaces machines every three years and upgrading OSs and apps on an individual machine basis. We think there’s a better way and that the argument is unstoppable.”

More at com rnewsme.




analysis | month in view talk > CIOs management At the recent IBM Maximo Middle East User Group conference, end-users got together to discuss the perils and pitfalls of effective IT decentralisation and management. Pallavi Sharma reports. In an increasingly complex and

interconnected world, the challenge for many organisations is to track, manage and maintain their assets -labour, equipment or other services. “In today’s world, buildings, public infrastructure and industrial facilities are increasingly complex and require the right management systems to maximise business processes and strategies put in place for smoother operations,” said Gaby Matar, group managing partner for eSolutions when addressing an audience of over 400 top ranking officials representing various industries from across the GCC gathered at the IBM Maximo Middle East User Group conference 2011. “This conference focuses on solutions that help organisations enhance visibility, control and automation of their business and IT assets, allowing them to make smarter decisions leading to cost savings, efficiency, better work force management and added benefits for our environment,” added Matar. The conference in its sixth consecutive run was a platform for end users of IBM’s Maximo Tivoli Asset Management where they discussed everything from the roadmap to Maximo 7.5, asset management strategies to Maximo’s role in the enterprise architecture of smart utilities and best practices in integrating asset management across a multitude of industries. “Enterprises in the Middle East have increasingly sophisticated demands for integrating and analysing asset related information. We are here with customer



case studies on how these demands can be met and how the application of Maximo Asset Management across radically different industries has maximised business processes and strategies,” he said. Users pointed out that growth and development in the GCC has lead to a greater understanding at the grass root level of the need to put in place a structure based on standardised practices to maximise asset tracking and management, this also includes the need to establish accountability for under utilisation of resources and assets, as Vishal Shah, strategic portfolio analyst at Ford Motor, said “Organisations need to establish benchmarking techniques that track and facilitate maintenance processes across assets, inventory and other resources and the changing organisational environment demands a paradigm shift from reactive maintenance processes to proactive , preventive forms of maintaining assets and inventory.” Mustafa Aziz, senior application specialist at Abu Dhabi Water & Electricity Authority (ADWEA) agreed “Business processes for utilities provision and asset management are closely aligned with IT strategy; we at ADWEA call this ‘power IT’. IT is not a support function but a backbone of strategic decision making and IT personnel are more skilled and hence more adept at making intelligent estimates, these estimates are the basis for independent decision makers across all levels of an organisation.” According to the users, IT within organisations is now placed on a strategic

may 2011

and planning level and has become the basis for operations. Addressing the issue of aggressive user resistance to implementing solutions with a steep learning curve, users felt that a decentralised decision making process on a user friendly platform with defined and standardised concepts will encourage employees to get actively involved in learning and implementing these solutions. In an environment where organisations require effective degrees of mobility, users feel that some degree of f lexibility must be allowed those working in the field. Omar Rawshdeh, senior IT manager at Etisalat, said, “As a customer driven organisation looking to maximise the value a customer receives from our services, our technicians who largely operate in the field must be given the freedom to access, manage and edit inventories, asset locations, availability and barcodes, even their work orders and tasks when faced with an emergency scenario. Maximo is integrated within our Computer Maintenance Management System to allow our technicians to use their PDAs in the field to operate efficiently at the same time, track and record any changes made.” The conference was hosted by eSolutions- provider of IBM Maximo in the Middle East, “Ready or not, all types of assets are getting smarter and we are on the cusp of a new era in our industry. Maximo is at the heart of “Smart” and is upto the challenge,” said Bashar Kilani , IBM territory manager, ME region.

analysis | month in view the > Securing virtualisation journey

At two separate roundtables, conducted by CNME and Trend Micro, end-users from the oil and gas industry, and government entities got together to discuss the best ways to ensure security in a virtualised environment. Last month, CNME and leading security vendor Trend Micro brought together CIOs and IT managers across two verticals – oil and gas, and government – to discuss best practices, the pitfalls of virtualisation and how they could better secure their journey to virtualisation itself. “We started virtualising early and have almost 80% of our servers virtualised right now. We are currently using a managed security solution for this virtualised environment. However, we are always interested in understanding what else the market has to offer in terms of virtualised security solutions,” said Ayman Al-Issa, information security section lead at the Abu Dhabi Marine Operating Company (ADMA).

Ayman Al-Issa, information security section lead at the Abu Dhabi Marine Operating Company (ADMA)



Peter Craig, EMEA product manager for Trend Micro

Being one of the more mature users with virtualisation at the oil and gas roundtable, Al-Issa gave valuable inputs to the other IT managers on how they could plan, design, choose, implement and manage the right security solution in their virtualised environments. Al-Issa also pointed out that when implementing new technologies like virtualisation, and especially when it comes to security within that implementation, it is essential for every IT decision maker to do research. “CIOs and IT managers must do their homework when it comes to virtualisation and security. Solutions might have high performance metrics and they might work great in certain environments, but if you haven't done your homework and you don't understand how it might fit in your organisation, then you haven't done your project justice,” he stated. “We are currently looking at virtualisation and trying to understand how it can be implemented to help us function better in our organisation. We are trying to work out security issues from day one, and not just look at it as an addition, to ensure that our environment starts out secure and remains secure,” said Manoj Stanley, IT administrator at Bin Hamoodah’s GASOS. Oil and gas IT decision makers also

may 2011

encouraged security vendors like Trend Micro to look into areas of industrial security, specifically touching upon areas that cover data collection, transportation and analysis from oil rigs, and produce more focused and specialised solutions addressing the specific needs. End-users gathered at the government roundtable echoed their peers in the oil and gas roundtable, and even entered into a heated debate on whether virtualisation and cloud computing can be counted as new technologies and if they could prove beneficial for every organisation. “Virtualisation can potentially offer benefits. However, I believe an organisation has to reach a certain level of maturity in order to consider the technology set. For instance, if an organisation’s current infrastructure is giving it regular RoI, and it has a problem with getting increased capex budgets or trained manpower to handle virtualisation, then it should probably not invest in the technology just yet,” stated Ramdas Sunkari, head of IT at UAE’s Ministry of Higher Education and Scientific Research. “We are currently planning a massive infrastructure project for Khalifa Port and this will involve virtualisation. Being a Greenfield project, we are planning and designing now to get every aspect of it right and to ensure that we get RoI on

Taha Al Hasmi, IT manager at Abu Dhabi Terminals

Ramdas Sunkari, head of IT at UAE’s Ministry of Higher Education and Scientific Research

our investments the right way,” stated Taha Al Hasmi, IT manager at Abu Dhabi Terminals. While all of them agreed that virtualisation can prove beneficial to their organisations in the long run, they yet remained concerned about the on-the-ground challenges they were facing, especially with regards to training. The end-users stated that due to internal policies and guidelines they were curtailed from taking training initiatives as and when required, and believed that this could be junior issue when they embarked on a virtualisation journey.

Manoj Stanley, IT administrator at Bin Hamoodah’s GASOS

Peter Craig, EMEA product manager for Trend Micro stated that IT managers should look at virtualisation in a stepby-step fashion. “Organisations should move non-critical apps to a virtualised environment first, and then the more mission-critical ones. This will give them adequate time to build-up skills in existing IT personnel. This might prove to be a pragmatic approach and will lead to better benefits,” he stated. Craig also spoke at length about Trend Micro’s virtualisation security product – Deep Security – and how it can help endusers in the UAE handle their virtualised environment and ensure that all of their virtual machines (VMs) operate securely and at optimal performance levels.

and it was a part of the plans for the product roadmap. At the end of the roundtables, CIOs from both oil and gas, and government entities requested vendors providing virtualisation and security solutions to work on increased integration, and offer more solutions that are easily interoperable with each other. They also expressed interest in better, cost-effective training and people development offerings that could be tailored to fit their needs. “Vendors should also be ready to offer consultation and even perform proof-of-concepts – free of cost if possible – such that users in the region can understand the potential benefits

“CIOs and IT managers have to do their homework when it comes to virtualisation and security. Solutions might have high performance metrics, and they might work great in certain environments, but if you have not done your homework and you do not understand how it might fit in your organisation, then you have not done your project justice.” “The solution is tightly integrated and specially designed for VMWare ESX/ ESXi environments and it addresses both active and dormant VMs. Deep Security combines intrusion detection and prevention, firewall, integrity monitoring, log inspection, and agentless anti-malware capabilities to helps prevent data breaches and ensure business continuity. This dynamic, centrally managed solution also supports compliance with important standards and regulations such as PCI, FISMA, and HIPAA,” said Craig. Craig also said that Trend Micro is looking at increased integration with Microsoft’s Hyper-V also going forward,

may 2011

easily and better. This will not only help us approach our management with benefits in a more effective fashion, but also ensure that we have the right budgets in place to ensure that we invest right, for the most effective virtualised environment,” concluded Sunkari.

More at com rnewsme.




round-up | month in view Showtime > Orbit consolidates

five million viewers in homes across the region, whilst the network upgrade will also support OSN’s drive for greater security and protection against piracy. This network consolidation project supports the huge initiative OSN undertook in December 2010 to roll out a new platform with secure access and new state-of-the-art series of satellite receivers, including the OSN SHOWBOX HD, in every subscriber’s home.

Bas Wijne, CIO at OSN, said: ”We sometimes need to add a new channel for our subscribers in as little as 48 hours so we needed a technology partner who could offer reliable network coverage, technical excellence and support services through a single point of contact. That partner also needed to be able to match the fast moving pace of our environment, so it was important for them to understand our business and the way we sell and service our customers. The stability of the network is paramount because we have over five million viewers who need to be able to watch and pay for programmes on demand, and in addition get any technical support they might need, so it is a critical area of our operations.” Lionel Reina, VP EEMEA for Orange Business Services, speaking about the agreement, commented: “Orange Business Services is delighted to be working with the Middle East region’s leading broadcast entertainment company.”

used to conducting their lives via these devices. But another critical reason is that if managed correctly, mobility can be a real market accelerator for many businessesgiving them a solid, sustainable advantage over competition,” said Zakaraya Alashek, business development manager for mobility solutions at Etisalat. “Mobility has clearly emerged as a business transformation tool and Etisalat is all set to be at the driving seat to deliver value to customers with its range of innovative services, “said Abdulla Hashim, senior VP, business solutions at Etisalat Alashek elaborated on how best enterprise mobility solutions may be implemented and used to provide long term tangible benefits to further boost government operations. “Etisalat is engaged in helping organisations leverage productivity gains across teams and operations with a variety of mobile data solutions and industry specific innovative applications, such as the ones for the iphone made for the Ministry of Health (MOH) and Dubai Airport Free Zone Authority (DAFZA).”

The forum also addressed the hype and general apprehension surrounding cloud computing, “Using applications, services and computing power delivered over the internet has become affordable. The barrier to adoption lies in understanding the benefits of how the system can streamline operations,” said Hashim. Ramesh Krishna Bhandari, business development manager, cloud solutions at Etisalat, pointed out that organisations deciding on moving to the cloud should first define their objective to do the same. “The best way to set a standard is to compare what benefits the organisation more- investing in the cloud or managing said tasks internally?.” According to him organisations, when moving to the cloud should use the phased approach based on criticality of functions and in depth analysis, “What organisations need to understand is that the cloud is not an all in –all out programme, you can chose to move applications to the cloud based on their criticality to business operations and data sensitivity,” he concluded.

network with Orange

Orange Business Services, the B2B arm of France Telecom, has signed a three-year agreement with OSN – Orbit Showtime Network – the Middle East’s premium broadcast entertainment company – to provide IT and telecoms network services to the company, across the Middle East. Under the agreement, OSN will use the Orange Business Services private network to optimise and customise delivery of broadcast services, migrating from multiple legacy networks. Orange will provide analytical and consultancy services and then migrate the OSN networks to a single private network. The new network will ensure greater reliability and quality of the delivery of pay-to-view broadcast services to around

promotes > Etisalat mobility and cloud for better government

The Etisalat ICT Forum- Government 2011, focused on mobility and cloud computing as key developments in information technology that could better serve government agencies across all fields of operation. According to the speakers, the current environment marked by increased volumes of data and the extensive use of a number of mobile devices in organisations necessitates the need for organisations to leverage these trends to drive business objectives. Speakers pointed out that in a diverse environment, the ability to access information at faster speeds from anywhere, anytime, and on any device can be a critical competitive differentiator for any organisation. “The reason behind mobility being the one line item in IT budget that has held steady over the last three years is that increasing ubiquity of mobile devices in daily life; employees are simply more



may 2011

round up | month in view Reyami chooses > Al Fortinet for better

network access to the staff travelling to various locations via a strong VPN and secured IP connections. At last, a system of authentication-based access using preshared key for guests and remote users was also on the list. Al Reyami’s previous network security setup, combining a mix of SonicWall, WatchGuard and Juniper Network’s solutions, was presenting some limitations: there was no compatibility with ADSL connections; bandwidth was limited to up to 128 mbps, and the cost of maintenance of the IT infrastructure was too high.

Fortinet’s FortiGate multi-threat network security appliances were selected because of their high performance capabilities, such as centralised analysis and reporting services, and the availability of key security features such as IPS, Web filtering, traffic and bandwidth control. “The Fortinet solution was selected because it was cost effective in terms of initial installation and maintenance. Also, the Fortinet solution was the most robust and dynamic,” said Haroon Sheikh, assistant manager for information technology at Al Reyami Group. With the deployment of a mix of FortiGate devices across its network, Al Reyami can now provide secure and reliable network and Internet access to all its employees. “Al Reyami benefits from consistent and broad security across its network, from the main corporate entities to the branch offices. With our appliances, Al Reyami has been able to take advantage of an effective, consolidated, cost and space saving network security solution,” commented Bashar Bashaireh, regional director MEA at Fortinet.

bringing about improvements in the service provided to users.” Blowers warned IT teams not to delay their adoption of social media, saying that more employees today are seeing it as a “must-have”. “Delaying an organisation’s participation in incorporating social media IT service management related functions could be a big mistake,” he said. “As IT service desks increasingly move up the agenda in terms of importance for organisations, integration of social media will be seen by employees as a must-have, and a lack of availability could generate inefficiencies, such as workarounds, creating compliance issues.” Bower took the argument for social media a step further, saying that IT managers should implement Twitter for customer support.

“Organisations should be taking steps such as integrating IT service management with Twitter feeds,” he said. “This allows business users to turn a tweet into a customer support ticket known as a ‘twicket’. When responding, the service desk agent can respond quickly to the Twitter account or privately using the Twitter Message facility.” In a report also released recently by Ovum, Mobile social networking: services and monetisation, the analyst group said that while location based check-in services like Foursquare and Facebook Places are attractive to marketers, they have the potential to become all hype. “To date, the combination of advertising and technology has worked well with these mobile services, but expect to see consolidation in the near future”, said principal analyst at Ovum, Eden Zoller.

network security

Al Reyami Group, a Dubai-based group

doing business in a variety of sectors from urban development to leisure in UAE, India and China, has implemented Fortinet’s FortiGate integrated network security appliances to secure its network and ensure safe site-to-site connectivity between the various offices and corporate entities across the UAE.A total of 24 Fortinet devices were deployed across 18 locations in the region. Al Reyami has grown from a single office organisation to 30 companies spread over Dubai, Abu Dhabi, Sharjah, Ras Al Khaimah, India and China, doing business in a variety of sectors including construction, engineering, interiors, technologies, media, travel & tourism, shipping & logistics, leasing & servicing. In this context, it became essential for the IT department at Al Reyami Group to provide seamless site-tosite connectivity between the group’s various offices across the UAE. Another priority was to provide secure and reliable

media > Social essential to IT service management: Ovum

CIOs must start thinking about integrating about social media into their service desks as the technology becomes ubiquitous in everyday life, according to analyst firm, Ovum. In the report, the applicability of social media for IT service management, analyst and author, Mark Blowers, said employee demand for social media has driven an increase in its use at the service management level. “IT users are increasingly expect similar levels of interaction in their corporate lives to the way they interact when conducting online life as private consumers,” Blowers said. “Social media tools can work well in IT service management, especially in



may 2011

Why is CommVault positioned as a leader in the 2011 “Magic Quadrant for Enterprise Disk-Based Backup /Recovery” Report?* The 13,500 customers worldwide who trust us to solve their data management challenges could answer this question for you 13,500 different ways. But if you don’t have time to poll them, get the full Gartner report and more at Or, to set up a personal conversation about how we can help you, call our middle east office in Dubai at +971 4 3753491. Backup & Recovery > Archive > VM Protection > Deduplication > Snapshot Management > eDiscovery

1207 Al Thuraya Tower 2 PO Box 502224 Dubai UAE Headquarters: 2 Crescent Place Oceanport, NJ 07757 Regional Offices: Europe Middle East & Africa Asia-Pacific Latin America & Caribbean Canada India Oceania n









©1999-2011 CommVault Systems, Inc. All rights reserved. CommVault, the “CV” logo, Solving Forward, and Simpana are trademarks or registered trademarks of CommVault Systems, Inc. All other third party brands, products, service names, trademarks, or registered service marks are the property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice. *TheMagicQuadrantiscopyrighted2011byGartner,Inc.andisreusedwithpermission.TheMagicQuadrantisagraphicalrepresentationofamarketplaceatandforaspecifictimeperiod.It depictsGartner’sanalysisofhowcertainvendorsmeasureagainstcriteriaforthatmarketplace,asdefinedbyGartner.Gartnerdoesnotendorseanyvendor,productorservicedepictedinthe MagicQuadrant,anddoesnotadvisetechnologyuserstoselectonlythosevendorsplacedinthe“Leaders”quadrant.TheMagicQuadrantisintendedsolelyasaresearchtool,andisnotmeant tobeaspecificguidetoaction.Gartnerdisclaimsallwarranties,expressorimplied,withrespecttothisresearch,includinganywarrantiesofmerchantabilityorfitnessforaparticularpurpose.

round up | month in view wins > BridgeHead London Clinic contract

BridgeHead Software has won

a contract to provide data back up and protection solutions to support The London Clinic, the UK-based independently owned non-profit hospital, transition to a brand new, interoperable IT infrastructure. This is the first step to The London Clinic’s new IT infrastructure and aims to improve data availability and speed up disaster recovery times The London Clinic has invested in BridgeHead MediStore, and BridgeHead Integrated Disaster Recovery (BridgeHead IDR), to support its existing investment in BridgeHead Integrated Serverless Backup (ISB). BH MediStore provides a central archive that will free up storage resources and improve the availability of patient data, while BridgeHead ISB/IDR will drastically shorten backup windows, risk and improve recovery times. Mike Roberts, IT director at The London Clinic said: BridgeHead

advises CIOs > Gartner to keep an eye on risk and cost when cloud sourcing

The $820 billion IT services market is changing quickly and dramatically, as cloud computing and offshoring become mainstream, and CIOs should take steps to manage inherent risks and unexpected costs during the cloud services revolution, according to Gartner. During the next few years, market dynamics will determine whether cloudenabled outsourcing will be the demise of traditional outsourcing, if it will lead to the convergence of services and products currently marketed "as a service," or if it will result in next-generation outsourcing. "Cloud service sourcing is immature and fraught with potential hazards. The



Software’s suite of products provides a comprehensive platform for clinical and administrative data and storage management. They already underpin our HIS in relation to backup and DR – but their offering is so much more. The London Clinic plans to use BH MediStore to archive, then manage and protect, up to 15TB of scanned data from its earlier version of the Meditech HIS. This historical data will be stored on more cost effective media than the expensive SAN device where it currently resides, hence freeing up resources for the hosting of current patient information and reducing the primary backup stream. As data is written into the BH MediStore archive, it is indexed, making it easier for The London Clinic to ensure clinical staff can search for and access patient records when and where they are needed. Files can also be de-duped and compressed. Furthermore, as the data is written into the archive, multiple copies of the data are automatically generated that can be geo-dispersed, thereby enhancing The London Clinic’s overall protection and further enabling its disaster recovery strategy.

Tony Tomkys, director of sales, EMEA, BridgeHead Software, said: “What The London Clinic is doing with data is what BridgeHead suggests all hospitals do: remove static data from the primary backup stream and put it into a safer, more cost-effective storage environment where it can be accessed by clinicians and hospital staff when and where needed, BridgeHead plays its role by ensuring patient records across all systems are quickly and easily accessible, and that point-in-time replicas of patient data are intelligently distributed, to the appropriate secondary storage (e.g. tape, disk, Cloud, even VTL), as well as geodispersed for disaster recovery.”

hype around cloud computing services has increased interest, as well as caution, for CIOs trying to determine where, when and if cloud services can provide valuable outcomes for their businesses," said Frank Ridder, VP at Gartner. "Cloud computing is driving discontinuity that introduces exciting opportunities and costly challenges. Organisations need to understand these changes and develop realistic cloud sourcing strategies and contracts that can reduce risk." According to Ridder, in the new cloud scenario, organisations will find design principles based on flexibility and innovation in place of traditional rigidity and change resistant processes of years past. In his opinion, ensuring the organisation understands both the short and long term implications of cloud services on the demand as well as the supply side as well

as on the sourcing life cycle itself, will help them avoid potential pitfalls and hidden costs of cloud services. l pitfalls and hidden costs of cloud sourcing. "The life cycle is a critical area to plan and manage, regardless of whether organisations source their IT services through internal or external resources. Our forecasts indicate that organisations spend 53%of their IT services budget on external services, and that spending is growing 3.9%per year, while new categories of services are experiencing double-digit growth," he said. "Organisations can use Gartner's extensive analysis of changes in delivery, pricing, investment and cost to more effectively develop their cloud sourcing strategies, negotiate their cloud services contracts and manage the performance of their providers", concluded Ridder.

may 2011

CASE study: Jumeirah Group

owning the cloud

The Jumeirah Group has built a private cloud, within a hybrid environment, to connect disparate offices and improve efficiency.

Saeed Al Dashti, CIO, Jumeirah Group



may 2011

Home grown hospitality giant

the Jumeirah Group has always been on the forefront of technology adoption in the region. The group prides itself on adopting state-of-the-art innovations, integrating it into its functions and seeing benefits from it much before anyone else in the region is even considering the same. “We are lucky to operate in a region that is at the edge of technology in our industry. Where we are different is that our home base is Dubai while many of the other hotel groups have their head offices in Asia, Europe or the United States. For us technology is a major priority, and plays an important role in delivering on our stated brand promise and personalised service. We leverage existing technology and we do a lot of innovation in room technology and guest service offerings,” says Saeed Al Dashti, the new CIO at Jumeirah. Dashti considers himself lucky to be leading the IT initiatives at the hospitality group, since technology is closely linked to business initiatives in the organisation. “Jumeirah Group views IT as a key business driver and enabler of its projected global growth. The CIO has a seat on the company’s management committee and at the moment more than half of the projects on the company’s balance score card are IT initiatives. Since the introduction of new technology or IT projects require a structured change management approach, my key role has been to be an active change agent in the enterprise,” says Dashti. Every year the group invests its significant IT budgets in either new projects or upgrading old ones, and 2010 was no different. “We invest equally in our global infrastructure and the enterprise applications it supports as both are critical to our operations and future growth. In 2010 we put a brand new central data centre to support the projected expansion and we worked on a number of CRM and ERP related application projects. Besides,

IT plays such an important role in the overall business strategy and it is the glue that sticks things together, so in order to bring true convergence of technology and service we have invested in key centralised services such as reservations, online booking, yield management and call centre technologies. And now we have property specific initiatives that will deliver local knowledge and enable concierge and guest service functions,” says Dashti. The organisation also completed a private cloud project to provide services across multiple branches. “The main reason for our private cloud is the ability it provides to deploy our systems rapidly and around the world. We try to minimise the footprint of systems on property in order to make it as cost effective as possible to run a hotel. We want our colleagues in properties to focus on the excellent guest service that we are known for, not on our managing systems. Besides, our industry has a lot of computing workload requirements at specific times. For example, a month-end process requires a workload, which is heavier than other times. So to cater for such spikes in demand, our own private cloud allows us to provision the necessary computing power and tear it down once the job is done. This is what many service providers call elastic computing. In terms of technology used we tend to use best of breed technologies but primarily operate a Microsoft stack in our data centres.” Dashti continues, “One of the key drivers for the cloud was the need to consolidate servers, storage and data centre infrastructure and bring about cost savings and efficiencies in power and cooling. Another objective was also to be able to have a computing resource available on demand. The format we used ahead of consolidation and deploying virtualised environments was deploying individual physical servers, distributed storage layer etc. We had

may 2011

a higher footprint in the number of servers, storage, data centres etc.” The decision to build private cloud was taken last year when the group was investing in a new central data centre. The IT team looked at the investment involved in building a data centre and found it was't cost effective. Considering the options, Jumeirah decided to partner with a co-location service provider to host its infrastructure. “We had a perfect opportunity to leverage latest technologies in data centre design and computing density. Most of the implementation was done internally by IT team members while some components were procured from vendors along with implementation services. We follow a mature project management process for all IT projects and that was the process followed on this and all other IT programs,” says Dashti. Despite the best practices that Jumeirah follows for all projects, and did for the private cloud as well, it faced certain crucial challenges. “Some of the challenges and issues that came up were related to change management. The processes that are followed to manage and operate traditional data centres is quite different when most technologies are virtualised. Upgrading the skill set and changing the operational processes we faced were some of the other challenges in the initial stages. However, as part of the process we had enough time within the project to incorporate all these changes before it turned into issues,” says Dashti. He continues, “From an applications stand point we had to identify applications that could be hosted and supported on our private cloud. We also share in place a management layer, which is an important piece of the private cloud to properly manage, maintain and support the environment.”

Networking masters The cloud provides a hybrid environment for the Jumeirah Group. Some public cloud services are obtained from providers in the form of Infrastructure-as-a-Service (IaaS) and



CASE study: Jumeirah Group

Platform-as-a-Service (PaaS), while some line of business applications are offered in the form of Software-as-aService (SaaS). The private cloud covers most of the apps and services for internal users and customers, and the Jumeirah Group will continue to expand the capability of its cloud. According to the firm, the cloud project and its future is also linked strongly to its global MPLS network, which it has been talking about for a couple of years now. “We have done extensive work in upgrading our wide area network here in the UAE and migrated all legacy circuits such as ATM, E1s etc to an MPLS ring and some of the sites are lit using our own fibre optic cables. Currently we are working with global service providers to upgrade our international network from an Internet based IPsec VPN to a managed private MPLS network. This is progressing quite well and we intend to complete this before the summer of this year,” says Dashti. According to him, the planned MPLS network will be the primary transport vehicle that carries business critical applications from the various data centres to the group's global sites and end users. These two sets of infrastructure complement each other and for the firm this from the foundation that will support future growth.

Just the starting point For the hospitality giant, the network and the cloud is no stopping point. In fact, the firm is working on IT to constantly improve it and make it increasingly relevant to the business that it supports. “2011 is another exciting year for us. We plan to open eight properties in six different countries, including China and Germany. Each opening is a project on its own. We will continue our infrastructure improvement initiatives and enterprise application projects, and we will add two exciting customer facing technologies this year as well,” says Dashti.



“One exciting project we are working on at the moment is deploying public telepresence rooms in our business hotels. This advanced video conferencing technology will allow our guests to meet even if they are not in the same place. These telepresence rooms will also connect to other managed telepresence room providers around the world making it easy for our guests to find a telepresence room where we currently don’t have a hotel operation,” he continues. Dashti adds, “Also a strategic Jumeirah IT goal has been to continue the personalised customer service to guests electronically, whether through television channels, mood settings conveyed through lighting or the ability to control the climate in the room. Expanding on this we are working on a new guest technology platform that will allow guests to access the hotel services through a multitude of devices including iPads, iPhones, BlackBerrys and other personal devices. These systems will allow us to deliver seamless services to our guests based on their preferences.” Being a global company that is home grown comes with its own pros and cons for the hospitality giant. “We have over 100 nationalities working for us in Dubai and that means we have local knowledge about many

may 2011

places around the world. Our biggest expansion is in the Middle East and Asia, and having our systems close helps us to roll it out quicker. Likewise, being a global brand means that the IT team is under immense pressure to keep any new technology simple and easy to understand because customers come from different backgrounds and have different language sets, so we try to keep things intuitive. As part of our IT strategy we focus standardising core IT infrastructure and systems, which helps us deliver consistent services in different parts of the world,” explains Dashti. He adds, “The downside of being a home grown brand that has global operations is the cost of telecommunications. Currently the cost of connectivity is quite high, especially in comparison to other regions where our competitors are based out of. We are actively engaging and working with local service providers to improve in this area. We participate in the customer advisory board of the local telecom operator.” Jumeirah Group, and its IT team, continue to face their challenges head on, and prove that when a team works seamlessly, and you have management support, there is not much they cannot do to overcome the obstacles that they face in organisational growth.

Dear Delegates, Clever Data Center Management is acutely important for the roaring Success of your Business. Give your Business the dynamic brains to prosper endlessly.

Rely on HP Education to help you optimize your Data Center while accelerating growth and controlling risks. Our specialized Data Center courses give attendees the expert knowledge in authenticating offers provided by vendors for Precision, Effectiveness, and Efficiency.

UNDERSTAND: • How to assist, perform and monitor an IT risk assessment and analysis. • How to select and negotiate with vendors. • How to support in building the business continuity & availability plan. • Know�how of Cost Containment.

OBTAIN: • • • •

Comprehensive student material through state�of�art classroom Advice & Guidance from one of the industry’s leading experts Training from the experienced best�in�the�field HP Instructors CDCP, CDCS and CDCE ® Certifications

Join us in Dubai or Cairo. HP Education promises to hone your Data Center Management and Expertise to Perfection.

COURSE DATES: Dubai CDCP 5�6th June; CDCS 7�9th June; CDCE 12�16th June Egypt CDCP 3�4th July; CDCS 5�7th July; CDCE 24�28th July


Original Price




$2,100 $3,500

$4,500 only for all (3) three courses {36%* Special discount}

*Approximately **Package price not valid on individual courses

For more information, please visit:

Package Price** $900 $1,350 $2,250

feature: cloud

Into the vortex Everyone says the cloud is the future. Not without the proper service level agreements (SLAs) – contracts that specify quality of service and the compensation that customers can get when problems occurs, writes Sathya Mithra Ashok.

We have heard a lot about

cloud technology in the last year. The way it can transform IT, the innumerable benefits that it can bring to the table and how it is the inevitable future for every enterprise. What we have not heard about much is why most enterprises still shy away from the cloud – especially in its more public form. “Very broadly, what’s holding them back are concerns about security, control and interoperability. Many of them are concerned about the journey to the cloud being a one-way street – being locked into a specific API or platform



or not being able to bring the service back into the data centre,” says Deepak Narain, systems engineers manager for the MENA region at VMWare. Sachin Bhardwaj, head of business development at eHosting DataFort (eHDF) points out, “Organisations such as the government and financial sector organisations are wary about sharing confidential information in the cloud and want to stay in full control of their data as they have various regulatory requirements. They prefer having their data in-house or at a third party data centre located within the same country where they have easy accessibility to

may 2011

their data. There are also apprehensions that cloud models could potentially make it difficult to switch vendors or move into or out of a cloud computing model.” Rudolf Sarah, regional cloud director EEMEA for Orange Business Services (OBS) agrees, “In the Middle East especially, a final potential barrier is the regulatory implications of the cloud –which can be complex to navigate for customers. In terms of specific services, the adoption of cloud varies from one area to another. The everyday vanilla IT services such as e-mail, data backup are moving to the cloud more rapidly

Sachin Bhardwaj, head of business development at eHosting DataFort (eHDF)

and easily because customers understand them and these are not mission critical services and the fear factor is low. So, a customer will compare the costs of the cloud offer to the internal service which he knows and understands. Adoption is quick and growing fast and this frees up IT teams to focus on more critical applications. But when the discussion moves to those mission critical applications, in relation to the cloud, the nature of the discussion changes and it generally takes a longer time for customers to assess and define a correct migration path to the new technology.” Adds George DeBono, GM for the Middle East and Africa at Red Hat, “There are issues with a number of laws which make public cloud computing impossible or that raise questions that

have not yet been answered from a legal perspective. These may include requirements on storing whole data in the country. There is a lack of open standards around some aspects of cloud computing; many vendors come with their own solutions often based on proprietary standards and software stacks. This gives cloud software/service vendors more instruments to further strengthen vendor lock-in, making it pretty impossible for customers to move away from the cloud service or software vendors in the region.” DeBono continues, “Most vendors today position cloud computing as a revolutionary approach which assumes that most existing applications cannot be used in a cloud and need to be rewritten from scratch, often using proprietary frameworks unique to the particular vendor of cloud services or software.” Yes, the challenges that are connected to the cloud are several, and most of them remain unsolved to date. Keeping the domain of the public cloud in mind, there are a few issues that plague Middle East enterprises more than others, and key among these is the one concerning SLAs (service level agreements).

Getting it on paper SLAs are tricky territory for most of the Middle East, even in countries that are as technologically advanced as the UAE and KSA. There are some service providers who provide them and some who don’t. Orange’s Sarah states, “OBS uses the same global SLA internationally. All services include a standard SLA and

“In the Middle East especially, a final potential barrier is the regulatory implications of the cloud –which can be complex to navigate for customers. In terms of specific services, the adoption of cloud varies from one area to another.” may 2011

Cloud challenges The major challenges facing cloud computing adoption in the Middle East are as follows: 1. Storage 2. Privacy 3. Compliance 4. Regulation 5. Legacy Hardware (on the customer’s enterprise that makes it difficult to extend to the cloud) 6. Open vs Closed Standards in cloud computing 7. Availability of services (related to the SLA questions above) 8. Bandwidth 9. Sustainability (very important barrier for new entrants and small players. What if they go out of business?) 10. Business practices (For example: the role of IT department in an enterprise given a cloud infrastructure.) As stated by Ahmad Al Khallafi, enterprise sales director for commercial at du.

offers several premium SLA options to customers. SLAs can be tailor-made to meet the special needs of organisations, such as a bank moving to the private cloud. The company’s consultative approach is also applied to the development of the SLA and generally helps to strike a balance between the demands of the customer - and the real needs of the business – and the service promise and commitment. Once the SLA is agreed upon, OBS tracks and reviews performance against the SLA and recommends any additional adjustments. This SLA will clearly identify the service promise, the mutual obligations and our responsibility and the customer, and any penalty that may apply if terms are not met.” Another global provider, Oracle also states that it provides a policy with the same terms and conditions that apply all over the world.



feature: cloud

Deepak Narain, systems engineers manager for the MENA region at VMWare

“SLAs for cloud platform hosted by Oracle are mainly measured by availability and uptime. This requires Oracle to deploy a complex high availability and disaster recovery solution that ensures increasing mean time between failures and decreasing mean time to repair, to the extent that Oracle can provide availability SLAs varying from 99% up to 99.999%, based on the customer business requirements,” says Abdul Rahman Al Thehaiban, VP, Oracle Middle East and Africa.

Rahman adds, “By practise we found out that the most challenging issue about cloud SLAs is agreeing on SLA terms and conditions. This is because of two problems, first because customers initially targets very high SLAs like 99.9999% which implies high cost while their business requirements don’t mandate such complexity, so we try to help customers determine the best SLA level that matches their business requirements. Second, because of the different objectives that customers use as a basis for assessment of cloud SLAs Oracle is trying to standardise SLAs based on uptime and availability objective as highlighted earlier.” Regional provider eHDF also prides itself on providing SLAs. Bhardwaj states, “The formation of a Service Level Agreement (SLA) starts from gaining an understanding of the customer’s IT and business requirement. This is done through gathering relevant information related to service level requirements. The SLA defines and guarantees the quality of service delivered to a customer and also defines the responsibilities of both parties. It not only describes the level of service expected by the customer but also lays out the metrics by which that service is measured, outlining the remedies or penalties if service level targets are breached.”

“SLAs for cloud platforms hosted by Oracle are mainly measured by availability and uptime. This requires Oracle to deploy a complex high availability and disaster recovery solution that ensures increasing mean time between failures and decreasing mean time to repair, to the extent that Oracle can provide availability SLAs varying from 99% up to 99.999% based on the customer’s business requirements.”



may 2011

Rudolf Sarah, regional cloud director EEMEA for Orange Business Services (OBS)

According to Guru Prasad, GM for strategic alliances and channel development at FVC (a company that represents the cloud services of Google, Barracuda and NCircle) says, “SLAs offered to our customers are in-line with global standards and do not vary in this region. In fact there is more personalised services offered in the region compared to Europe or Americas as customers are slower to adopt cloud in the region and hence need the added support to get them to believe in the cloud. While there is a standard adopted where SLAs are concerned, in certain cases a customised version to suit their requirement is added on to the standard ones'. For example many of the customers in the region prefer on-site support to remote support this is added as a special addition.” “Because cloud models are still at embryonic stages, people don’t know what they don’t know, and it is a learning exercise for all: providers, builders, and consumers of the cloud alike. What is clear however, is the need for agility. There are opposing forces at each end: Standardisation and consistency of SLAs on one end, and the ability to offer f lexible SLAs on the other. Cloud providers need to be able to move from mass production into mass

Saudi System Integrator

alfanar IT E-Business

Enterprise Resource Planning

Unified Communications

P.O. Box 220436 Riyadh 11311 Tel: +966 920006111 Ext. 7105 Fax: +966 1 2933313

feature: cloud

customisation! That is the ability to customise en mass with similar speed and cost model to mass production,” says Ammar Halabi, regional manager, data centre and virtualisation at Cisco. However, as most CIOs and decision makers have stated in recent roundtables conducted by CNME through April this year, the allimportant ISPs in the region refuse to give SLAs for assuring quality of service. This remains one of the biggest impediments to public cloud adoption and, without laws to regulate this soon, will continue to be one going forward.

This is mine Closely linked to the provision of SLAs, and one which remains doubtful for most end-users, is the ownership of the data that resides in the cloud. Says Aaron White, regional director for the Middle East Africa at Citrix, “It is paramount that the company retains ownership of its data, and is assured of its security, whether in a public, private or hybrid cloud environment. It is in the public cloud that issues of physical location of data storage, with differing local laws on ownership, come into play. It is vital in these instances that companies investigate and ensure the same safeguards, controls and agreements that would be implemented

Ammar Halabi, regional manager, data centre and virtualisation at Cisco



Aaron White, regional director for the Middle East Africa at Citrix

in a private network to ensure their data remains their own.” Adds FVC’s Prasad, “Data ownership belongs to the customer who creates and manages the content. Data ownership or transfer never changes hands unless otherwise requested by the respective governments in the interest of national security which has been the concern of most customers. Data can be exported off the service whenever customers want to migrate off the cloud.” Sarah states, “OBS works predominantly with MNCs and data ownership always resides with the customer. Reversibility and transferability of data is always applied to these relationships and a customer can request a back-up of data hosted by Orange at any time.” “Housing dedicated ICT resources within a company’s own data centre creates a perception of control. When ICT applications and resources move into a cloud environment, the perceived risks increase — in part because the IT staff can no longer see and touch the physical components providing the solutions. This concern is more than perceptual; it is real because network links have been introduced into the process that did not exist in the previous architecture. Extra security is required

may 2011

to protect the customer’s data hosted in the vendor’s data centre. The ownership of the customer’s data lies with the customer himself and this should be clearly indicated in the contracts between the customer and the provider,” states Ahmad Al Khallafi, enterprise sales director, commercial at du. Herein though, lies the trouble. When there is no SLA or contract to refer to on downtime and data ownership or transferability, and no proper regulations on how such issues can be addressed and redressed, most Middle East enterprises are left unprotected when they move their data to the cloud. This remains the predominant reason why most regional organisations are choosing to set up their own private

Ahmad Al Khallafi, enterprise sales director for commercial at du

clouds – which is just one step further from a virtualised environment – rather than move data extensively to a service provider, whether local or international. Unless proper SLAs are defined, and service providers in the region become more conducive to implementing them, the future of the cloud in the Middle East might remain a private/hybrid model, rather than a public one – at least for the immediate future.

feature: working the web

Caught in the Web With increased use of the Internet, organisations worldover have realised the infinite benefits and challenges associated with using this channel. The Middle East particularly, is experiencing an explosive growth in e-commerce and e-banking services. Pallavi Sharma goes behind the scenes to understand what drives the Web culture and how best it can be improved. Thomas Friedman wrote in his

2005 best-seller The World is Flat, that the latest world revolution is found in the fact that the power of the Internet makes it possible for individuals to collaborate and compete globally and according to reports by Royal Pingdom, a company founded by Sam Nurmi of Loopia, that focuses on covering the uptime monitoring needs of 90% of the companies in the world, it looks like Friedman was right. The company reported a 14% increase in the number of Internet users and a 7% increase in domain names since 2009. In addition new accounts at social media sites like Facebook and Twitter stood at an astounding 350 million, while the number of new e-mail users stood at 480 million and Web sites numbered 255 million as of December, 2010. Organisations in the Middle East have been quick on the uptake in their efforts when leveraging the Internet as a marketing and public relations tool and in recent years have been engaging clientele



online via their own Web sites as well as emerging social networking sites like Facebook and Twitter. “E-commerce and online brand interaction is growing in the Middle East, particularly in the finance, travel and e-retail segments where, business leaders understand that effective human interaction with a Web site or product is a critical commercial success factor, given the region's diverse nationalities, languages and technical skills,” says Chris Rourke, managing director at User Vision, an independent global crossplatform user experience consultancy that recently announced the opening of a branch in Dubai.

Getting it right With the explosive growth in Web applications organisations are working towards ensuring that the right elements are put into place for the effective functioning of a Web application. This begins with the initial development process, and the first step towards a

may 2011

strong Web application is establishing front end operations such as presentation, design and branding. “We strongly believe it’s about experience which starts with digital branding and a functional front end that delivers a unique and value added service for the end user. Once we have evaluated the information that goes into the Web site and established the information architecture, it is a matter of designing the application in a way to ensure that this information is conveyed in the right form, to the right person, at the right time,” says Alexander Rauser, CEO of Prototype Interactive, a Dubai based digital agency. Although an intuitive front end is essential, a well-functioning Web application requires equally efficient back end structures to ensure optimum functionality. These include security solutions, qualified support teams that are available 24 X 7 to support predefined standard of workf low in addition to CRM systems, integration of these

Pressed for choice - Outsourcing Web app management SMEs that are looking for ways to expand, cut down on cost, or looking for a start-up that needs more exposure or that want Web presence, are increasingly looking towards outsourcing. Traditional business theories aside, outsourcing maintenance of Web activities gives IT teams the time to focus on back end development and running daily operations in an organisation. At times organisations find themselves hard pressed to integrate business processes with Web site marketing and management, this may be due to the lack of technical know-how which impairs the organisations ability to increase the ROI. In these cases, the best way forward is to hire a Web outsourcing company. Some of the benefits of outsourcing the maintenance of Web applications are: • These companies are normally

more conscious of the prevalent quality standards followed in the SEO development process. • The Web or software outsourcing companies use the latest SEO technology and tools to stay ahead of their competitors. This benefits the clients as they get the opportunity to embrace the new technology and enhance their business practices. • Outsourcing companies are most often proficient in custom application development, as clients need innovative Web design and marketing solutions successfully to run their business. • Clients do not have to worry about the maintenance of the site as it is taken care of, saving both time and money. • Clients can normally access the service provider round-the-clock reducing the down time and ensuring that business system is up and running at all times.

may 2011

systems with customer support portals, lead generation tools and many others. “The main objective of a Webbased presence for most organisations is to avail service and customer reach 24 X 7, all through the year in the most efficient manner. In addition to this a Web programme has to be faster than conventional delivery channels at customer service points. This can only be guaranteed via a very strong technical infrastructure, including high end servers with excellent processing power, high capacity storage, high speed networks and end-to-end professional design for the data centre including back up and disaster recovery. Business continuity planning is also a key necessity in ensuring a successful Internet presence,” explains Tarek Khalifa, area manager for the Gulf Region at ITS. It is also equally important to establish a ready level of integration between different business units and associated IT applications to ensure that the end user can achieve his objective or complete his transaction. Rauser explains, “More integration means more cost effective results. If your Web application seamlessly integrates into your existing technology infrastructure and workf lows it means less manual work, faster response times and theoretically less error prone systems.” Most importantly, organisations need to realise that managing a Web application must be a continuous process that pervades all business functions as Web applications can be marred by both Internet speeds and inaccurate usage. Stringent management is also necessary for organisations to make sure that their Web apps meet the service levels their customers come to expect. “In dynamic and competitive environments such as e-commerce and product design, it is absolutely critical that usability is constantly monitored, reviewed and updated to ensure the customer experience is not diminished,” adds Rourke. Rob Lamb, VP-security solutions sales at IBM recommends that organisations regularly engage in collecting feedback



feature: working the web

from their customers about their online activities, “IBM organises user conferences over regular intervals to share best practices as well as collectively address challenges that users may have faced,” says Lamb.

Obstacle course The extensive use of the Internet for brand interactions and client relations across various industries shows that regional players are more than ready to leverage the Internet channel to achieve business objectives, given the right tools. Following in the footsteps of Emirates, Dubizzle, Dubai Electricity and Water Authority (DEWA), Sharjah Electricity and Water Authority (SEWA), Emirates NBD, International Turnkey Systems (ITS) global delivery centre, organisations are beginning to realise that challenges to developing an effective Web application are abundant and need to be addressed when establishing an IT infrastructure to incorporate Web operations. “It is often the case that organisations jump ahead of themselves when trying to implement latest technologies without realising their actual systems are in poor condition. You see large telcos riding the social media train without having a decent trouble ticket system in place, you find mobile payment systems implemented that provide no information on how to use them. It’s time for a proper clean out to make work systems that are ready to go,” says Rauser. In the Middle East, where personal relationships are valued and customers largely prefer business liaising on a faceto-face basis one of the major challenges

Alexander Rauser, CEO of Prototype Interactive

that organisations face is user resistance. As Khalifa explains, “A lot of users are apprehensive of the Web service concept, this may be because either they are not familiar with the Internet technology or in some cases they have had a bad

“In dynamic and competitive environments such as e-commerce and product design, it is absolutely critical that usability is constantly monitored, reviewed and updated to ensure the customer experience is not diminished.”



may 2011

experience with a Web services. In the case of banks and financial institutions, retail customers still prefer core banking because they are still uncomfortable with the concept of online banking and e-payment routines.” With increased cyber attacks using specialised banking trojans that are commercially available for as little as $500 and are often tailored for hacking strategically targeted online accounts, users are alert and more apprehensive about conducting financial transactions online. In such a case, it is essential that banks and financial institutions put the right security strategies and measures in place to assure their customers that their financial data and credentials are secure. Another challenge in the region is the

CLOUD CONGRESS 2011 Charting Technology Future 5th – 7th June 2011 The Westin Hotel, Dubai, UAE General enquiries Sathya Mithra Ashok Senior Editor, CNME Email: Tel: +971 4 4409111

Sponsorship enquiries Arun Shankar Sales Manager, CNME Email: Mob: +971 50 1413662

Richard Judd Commercial Director Email: Mob: +971 55 7721519

feature: working the web

exceeding costs involved in setting up Web applications as compared to costs associated with telecom infrastructure abroad. “Internet payment gateways and other telecom costs are astronomically expensive compared to other regions. Luckily, there are workarounds that enable many entrepreneurs to start their own regional online business, which is great for the ecosystem. However, bandwidth and lower Internet costs will make the environment more conducive to Web applications,” adds Rauser. “Internet speeds and quality of the service are very important factors for the users of a Web based customer interaction and management programs. If they are unhappy with the uptime and quality, users will resist the applications and almost always never use it again. Therefore, governments must ensure that Internet Service Providers (ISPs) relay better services,” says Khalifa.

Picture perfect Providers of Web services feel that governments need to set up regulations to help secure and protect Web operations at collaborative regional levels, to better the existing ecosystem and encourage users to interact with their vendors online. Web service providers on their end need to focus on the digital marketing concept and not confuse this with social media. Rauser feels that larger organisations in the region are missing the opportunity to set up integrated systems while SMEs lack the resources to maintain effective solutions. “In both cases, organisations as well as consultants need to be more result

Tarek Khalifa, area manager for the Gulf Region at ITS

driven when implementing solutions, he says. They need to create engagement strategies where both, marketing and customer relations work hand in hand.”

“More integration means more cost effective results. If your Web application seamlessly integrates into your existing IT infrastructure and workflows it means less manual work, faster response times and theoretically less error prone systems.”



may 2011

The nature of technology is such that challenges bring with them opportunities for developing innovative solutions and create room for growth in the existing ecosystem. Web consultancies and providers are working on developing new software solutions that address the dynamic nature of changing technology. Interaction over the Internet is still a maturing trend in this region, the convenience and benefits of this channel of communication cannot be ignored and given the right incentives more customers and organisations will begin using Web services. To quote Tim Berners Lee, end users and providers together must “lead the Web to its full potential”.

Wednesday, June 27th, Dubai, UAE

vertical focus: Banking and financial institutions

Making it Count Post global recession, the banking and finance sector in the region is investing in technology solutions to manage data flows, encourage mobility and guarantee data security in a bid to regain customer confidence and capitalise on their investments in the sector. Pallavi Sharma reports on changing trends and finds out what role IT plays in keeping this industry going. After growing by an estimated

4.8% in 2010, the GCC economies are expected to see real GDP grow by 6% this year, according to the Samba Financial Group. The report noted that despite the state of uncertainty in 2011, the outlook for the GCC economies remains favourable. According to the study, “Strong oil prices will sustain robust public spending and buoy confidence, while an easing of bank

balance sheet strains, particularly in Saudi Arabia and Qatar, is expected to lead to a faster recycling of the region’s large oil surpluses.” A more recent financial report by the Dubai Chamber Economist published in March this year, points out that the stabilisation of indices of both Dubai Financial Market and Abu Dhabi Securities Exchange suggests that the challenges facing the financial services

“The challenge there exists not only in convincing higher management of the benefits of these expensive solutions, but also in choosing the right vendor from an already select group of vendors in the region, with prices that do not exceed corporate budgets, capabilities to provide necessary services across critical operations and appropriate levels of after sales support.”



may 2011

sector are now over and the sector is now ready to make a remarkable recovery. The industry is now witnessing a massive shift in focus to retain their existing base of customers while proactively managing risk. As CEOs continue to invest in initiatives to improve existent cost structures and implement better revenue drivers for their organisations, they become more prone to IT involvement in the strategic decision making process when doing so. This is not to say that CIOs no longer have to extensively convince higher management when seeking budget approvals for IT investments. At the same time CIOs today, find themselves in a position of some power. “IT is no longer considered just a support function or cost

centre. As higher management become pro technology, they are concerned about core IT concerns and requirements. Today, IT is considered an integral part of strategic decision making and discussions about how best to execute those strategies,” says Vinay Gupta, senior manager IT at InvestBank. “As organisations look to retain their existing client base while simultaneously attracting new business prospects they invest in business intelligence tools to understand the right channels to approach customers. Growing customer centricity places IT at the forefront as a tool to manage communication channels with the customer and to strategically analyse other investments the firm may be making,” agrees Yasar Yilmaz, Banking

Industry Principal for SAP MENA. Yilmaz claims that this paradigm shift is due to a number of factors, the first of which is that the banking and finance industry (BFSI) in this region is working towards rebuilding and fostering an environment to regain the customer’s confidence, knowing that clients are equally sensitive to the environment surrounding the bank, as they are to the service levels the bank provides them. He says, “The financial sector is 3D focused with a keen eye on their customers who they want to retain, competitors who they want to gain a considerable advantage over and finally, regulatory bodies, who control fiscal and monetary policies that affect both the internal and external environment

may 2011

of the organisation. This requires heavy investments in business intelligence solutions such as ERP and CRM, which IT decision makers implement and manage for optimum results” Secondly, according to him, the increasing importance placed on security and a simultaneous increase in the volumes of data has resulted in firms investing in business analytics to generate accurate reports for analysis and decision making. This has also contributed to a change in the role that IT plays in the banking and finance sector.

Regional mechanics Yilmaz also points out, “Rapid globalisation has resulted in two key developments in the region. We have



vertical focus: Banking and financial institutions

witnessed in the last few years many a local bank expand its operations across regional borders. At the same time we have also seen some consolidation in large banks in the UAE such as Emirates Bank and The National Bank of Dubai (NBD). In order to ensure that expansion and consolidation are effective, organisations have heavily invested in platforms that enable integration of data and IT systems across business units, again IT decision makers, with their skills and expertise are the ones who select the right systems based on infrastructure requirements and finally ensure that these solutions are implemented across all business units.” According to a number of CIOs at banks and financial institutions in the region, IT requirements within the industry are most often traditional centred on revenue, cost and security. Says Gupta, “IT solutions required for the BFSI sector are largely standard across the globe and due to the internet revolution and growth in technology, the physical location of a solutions provider no longer makes much of a difference because if they’re not operating within the region they have channel partners operating in the region” However, while the rest of the globe has already seen major adoption of e-banking services, the Middle East BFSI

sector remains in its infancy in this arena. As per senior decision makers, there are two major reasons for this. The first is that users in the Middle East prefer personal relationships and therefore are more comfortable when dealing with bank personnel on a face to face basis. The second is that some users due to security reasons, or in other cases due to seeming complexity of web sites and on-line transactions, prefer the security and convenience of branch banking as opposed to undertaking financial transactions online. However, with the growth of social media and popularity of the internet almost all BFSI organisations in the region have Web sites. These may be managed internally or in some cases outsourced. IT professionals within the sector are also responsible for the effective management of these web based applications even when they are outsourced, so as to ensure that customer requirements when going to their website are met. Says Gupta, “Although we have hosted our Web servers, we monitor these internally. We regularly collect feedback from customers as well as branches to find out what needs to be improved.” Even when these applications are outsourced IT has to put in place tools and measures to monitor the service levels provided to the users of these sites to ensure that the outsourced company is doing its job.

Digital investments

Yasar Yilmaz, Banking Industry Principle, SAP MENA



With the recent ICT developments, IT departments within the BFSI sector find themselves at cross roads between implementing and ignoring the latest solutions. “The challenge exists not only in convincing higher management of the benefits of these expensive solutions but also in choosing the right vendor from an already select group of vendors in the region, with prices that do not exceed corporate budgets, capabilities to provide necessary services across critical operations and appropriate levels of after sales support,” explains TN Sekhar, CEO, National Bank of Fujairah (NBF).

may 2011

Vinay Gupta, senior manager, information technology, Invest Bank

IT professionals in the BFSI sector largely agree on the fact that although cost is a deciding factor, it is more important to differentiate between vendors based on infrastructure requirements. “Each vendor claims his solution is the best and promises continuous support. Organisations need to understand that once they have defined the need to implement a fairly new technology, they must make sure that the right vendor is the one who has the capabilities to provide comprehensive end-to-end solutions that fit into the existing infrastructure and integrate existing applications on the new platform,” explains Yilmaz. “We have just successfully completed a virtualisation project across 60-65% of our systems. The need for virtualisation was to ensure optimum use of IT assets and make technology management easy. In addition to which, virtualisation has helped us move towards building an efficient yet eco friendly data centre. When choosing the right vendor, we looked at who was in the best position to provide us the fastest implementation and would be more likely provide us better after sales support at the best possible price,” says Gupta.

‫مؤتمر ومعرض قطر لإلتصاالت‬ ‫وتكـــــنولوجــيا المعــــلومـــات‬

Pear l



S n so po

sor on




tinum Spons

o r



w ww .qi tc

ld Sponsors ial Bank

Innovate. Connect. Transform.

Organizing partner:

You could be the next Arabic Digital Content Innovator… Join the largest ICT gathering in Doha, Qatar at QITCOM 2011 from the 24th till the 26th of May, 2011 at the Doha Exhibition Center. Listen to the likes of Guy Kawasaki, Paul Chang, Phil Jenkins and many more. Discover new products, services and solutions from the ICT World’s top recognized brands.


Official Partners:

Media Partners:

chnolog y


reneursh rep ip rtne


r rtne

Digita lE

n Te tio

s In es


P r tne ar

nment P ar ver t






cA gi

In n o

e ervic Partne

r ne



lege Part C ol ne




cial Hote l

er rtn Pa


Stra te

Digital Media Partner


Supporting Publication


Radio Broadcasting Partner

Wir el

c Offi

e Spon s s or

onz Br

vertical focus: Banking and financial institutions

When asked about why the BFSI sector is not as keen as other sectors on cloud computing, CIOs point out that the lack of regulations surrounding the provision SLAs and the lack of robust data centres in the Middle East are contributing factors. Sam Alkharrat, MD, SAP MENA region points out, “The lack of efficient data centres in the region raises security concerns, and organisations in the BFSI sector, who are focused on rebuilding customer confidence so as to encourage both their retail and corporate customers to trust them with their financial information and investment portfolios, are not likely to feel confident about service provision from these data centres.” Bharat Raigangar, president –ISACA UAE chapter agrees, “Cloud computing in this region is still a maturing trend, after the security breach at RSA security is a massive concern and organisations in this sector need to define standard SLAs to ensure that both their customer and the organisation’s own data and financial information is secure” “Another challenge that CIOs face when investing in new technology solutions is the high telecom costs. Service providers in the region need to work on providing organisations in the region competitive telecom costs to boost implementation of these technologies, while regulatory authorities must put in place governing laws regulating the provision of SLAs in the region. This is

a standard requirement for any service to be adapted, how else would a user trust a vendor to provide promised levels of service,” he adds. CIOs also feel that the region lacks awareness about technology developments, despite recent conferences by a variety of vendors, educating users about cloud computing and

“For expansion and consolidation to be effective organisations have heavily invested in platforms that enable integration of data and IT systems across all units. Again IT decision makers, with their skills and expertise are the ones who select systems based on infrastructure requirements and finally ensure that these solutions are implemented across all business units.”



may 2011

virtualisation, these have taken a long time coming. “With cloud and virtualisation being recent developments in ICT, organisations need to be educated in both short and long term benefits of these technologies, so that higher management understand the ROI on such investments and is pro IT implementing new solutions. Conferences that bring together users of these technologies with organisation that are still considering them, will put in place a basic blueprint for efficient adoption of these technologies and this is just what some organisations need,” says Gupta. Despite these challenges, the BFSI institutions in the region continue to be optimistic about the months aheadn with technology developments enabling better management of data and real time communication channels with customers and with increase in foreign investments to the Emirates interbank offered rate (Eibor) falling to 3% indicating a healthy market sentiment, the stage for recovery is set.

Under the patronage of H.E. Sultan Bin Saeed Al Mansoori, UAE Minister of Economy

The Middle East’s Leading Enterprise Communications Exhibition & Conference

16 - 18 May 2011 Abu Dhabi National Exhibition Centre

Featuring Delivering Enterprise Decision makers:

• • • •

Government • Oil & Gas • Public Sector Healthcare • Banking & Finance Construction • Retail • Manufacturing Hospitality & more...

For sponsorship and space booking, contact the MECOM team on +971 4 3365161 or Platinum Sponsor

Silver Sponsors

Strategic Media Partners

Gold Sponsors

Associate Sponsors

Media Partners

Online Media Partners

Industry Partner

Diamond Media Partner

Online Knowledge Partner

Publishing Partner

Endorsed by

Research Partner

Organised by

Gold Media Sponsors

q&a with Ernesto Baca

An EPIC story Recently declared the global leader for emergency telecoms, the World Food Programme (WFP), takes its responsibility seriously. CNME spoke to Ernesto Baca, CIO and director IT and management services division, WFP on the dynamic role IT plays in disaster relief and the future of technology in humanitarian agencies. Q: Tell us about WFP and its role in disaster relief. A: We are the largest humanitarian agency in the UN system dealing with food delivery. The UN devised clusters so as to avoid duplication of efforts and enable better coordination between various agencies in the field, of these clusters we manage the food security, logistics and emergency telecommunications clusters. We have about 4000 employees around the world, a massive logistics army and an extensive deployment of ICT resources around the Globe. Our resources and teams spread across 400 countries are ready to respond to emergencies to support beneficiaries in affected areas on behalf of WFP and other agencies.

Q: How does the role of IT in an emergency differ from that in a regular organisation?

A: Yes it is a unique situation. Firstly, we deal with extremely tough conditions where most often human lives face constant threat, we require special people with specialised equipment and solutions. Secondly, we are must assume that in an emergency even basic IT infrastructure has collapsed and so have to ship equipment along with people qualified to set up an IT infrastructure.

Q: What is your average reaction time to respond to an emergency? A: We try to be at the site of emergency immediately, not only because we want to, but also because we need to be the first on the ground to ensure effective management of the clusters we lead. After the earthquake in Haiti for instance, we were successful in setting up

Consisting of 22 engineers in addition to support staff, the members of this team are trained and equipped to be anywhere in the world within 48 hours of an emergency, after mobilising resources, manpower, arranging visas etc. FITTEST is critical to our role in relief efforts.

within 48 hours and in just over a week we were almost fully operational. However, we also have to go through international procedures to arrange visas for workers and import permits for the equipment that affects our reaction time especially in the case of countries that are restrictive.

Q: How do you go about building the IT infrastructure from the ground up? A: First, we provide our teams with basic telecommunications equipment like walkie- talkies, PDAs and radios (VHF or HF) and the radio room acts as the central coordination centre. We then locate electric grids and connect necessary cabling and switches to power all the equipment, we are then equipped to set up Wi-Fi and sometimes Wi-Max solutions to illuminate the event area. Finally, we connect all the equipment and set up a telephony network linked via a V-Sat connection. We make sure all the equipment is integrated and tested for functionality before it is shipped to ensure rapid deployment this site.

Q: How do you set up a Wi-Max or V-Sat connection in regions where the infrastructure is lacking or where like you said, it has collapsed? A: There are different waves of deployment. In the first, keeping in



may 2011

mind weight and space limitations for shipments, we put together the equipment required to set up a basic communications infrastructure, onto a container. After this has been done, we bring in all the heavier equipment and Wi-Max and GSM technology depending on the nature of the disaster and how quickly the network may be restored.

Q: Do you work with vendors to develop specialised solutions? A: We work very close to several vendors and open our doors to any vendor wanting to collaborate and provide better solutions. We’ve made considerable progress on our projects because of the help from vendors who have made it possible to integrate no less than 100 software and hardware components with PDAs manufactured by different vendors.

Q: Can you give us a brief on the FITTEST team in the UAE? A: We have a group in Dubai called FITTEST headed by John Luca. Consisting of 22 engineers in addition to support staff, the members of this team are trained and equipped to be anywhere in the world within 48hours of an emergency, after mobilising resources and manpower, arranging visas etc. FITTEST is critical to our role in relief efforts.

Q: Why did you choose Dubai to host FITTEST? A: Following the Kosovo crisis in 1995, we felt the need to set up a base to spear head humanitarian operations in regions surrounding the Asia pacific and Africa. We then moved to Islamabad which was at the time, a better regional hub, but after events dictated by 9/11, that was no longer a feasible location. So, in 2003 we decided to relocate to Dubai, because it is central to the African and Asian hubs. The government here has also provided us with the necessary logistics and it is a much safer location for operations. Ernesto Baca, CIO and director IT and management services division, World Food Programme

may 2011

Q: Tell us about Emergency Preparedness Integration Centre or EPIC as you call it internally.



q&a with Ernesto Baca

A: Several organisations together constitute the UN and you may find at least 17-18 different agencies working on the same emergency site, with their own resources, IT solutions and equipment leading to a duplication of efforts. We then set up another initiative called ONE UN IT, which aimed at combining resources from different agencies, integrating them on a single platform and maximising efforts. The genesis of EPIC was when we saw civilians in Haiti amputate a 9 year old boy’s arm because rescue workers could not locate doctors for a specialised surgery to recover the boy’s arm. They later discovered that less than 300 meters away there were a group of doctors with all the necessary equipment. EPIC is based on the ONE UN IT initiative but aims at enabling better communication between workers on the ground and the support staff who are away from the site. We use Wi-Max to illuminate the area, establish a small data centre with all the servers and maintain international connectivity via fibre optics and coordinate the efforts of all the agencies on the ground. This creates economies of scale and makes us more efficient at supporting the infrastructure. It is a win -win situation because we develop specialised solutions in conjunction with vendors to suit diverse regional terrains and also helps smaller agencies with limited resources.

Q: When and where were the pilot studies undertaken? A: Started 3 years ago; EPIC was piloted in occupied Palestinian territories and Dubai. A third pilot is to take place in

IT on the move WFP’s fly away kit is a set of equipment, pre-installed and ready to be shipped to the emergency site so that when it is powered and connected to a few more cables, it may be used to provide faster internet access for humanitarian workers, they can then access emails and databases. The kit contains a satellite modem, a switch, IP PBX because all voice communications are based on voice IP s and other emergency telecom equipment like VHF radios. Right now 95% of WFPs emergency telecom technology is based on analog technology; they are slowly adopting more digital VHF technology which makes it possible to access radios from the telephony network. The new technology also allows users to send messages in email formats to radios and also enables push to talk from the PDAs, making communication between radios and PDAs a reality. As long as there is coverage the GPS technology

Pakistan later this year. On Dec 15 2010, WFP was nominated a global cluster leader for emergency telecom, so we are going to use that responsibility to manage and align all the other agencies towards adopting a common set of solutions.

It is a win -win situation because we develop specialised solutions in conjunction with vendors to suit diverse regional terrains and also helps smaller agencies with limited resources.



may 2011

provides geo location of users and enables better communication via SMS or a call. The team is also working on putting all this technology with location maps in a sort of portal to further aid the workers. The map, inserted as a frame on the portal allows users to see collaboration tools, share files and access online real-time chat , where users may create real-time events , for instance, specify the location of a road block, plug it on the map and ask people to re route. This portal will be made available to WFP members, their partners, other NGOs and agencies that have donated to create this integrated system, which means they can see their own people in addition to the working members of other agencies in real time. Currently the team is in the phase of gathering components and other resources. The very basic scheme and portal is expected to be ready in the near future.

Q: What’s next, in terms of R&D and IT, at WFP? A: We want to Build IT solutions for the front line; and move from basic telecom solutions to vertical integrated solutions that can be adopted by everybody, this is a never ending road that we are only starting now and the imagination is the limit of what can be done. We have already achieved a unified communications platform at headquarters and are working on rolling this out across all our sites internationally so that we may have chat, have a video conference or share docs thru a central safe repository. This is the main drive for IT inside WFP.


Adding a new dimension to enterprise security CPI’s much awaited premier security event – Security Strategist 2011, held on 20th April in Dubai with aeCERT and supported by industry leaders including Injazat Data Systems, RSA, Oracle and Knowledge Partners ISACA, BCS and ITSMF brought together over 150 top decision makers and minds in the field of information security in its second edition from across UAE and GCC. The event was inaugurated by H.E Mohamed Nasser Al Ghanim Director General – Telecommunications Regulatory Authority.


n today’s environment where information travels faster than the speed of light, the approach to stand-alone security approach is fast changing to accommodate trust and collaboration amongst many stakeholders. The premise of ’isolation for security’ is fast changing giving way collaboration for security. Our endeavor with Security Strategist 2011 was to harness this power of collaboration by bring together multiple stakeholders on a single platform to discuss the key security challenges faced by their organisation and assist them in tackling the same in the most efficient manner, ” said Kavitha Rajasekar, Director CIO Programmes at CPI IT.

As a curtain raiser to the event, CPI also surveyed over 185 IT decision makers on their security investment roadmap for 2011. As per the survey results, 53% of the respondents said that their main challenge was building a security strategy that connects people, process and technology; while 47% said measuring ROI on security investments was their challenge. Interestingly, the survey also looked at IT spending on security and found that 88% clearly stated that they have a roadmap for investing in 2011, while only 12% said they had cut back on spending. 59% of those surveyed said their spending would be directed towards Business Continuity, while 41% said it would go towards Managed Security Services.

HE Mohamed Nasser Al Ghanim Director General – Telecommunications Regulatory Authority

Dr Eesa Mohammed Bastaki, CEO, ICT Fund

Tariq Abdulghaffar Mohammad Al Hawi, Director, aeCERT

Mostafa Mazen, Senior Sales Consultant, Oracle Middle East

Arun George, Senior Solutions Architect, HP TippingPoint

Panel discussion: Defining the priorities that optimize your organization’s CyberSecurity

Ahmed Abdella, Regional Manager for Turkey, Emerging Africa and the Middle East , RSA, The Security Division of EMC

“Security has always been a key challenge for organisation no matter their size. However, by collaborating with CIOs and IT decision makers in the region we hope to create a pertinent learning platform where new technologies, solutions and innovative approaches towards security are brought to the fore. The security survey was conducted as a preliminary exercise to understand core issues of the CIOs today, and to customise the Security Strategist 2011 event around these issues to make it most relevant for them, Rajasekhar added. The event not only brought together over 25 speakers and panelists to participate but also recognised key security projects from the region with the Security Strategist 2011 Editor’s Choice Awards. Five key organizations – RTA, Dubai, eGovernment Authority Bahrain, Emirates Group and Jumeirah Group were recognised with this award. Some of the key sessions educated and involved attendees in looking at key areas in the field of information security including building safe cyber strategies, curbing insider threat, emerging technologies and security implications, risk management and information security management.

As a run-up to the Security Strategist 2011, CPI surveyed 185 IT security decision makers from across the region to understand their key issues and challenges. 53% of the respondents said that their main challenge was building a security strategy that connects people, process and technology; while 47% said measuring ROI on security investments was their challenge. Interestingly, the survey also looked at IT spending on security and found that 88% respondents have a roadmap for investing in 2011, while only 12% said they had cut back on spending. 59% respondents were keen to spend towards Business Continuity, while 41% said they would spend on Managed Security Services.

In your opinion, what are the main challenges facing Information Security managers today?

Which technology areas are you expecting to invest in?

Are you looking to continue investing in security in 2011?

may 2011



Kamran Ahsan, Head of Information Security, Injazat Data Systems

Category: Information Security Frameworks Road and Transport Authority Receiver: Abdulla Madani, CEO, Corporate Technology Support Services, Roads & Transport Authority (RTA) RTA had to move at a very fast pace over the past 6 years to meet the tight deadlines associated with complex infrastructure projects leveraging cutting edge technology solutions. Due to slow down in the wake of recent economic downturn, RTA identified many new initiatives related to internal controls, process improvements, benchmarking with standards and best practices. ITD achieved ISO 20000 and ISO 27001 certifications in 2009 and 2010 respectively. RTA sectors and agencies also received ISO 9001:2008 certification. The executive management in RTA also initiated the Enterprise Application Governance project in order to study and assess the existing critical business applications and formulate a framework for better application governance, strengthen information security / financial controls and achieve compliance with ITD’s Enterprise Architecture. Having formulated the Application Governance Framework in 2010, RTA has initiated the AGF Program implementation during 201112. The business benefits of Application Governance Framework project were as follows: - Reduce and mitigate risks due to financial impact - Reduce Operational inefficiencies - Increase compliance to Regulatory / Legal Requirements - Safeguard RTA reputation, brand and

aeCERT team

public image - Increase Customer Satisfaction In addition to the above business benefits, Enterprise Governance of IT is being recognized and discussed at the Board level in RTA.

Category: Data Security Strategy Dubai Aluminium Company Limited Receiver: Ahmad M. Almulla, Vice President, IT, Dubal The data security and disaster recovery project at Dubal was aimed at implementing a secure and scalable storage architecture for “storage on demand” to manage data availability. Enhancing Security and DR through Storage Consolidation, the project delivered the following benefits: • Improved the security and scalability of storage • Prioritised and classified data store based on criticality • Defined criticality of data stored by implementing storage workload classification • Increased reliability, integrity and availability of data stored and reduce failure and time for backup and restoration • Reduced the risk of Datacentres residing within the same building by offsite storage of production backups • Unified backup data management improving operational efficiency • Enabled auditory compliances for storage of backups to data retention policy • Decreased the backup window time

and cater for the data growth Enabled the set up of a CAS (Archival Storage) System meeting international archival regulatory compliance mandates

Category: Industry and Collaboration for Security Winner: Emirates Group Receiver: Guruswamy Periyasamy, Manager IT Security & Specialist Services, Emirates Group IT At the beginning of the last fiscal year, Emirates Group IT Security set itself the challenging target to change this perception. Setting the key goal for themselves to ‘Enable the business through integrated & coordinated IT Security ecosystem’, the team defined a comprehensive program focusing on people, process and technology to implement simple, meaningful and effective security while improving user experience and enabling the business. With a small team size and lot of work on it plate, an additional, yet very key, objective of the program was to get voluntary participation from staff from other areas with security interest and aptitude. The program, successful in meeting its objectives, has helped to bring about key improvement in the security state and importance. Some of the benefits achieved are: • For the first time, IT Security engaged 3 of the Group’s big departments individually to deliver custom-tailored awareness program based on their risk profile and needs. • Emirates Group is a major constituent of aeCERT, the UAE Computer Emergency Response Team. Emirates

(L to R) RTA, Jumeirah Group, Emirates Group, Bahrain eGov, Dubal

took this strategic partnership a step further by completely integrating aeCERT in its awareness program. • Helped the project teams to build more secure applications, resulting in lesser pre-release security defect identification. • The IT Security team took a deep look at the security technology layer in light of the changing risk profile. An ‘as-is’ landscape of the implemented technologies was defined and a roadmap prepared to achieve the ‘to-be’ state. The simplified, risk-based roadmap view helped to get better buy-in for security technologies and obtain funding approvals from the Group management. The lean IT Security team was able to work to about twice its strength due to voluntary contribution from staff across other departments.

Category: Risk and Fraud awareness initiatives Winner: Bahrain e-Gov Authority Receiver: Abbas Kudrati, Head - Information Security, eGovernment Authority - Bahrain Having implemented the Information Security Management System (ISMS) and attaining the ISO 27001 certification , the eGovernment Authority (EGA) of the Kingdom of Bahrain is currently implementing various methods to educate users on the critically of information security. eGovernment Authority is using international standard for Security Awareness Training as published by National Institute of Standard and Technology (NIST) SP 800-16 and SP 80050.While the current scope is limited to 6

Key Government Organisation the plan will cover all the Government organization in Bahrain within next 2 years. Some of the tangible benefits expected by this project are: • Helping employees recognise and respond appropriately to real and potential security concerns. • Providing fresh, updated information to keep our staff current on new risks and what to do about them. • Making employees and outsourced staffs / contractors aware that the data on their computers and mobile devices (PDAs, thumb drives, smart phones, etc.) are valuable and vulnerable. • Reducing the number and extent of information security breaches • Reducing systems' costs by allowing control measures to be designed into systems rather than adding them to installed systems. • Providing savings through coordination and measurement of all security awareness, training, and educational activities while reducing duplication of efforts. • Showing citizens that our organization cares about protecting their personal and sensitive information. • Building a culture of security competence. Motivate employees and contractors to improve their behaviors and incorporate security concerns into their decision making.

Category: Enterprise Security Strategy Winner: Jumeirah Group Receiver: Emad Maisari, Director of IT Security, Jumeirah Group One of the most important building blocks of any Security Program/Framework in

may 2011

any organisation is an Information Security (IS) Awareness Program. It is the "Human" aspect of your framework which touches people on a personal level and which probably gives you the most direct impact. Keeping this in mind, Jumeirah Group decided to focus on Information Security awareness as a top 3 area of focus for 2011. In order to come up with an awareness strategy that would be most effective, the company decided to involve all employees in the rollout of a comprehensive Security Awareness training session. With 10,000 employees in Jumeirah and many business units around the world, the organisation created a 2 hour classroom style presentation that focuses on threats and all employee responsibilities when it comes to securing their assets, information and data. For those who work in internal business units, online training sessions with quizzes, videos, prizes and questions was developed. All these efforts to foster an enhanced level of security brought immediate results including the following: 1. The number of policy violations have decreased by 40% already 2. Different departments are starting to involve IT security in their projects at all stages (planning, design, implementation, etc.) 3. Funding is becoming more available because senior management are seeing positive results. 4. Employees feel more involved and talk more freely with the Security department.



Perspectives Forum 2011

Executive Scorecards: Improving business visibility into IT spending Many businesses invest considerable effort in seeking out IT data to help in technology business decisions and in differentiating themselves from competitors in their industry. Executive dashboards and scorecards can be effective tools for IT leaders to summarise the key elements of IT performance in one place using data merged from different operational IT systems. CPI’s exclusive CIO Perspectives 2011 supported by HP and its partner Emitac brought together key IT decision makers and CIOs in Abu Dhabi to explore and share best practices on how organisations could achieve greater benefits through IT and business integration.

“A core objective of this forum was

to highlight and understand the role and importance of Executive Scorecards in effective financial management. HP showcased how our Executive Scorecard offers a dashboard solution for CIOs and other key decision makers in IT by providing a measurement and management platform for IT financials, processes, and performance,” said Faisal Fouad Aljundi,Chief Technology Officer, HP Software in MEMA (Middle East, Mediterranean & Africa).



So why does performance management matter? According to Aljundi, taking that approach helps deliver four key benefits to organisations: – Establishes IT Accountability for Performance – Drives goals, measurement, and continual improvement – Drives lower cost of ownership – Drives better business/IT alignment when coupled with service orientation Advising organisations to adopt an enterprise-wide approach to IT

may 2011

Some important actions to align Business and IT are: • Common objectives • Transparency • Involvement of Stake holders from both sides • Proper and Early planning • Focus on delivery of value • Measurement of Process





1 Alok Srivastava, Manager, IT Applications, Masdar

2 Alexious Mulemba, Group Information Technology Manager, IT Shared Services, Al Fahim Group

3 Faisal Fouad Aljundi,Chief Technology Officer, HP Software in MEMA

4 Naveen Jaiswal, Business Unit Head – Enterprise Management Solutions, Emitac

management, Naveen Jaiswal, Business Unit Head – Enterprise Management Solutions, Emitac emphasised that it was critical for organisations to have a clear approach by ensuring that they identify the gaps, cover the depth and breadth, engage a partner who has the wealth of experience doing this, invest in the right people, right process and the right technology and complete the cycle by continuous improvement. Other speakers included Alexious Mulemba, Group Information Technology Manager, IT Shared Services, Al Fahim Group who shared his views on “Demonstrating IT’s value as a strategic investment versus a utility” and Alok Srivastava, Manager, IT Applications, Masdar Who presented on “How IT Financial Management solutions can help your organization achieve financial transparency.”

may 2011

How well are you doing IT management? Ask these questions • Do IT and Business have the same objectives? • Do I have a helpdesk? If yes, then are they delivering the desired output? • Do I have improvement in the service – month on month or quarter on quarter or at least year on year? • Am I able to measure the performance of my internal and external service providers? • Am I getting ROI on my investment and am I able to measure this? • Do I have inventory of all my assets and do I know who is the owner of these and what impact they have on my service? • Do I have SLAs with my internal and external customers and am I able to monitor them?




Mainframe, meet cloud Mainframes are stable, secure and under your control - perfect for anchoring a private cloud - but where's user provisioning? Mention cloud computing to a

mainframe professional, and he's likely to roll his eyes. Cloud is just a new name -and a lot of hype -- for what, mainframes have done for years, he'll say. "A mainframe is a cloud," contends Jon Toigo, CEO and managing principal of Toigo Partners International, a data management consultancy in Florida. If you, like him, define a cloud as a resource that can be dynamically provisioned -- that is to say, it can be allocated and de-allocated on demand -- and made available within a company with security and good management controls, "then all of that already exists in a mainframe," he says. Of course, Toigo's is not the only definition of what constitutes a cloud. Most experts say that a key attribute of the cloud is the dynamic provisioning of self-service -- or on-demand services. But the mainframe environment, and the basis for much of its control and security, traditionally requires an administrator to provision computing power to specific tasks. That's the reason behind the mainframe's infamous reputation as old technology that operates under an outdated IT paradigm of command and control. That's just one of the reasons why most cloud computing today runs on X86-based distributed architectures, not mainframes. Other reasons include expensive mainframe, high licensing



and software costs and a shortage of mainframe skills.

Big iron, meet cloud Nevertheless, mainframe vendors contend that many companies want to use their big iron for cloud computing. In a CA Technologies-sponsored survey of 200 U.S. mainframe executives last year, 73% of the respondents said that their mainframes were a part of their future cloud plans. IBM has been promoting mainframes as cloud platforms for several years. according to analyst, he company's introduction last year of the zEnterprise, which gives organisations the option of combining mainframe and distributed computing platforms under an umbrella of common management, is a key part of IBM's strategy to make mainframes a part of the cloud, say analysts. The company set the stage ten years ago when it gave all of its mainframes, zSeries S/390 and beyond, the ability to run Linux. While mainframes had been virtualising for 30 years, ever since the introduction of the z/VM Virtual Machine operating system, once IBM added Linux you could run virtual X86 servers on a mainframe. Over the last several years, some organisations have done just that, consolidating and virtualising X86 servers using Linux on the mainframe and once you start doing that, you've got

may 2011

the basis for a private cloud. "You have this incredibly scalable server that's very strong in transaction management," says Judith Hurwitz, president and CEO of Hurwitz and Associates, an IT consultancy in Massachusetts. "Here's this platform that has scalability and partitioning built in at its core." Plus, the mainframe's strongest assets -- reliability, availability, manageability and security -- are the very characteristics that companies are most concerned about as they consider rolling out major business applications in the cloud, she says.

Provisioning is the sticking point But that lack of support for self provisioning is glaring. "The mainframe is very well controlled in most organisations, often to the point where it's locked in a room and people can't

resources were provisioned,” Mullen explains. This ref lects the "old habits" of the mainframe world, he says. But he also notes that any kind of cloud implementation, including those on distributed systems, would include an approval process. "I know the perception is that the user doesn't have to bother anybody in IT, I just have to point and click to get my service," he says. But in every cloud scenario, he adds, there's some kind of approval process, a way to prioritise the requests, even though that process may not "require human eyes." As for the licensing costs, Mullen says that IBM's current generation, System z, has a little-used "on-off " feature, whereby mainframe administrators can turn a processor core on for a limited time, paying short-term day rates for IBM software, rather than buying an expensive annual license based on the number of processor cores. "We are looking at taking advantage of this infrastructure to make it even more suitable for a cloud environment where there is a lot of unpredictable usage," explains Mullen. access it," says Julie Craig, an analyst specialising in application management at IT consultancy Enterprise Management Associates. "[Mainframe vendors] are going to have to do some developing to allow rooms for the self-service features of the cloud." Reed Mullen, IBM's System z cloud computing leader, says that the lack of self provisioning is cultural, not technological. “Companies could enable self-provisioning in mainframes either by using IBM's Tivoli Service Automation Manager or through custom development,” he says. And yet, he acknowledges that such implementations would still depend on the IT department -- users wouldn't have full self-service autonomy. “Specifically, mainframe systems with self-provisioning options would require a user to submit a request by e-mail, and IT would have to approve the request before the

Iron cloud in its infancy But it's hard to find an organisation that's using a mainframe in a self-provisioned cloud computing platform. Some analysts say the talk of the mainframe as cloud is just hype. “The technology may indeed exist, but the question is whether companies are actually implementing it,” says Bill Claybrook, president of New River Marketing Research. "If they are not automating things, if they don't have a self-service portal, then it's not cloud architecture, it's just a virtualised environment," he says. One reason why it's hard to find a self-provisioned mainframe-based environment on the cloud computing setup may be because cloud computing is still in its infant stage. "There is incongruity between the possibilities on the cloud today and what these big mainframes do," says Phil Murphy, an analyst at Forrester Research.

may 2011

For example, business units might use a credit card to buy some extra computing cycles for a one-time project, but most companies would not run mission-critical, transaction-processing applications in the cloud. The one cloud scenario that Murphy can point to that includes self provisioning is the model used by global outsourcing companies, where far-f lung developers have the ability to automatically set up their own test and development platforms. Those aren't all mainframe-based, but Murphy thinks some of them must be. Under the old system, "the developer had to request operations to set this up and it would take weeks or months. Now in a matter of 15 minutes, he can do it himself," he says. Mullen agrees that that's a good example. A platform-as-a-service (PaaS) setup like that "is perhaps the dominant usage of a cloud infrastructure in mainframe environments today," he says. But as cloud computing matures and as new models of mainframes begin to offer more computing power at lower costs than they do today, more companies will experiment. Hurwitz, for one, says many of her clients are looking into it, although none are ready to talk about it publicly. "It's something we're going to see a lot more of," she predicts.

Marist College, early adopter Marist College is a poster child for IBM mainframes. The college is right down the road from an IBM mainframe manufacturing plant in New York. Marist has had a research-anddevelopment partnership with IBM for more than 20 years, and it helped IBM develop and roll out Z Linux, the version of Linux that runs on the IBM System z. Today, Marist keeps the source code for Z Linux, handles the distribution for Z Linux, and runs an educational site, the Knowledge Centre for System z, for IBM. Marist has rewritten innumerable X86-based applications to run on Linux on its two System z mainframes. The college runs 80 Linux servers, mostly




handling administrative tasks, on one mainframe, and it has more than 600 Linux servers running academic applications on the other mainframe. The college also runs other applications on an IBM P-Series midrange computer and IBM blades as well. But the mainframes are "the real engine behind this systems," says Bill Thirsk, Marist's CEO and vice president of IT. Marist is getting big cost benefits from virtualising on the mainframe. The college avoids purchasing extra server hardware, plus it saves on space, power and IT staff to manage the data centre. It not only avoids having to pay extra for each application it adds to the mainframe, but also benefits from increased utilisation of the mainframe, resulting in a very good return on assets. He calls Marist's setup a cloud. Sceptics would say it's not a cloud, because it has no user provisioning. But there is some provisioning going on, when students enroll to study computer science, for example, they are automatically provisioned with a mainframe partition. “And when they leave the school,” he adds, "That’s also quickly sucked back into the fold and re-allocated automatically." Though critics might disagree, Thirsk thinks the fact that the resources are not provisioned by the user isn't important. "The fact is that if you wanted to change the policy where the student could just order it, it would come down to the same auto-provisioning routine," he says.

"We do it more explicitly because it's as academic institution. The faculty decide what resources get used by students, depending on their courses." Marist has advantages that make building a mainframe-based cloud easier. It gets an academic discount on the mainframes (although the price breaks aren't any larger than those available to other universities. And thanks to the IBM-sponsored mainframe academic program at the college, Marist has a built-in, cheap source of IT labor with mainframe and Z Linux skills. "Where one CIO might have to hire very expensive professionals to run their data centre, I have an entire internship programme, and my labour's fairly inexpensive," Thirsk notes. "I only have three professionals to supervise." Marist's cloud is starting to get some attention. "Four years ago, when I started talking about this, everybody looked at me like I was crazy," Thirsk says, but as the years have passed, others have taken an interest in Marist's computing environment. He notes that he has hosted lots of visitors eager to learn what the college is doing, including representatives from 21 companies and several universities last year. "We're talking to a college in the Middle East that has over 200,000 students," he says. "There's only one way to meet that load -- and that's with a mainframe."

Capacity plus reliability It was the lure of high capacity and high reliability that drove Transzap to move

The controlled environment of the mainframe, and the basis for much of its security, traditionally requires an administrator to provision computing power to specific tasks. That's the basis for the mainframe's reputation as old technology that operates under the outdated IT paradigm of command and control.



may 2011

its cloud-based SaaS offering from an in-house distributed platform onto an in-house mainframe in 2008. A 100-employee company that provides software systems for the energy industry, Transzap offers a service called Oildex, an online financial digital data exchange and collaborative workf low system that manages invoices and other financial information. As a SaaS provider, Transzap is primarily concerned with reliability. "If we're down, [our customers] can't cut checks to their vendors," says David Marts, vice president of operations at Oildex. As Transzap's business grew, so did the size of the Oracle database that supported its financial services. As the company was evaluating ways to scale up capacity, Oildex had several significant outages, including that one left it down for more than eight hours. When the company tried to determine the cause of the failure, it got nothing but finger-pointing among its various hardware and software vendors. "We could not get anybody to own up to why it failed," says Marts. Transzap compared the price of a System z business-class mainframe to that of the cluster of new servers it was going to need and it found that the costs were about the same. But, the mainframe was more reliable, and Transzap liked the idea of dealing with just one vendor. The deciding factor, however, was the fact that the mainframe ran Linux. "We're a Linux shop by heritage, slanted toward open systems wherever possible," says Marts. "So we could leverage our Linux experience and skill set." And Oildex has had no outages related to the mainframe. Transzap's System z lease expires next year, and Marts plans to re-evaluate all options -- distributed and mainframe, particularly the zEnterprise that can combine both. "Because we've stayed on Linux, if we decide that it makes more sense to switch to a different platform, our customers will never know the difference. So we maintain control of our destiny," says Marts.

How To

Battle content theft The bad news is there is no sure way to stop content theft. The good news is that you can employ strategies to ensure your content maintains an upper hand on the web. Has your original web content

been mysteriously appearing on other sites? Has something you've written recently appeared word-for-word, without attribution or back links, on a web site other than your own? Web content theft, whether done manually or by automated tools also known as scrapers, has been a rampant practice on the Internet for years. The bad news is there is no sure fire way of putting a stop to content theft. Once content is viewable on the Internet, there is always a way to obtain it. But, according to Scott Wilson, search engine optimisation (SEO) specialist and CEO of Burlington, Ontario-based, there are a number of strategies that one can employ to make sure your content maintains an upper hand (search ranking-wise) over the copied content. Wilson, who's specialisation includes video production, optimisation of Google Places and search marketing in Google AdWords said "organisations bent on stealing content will always find a way to do so." The odds are heavily stacked against the original owner of the content because apart from competitors, there are



tens of thousands of sites on the Internet that exist to steal content. "The stealing is done to populate MFAs (made for ads) Web sites. These are sites that make money by serving up online ads," he said. “The MFA site owners earn money from clicks the ads get. In order to attract viewers, the site owners fill the site with low quality content that ride on popular topics of content that is stolen from other sites either through manual copy-andpaste methods or automated scrapers,” Wilson explained.

How to uncover content snatchers There are offices that handle cases of content theft and legal action can be brought against content snatchers. There are numerous cases of organisations going after content thieves or online plagiarists, but these are typically large corporations that are out to protect their multi-million dollar brand or intellectual property. “Very often,” Wilson said, “SMEs are prepared to undertake what could be a protracted legal battle.” "A small business operator has to determine if it is worth the time, effort

may 2011

and money to track down the offender and bring them to court," Wilson said. On the part of its site dealing with Digital Millennium Copyright Act, Google said when it receives notice of alleged copyright infringement the search engine's actions could include, “removing or disabling access to material claimed to be the subject of infringing activity and/ or terminating subscribers." If Google does remove or disable access in response to such a notice, Google makes "a good-faith attempt" to contact the owner or administrator of the affected site or content so that they may make a counter notification. Google also warned parties that when they file a complaint with them "they will be liable for damages (including costs and lawyers' fees), if you materially misrepresent a product or activity infringing your copyrights." Wilson also suggested that businesses can tackle the problem by concentrating on strengthening their original content's search optimisation properties. "The first step", Wilson said, "is to determine if your content is being stolen". You can do a search on Google and other search engines using the keywords that you think best describes your text or image content. However a faster way is to use online tools. Wilson recommends using Copyscrape, a free tool which helps users identify who is publishing and republishing Web site content. "We frequently hire freelance writers and we use Copyscrape to make sure that they are not using duplicate or plagiarised content. Copyscrape is the best site I know for this purpose. It is used by many Webmasters, businesses and social media experts," he said. Make sure Google knows you're the original author as Google's search algorithms are geared towards rewarding original content authors and creators of high value content by giving them higher search rankings. Taking this into account, Wilson said, “A business owner can protect their site's content by making sure the search engine

content was posted online. Any change to that URL will put that date back to zero.” "If URLs need to be altered, a 301 redirect should be added to it to ensure that searchers are redirected to the original URL. This way the content isn't viewed as new," said Wilson. Some business owners might also want to rethink the situation, according to Wilson. "Having your content appear on another site might not be a totally bad thing." This could turn out to be a positive situation, if the content is properly attributed to you or your site and could mean additional exposure that you do not need to pay for. Wilson said, “Make sure the copied content mentions your name or your business name as the source. Also have the site featuring your content to link back to your site, this way you could get some of its readers to come back to your site.” Links could be established directly by

"The first step, is to determine if your content is being stolen. You can do a search on Google and other search engines using the keywords that you think best describes your text or image content. However a faster way is to use online tools." identifies your site as the original source of the content.” Site owners should keep three things in mind, the first of which is making sure Google can find your site, then making sure that Google trusts your site and finally, making sure that your content is focused. According to Wilson, “Google web crawlers are not very good with identifying f lash content, unfortunately many web designers use f lash when they want to create special features and effects for a site." "Don't get me wrong. I like f lash and

I think it's a great tool. But if you want your site to be easily found by Google, you can also use open sourced tools such as Wordpress, Joomla! or Drupal, which Google can easily read," he said. “When there are several sites that appear to have the same content, Google typically gives the site where the content appeared earlier a higher ranking because this is probably the original source,” said Wilson. “One way sites can establish content seniority,” he said, “is to avoid changing the URL of a site's content. The URL has an association indicating when the

may 2011

having the other site post your name and site address with a link to it or indirectly via hyperlinks on the text or image being used.

More at uternewsm p m o www.c



What we’re reading.. The Leader’s Guide to Storytelling  Mastering an art

Stephen Denning

Book  If you missed this book when it came out a few years ago, pick up the recently revised edition. Denning explains why stories are often the best tool for the job—they create social bonds and spark action—and suggests ways to tell different stories. Many examples are given and at the end of each chapter is a template to help you craft your own tales. The new edition reflects evolving attitudes about business storytelling and addresses the current role of social media.

Mastering the Art and Discipline of Business Narrative (Jossey-Bass)

The new edge

Carla O’Dell and Cindy Hubert Book  As was discussed in our February. 1 issue, knowledge management (KM) may be making a comeback. The authors of this book think so too and will help you make the business case for KM. They discuss proven and new approaches to implementation, and explain how to create a culture that prompts employees to actually use the system. The book also includes a healthy appendix of case studies.

The New Edge in Knowledge : How Knowledge Management Is Changing the Way We Do Business (John Wiley and Sons)

Closing the IT skills gap

Joseph McKendrick

As One 

Mehrdad Baghai and James Quigley Book  You may not be providing the leadership your organization needs to function most cohesively. Baghai, the managing director of Alchemy Growth Partners, and Quigley, the CEO of Deloitte Touche Tohmatsu, believe many executives think too narrowly about how they make decisions and motivate employees. Leaders either exercise tight control or try for maximum collaboration. The authors use original research to define a spectrum between these extremes, taking into account what leaders want to accomplish and what employees expect.

Research  With the economy on the upswing, more companies will be hiring this year. Will recent college grads be ready to slot in smoothly at your company? Probably not, says this report, which found that only 8% of its 376 respondents would rate their recent entry-level hires as “well-trained, ready to go.” In contrast, more than three quarters of employers thought that colleges should teach programming, database and architectural skills.

As One: Individual Action, Collective Power (Portfolio Penguin)

All Things Distributed

Werner Vogels

BLOG  For those considering using Amazon in the enterprise, this blog by its CTO is worth following. It provides a nitty-gritty breakdown of some of Amazon’s services, along with some more general business musings. Vogels is big on practical applications and frequently provides examples of how Amazon Web Services are being or could be used. In fact, he now runs his blog entirely from Amazon Simple Storage Service—no servers involved at all. (For more on Amazon Web Services, see "Cloud Computing: Will Amazon's Elastic Beanstalk Platform Appeal to Enterprise CIOs?")



may 2011

I get the support I need Trend Micro Worry-Free Business Security is easy to install, easy to maintain. It just works, and that leaves the customer free to do what they do best.

Trend Micro Worry-Free Business Security Fast, Effective, Simple

SAS速 Business Analytics Software Data Management | Analytics | Reporting | Targeted Business and Industry Solutions

What if you could increase revenue by 66% using your data to make confident, fact-based decisions?

You can. SAS gives you The Power to Know.速 SAS Business Analytics software helps organizations across every industry discover innovative ways to increase profits, reduce risk, predict trends, and turn information assets into true competitive advantage. For a free workshop on Advanced Business Analytics* * first 10 requests for a free research paper SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. 速 indicates USA registration. Other brand and product names are trademarks of their respective companies. 息 2010 SAS Institute Inc. All rights reserved. 51467US.0110

Computer News Middle East  
Computer News Middle East  

CNME is the premier technology in business magazine for the discerning C-level readers of the Middle East