Issuu on Google+

IT leadership & innovation

TECH INSIGHTS IT leaders’ predictions for 2017

NOV 2016 VO L .5 NO. 1 PP100009359

Stay connected with unified comms w w w . t e c h n o

l o g

Don’t fall into a yprivacy d e c i s i breach o n s . c o m

. a u

Software-defined WANs on the rise


w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


Recent months have seen a spate of high-profile, major technology

n o v e m b e r

Australian energy grid going down, to the Census shemozzle, the ASX failure, huge DDoS attacks, the Red Cross data breach — the list just goes on. Are we simply going to have to accept that this will be the way of the future? Will we just have to learn to live with it? Or will someone out there in the ICT industry figure out a way or ways in which to properly protect systems from failure, outside penetration and inside compromise. While experts in the field clearly take the problem seriously,

14 | When criminals hijack your brand 18 | The IoT’s role in health and aged care 22 | The unified comms convoy 30 | The best NBN outcome needs a better discussion

as do governments, it doesn’t look like a complete solution will be forthcoming any time soon. But at least there are ways in which enterprises can tackle individual types of dangers, such as insider threats. And it’s probably just as well, as the consequences of not safeguarding systems and

2 0 1 6

INSIDE

and system failures. From the South

38 | Automate quote-to-cash for a competitive edge 45 | Flash to the rescue when things get tight 50 | Living on the edge in stormy weather

data are about to become more significant with the expected passing of federal data breach legislation. Everyone, from the CEO down, needs to take security seriously. Jonathan Nally, Editor jonathan@technologydecisions.com.au

F E A T U R E S 4 | The software-defined WAN Software-defined networking is becoming increasingly relevant for the enterprise WAN, having the potential to reduce capital and operational expenditure.

42 | Education is the key to ransomware defence SMEs need to ensure their staff, from the CEO to the IT team, are prepared to repel ransomware attacks.

32 | The threat inside Employees are your most valuable resource… but they can also be your biggest security risk.

46 | Don’t fall into a privacy breach The ins and outs of Australian privacy laws — how they practically affect businesses and what to look out for.

3

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


The software-defined WAN Andrew Collins

Do you want lower costs, faster provisioning and better availability for your networks? It’s time you looked at software-defined WAN. 4 w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


© stock.adobe.com/au/xxxxxxxxxxxxxxxx

WAN’, IDC analysts Brad Casemore, Rohit

enterprises to centrally configure and

Mehra and Nav Chander discussed how

manage WAN traffic via graphical user

SD-WAN can help organisations meet the

interfaces, based on business-related poli-

network requirements of their branches

cies, while providing increased visibility.”

and remote sites.

Persuasive drivers The SD-WAN was preceded by the hybrid

According to IDC, the application of SDN

WAN, the analysts said, adding that a

to the WAN follows its application to the

typical hybrid WAN includes “at least two

data centre.

WAN connections from each branch office, leveraging two or more different access

“The requirements associated with cloud

technologies” such as MPLS, broadband

computing have already reverberated

internet and mobile internet.

through data centre networking, with SDN arising as an architectural approach

“SD-WAN leverages hybrid WANs, but it

that provides the network with the agility

includes a centralised, application-based

and responsiveness — through automated

policy controller; analytics for application

provisioning, programmatic management

and network visibility; a software overlay

and integration with cloud orchestration

that abstracts underlying networks; and

platforms — that it lacked previously,”

an optional SD-WAN forwarder (routing

Casemore, Mehra and Chander said.

capability) that together provides intelligent path selection across WAN links,

The growth of the cloud now means that

based on the application policies defined

the WAN is experiencing greater pressure,

on the controller,” the IDC analysts said.

too. “As public and private cloud continue to grow, WAN performance becomes

In the Gartner report, ‘Technology Over-

critical for latency-sensitive workloads

view for SD-WAN’, authors Andrew Lerner

and inter-data centre business continuity.”

and Neil Rickard explained that SD-WAN “abstracts the underlying network trans-

So as organisations prepare for and imple-

port/connectivity to present a business-

ment cloud, they need to consider WAN

centric or application-centric approach”.

architectures as well as data centre infrastructure, the IDC analysts said, adding

A

In an SD-WAN solution, centrally man-

that “the WAN is an increasingly critical

aged WAN edge devices are deployed in

foundational element in the realisation of

branch offices in order to create logical

hybrid cloud for enterprises worldwide”.

fter making a splash in the

connections with other branch edge de-

data centre, software-defined

vices across the physical WAN, the Gartner

Those organisations that are adopting

networking (SDN) is now

analysts said. “These logical connections

hybrid cloud need to think about how

becoming increasingly relevant

create secure paths across multiple WAN

to get the same benefits and agility in

for the enterprise WAN, with analysts saying

connections and carriers, such as hybrid

the WAN that they’re trying to get from

the software-defined WAN (SD-WAN)

internet and multiprotocol label switching

implementing SDN in the data centre and

has the potential to reduce capital and

(MPLS) architectures.”

the campus, the analysts said. “Indeed, SD-WAN provides the complementary

operational expenditure, hasten network provisioning and increase network

An SD-WAN enables traditional device-

capstone for hybrid cloud application

availability.

based command line interface configu-

delivery.”

rations to be replaced by centralised, In their recent paper, ‘Cloud and Drive

network-wide control and orchestration,

In its report, Gartner also highlighted the

for WAN Efficiencies Power Move to SD-

the Gartner analysts added. “This enables

impact of cloud on the enterprise WAN,

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

>

5


with Lerner and Rickard stating, “The

Hall said, “Organisations are looking for

applications” and “improving branch IT

emergence of public cloud computing

more reliable, robust, secure, managed

efficiency through automation”.

has rendered traditional enterprise WAN

bandwidth with improved cost-effective-

architectures to be suboptimal, from a price

ness. Larger organisations face the most

Gartner’s Lerner and Rickard said that

and performance perspective.”

challenges and are likely to have evolved

SD-WAN could provide “substantial”

to highly complex networks which are now

benefits compared to traditional WAN

Compared to traditional approaches, SD-

also being integrated into cloud environ-

architectures, including reduced costs and

WAN is better equipped to handle the

ments. SD-WAN solutions can help remove

improved provisioning times.

changing network traffic patterns that

complexity, simplifying management, and

arise from cloud computing, they said.

enable more rapid deployment of changes

Reduced costs, they said, could come via

“SD-WANs resolve some of the most

and additions to the network.”

several means, including:

face when building and managing hybrid

When asked about drivers behind the

• lower acquisition costs for hardware,

WANs, and will face with growing frequency

adoption of SD-WAN locally, Hall said that

software and support of vendor-provided

going forward.”

Australian adoption is being influenced by

remote office WAN equipment, and

pressing WAN problems clients currently

service providers and what offerings they’re These problems include the high cost of

making available. “This includes the major

• lower enterprise operational expenditures

WAN connectivity; complex, static and

players like Telstra and Optus, and new

in managing and operating the WAN.

manual network configurations; and the

boys on the block like MyRepublic, who

inability to provide security and visibility

are based in Singapore but entering the

The time it takes to provision network

for WAN traffic.

Australian market, but as yet not made

changes at branch sites, they said, could

an impact.”

be improved through SD-WAN’s simpli-

Peter Hall, an advisor at IBRS, said that

fied configuration, orchestration and

although cloud is a factor behind enterprises

Adding up the advantages

adopting SD-WAN, “cloud adoption by

According to the analysts, SD-WAN has the

itself is not the primary driver” and that

potential to provide a variety of benefits

Be an adopter

“being able to utilise more flexible internet

to adopters. IDC’s Casemore, Mehra and

Consistent with their position that the

connection methods and have a mix avail-

Chander said that SD-WAN benefits can

spread of cloud is a primary driver of SD-

able will be an attraction to organisations”.

include “cost-effective delivery of business

WAN adoption, IDC’s Casemore, Mehra

zero-touch provisioning.

© stock.adobe.com/au/vege

and Chander said that SD-WAN will be particularly relevant for organisations that are planning to adopt — or have already adopted — hybrid cloud, especially those organisations that are using SaaS application services. “In these cases, there is a strong motivation to reassess WAN architectures used for application delivery. What made eminent sense on the WAN when client/server applications were housed exclusively in an enterprise data centre does not make sense when applications reside in the public cloud as well as in the enterprise data centre or a private cloud,” they said. The IDC analysts said that hybrid cloud

6

demands a “policy-based approach to

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

>


Upgrading your computer fleet this year? We’d like to buy your old one

We Buy, Deploy and Destroy retired ICT equipment and the data on it Desktops, Notebooks, Servers, Tablets and Mobile Phone fleets. There are two reasons why you should call us:

1 We pay up to 40% more

2 Better Information Security

We’ve been in the industry for 23 years and thanks to the depth of our local and international connections, we can pay you the highest prices ce for your retired equipment – up to 40% more.

We’re accredited to ISO27001: Information Security Management. That means we provide the highest levels of security over the data stored on your devices, from collection to erasure or complete shredding.

Free Movie Vouchers G two free Events Cinemas Movie Vouchers when you ask us to Get quote on buying 200+ devices before January 31, 2017. No strings attached – Just mention the offer or quote promo code “Freetix” when you call 1300 225 001 or email sales@actlogistics.com.au. Note: Offer only applies to new quotes delivered after the 17th of November 2016.

Call 1300 225 001 or email sales@actlogistics.com.au today

Brisbane | Sydney | Melbourne | Perth


application delivery” at remote and branch © Nmedia/Dollar Photo Club

sites, and that such an approach could potentially use broadband and mobile internet, as well as VPNs and MPLS. In such a scenario, they said, organisations could also use SD-WAN for load-balancing across the WAN, or for monitoring application performance and sending traffic over whichever WAN links are best suited to the requirements of the application in question (such as cost-effectiveness or reliability).

“Being able to utilise more flexible internet connection methods and have a mix available will be an attraction to

IBRS’s Hall said that in Australia and New Zealand, SD-WAN is “likely be adopted

organisations.” – Peter Hall, IBRS

with high growth rates within large organisations that need to manage larger deployments of systems, and have a large number of sites. They will be looking to

resource constraints will want to consider

Chander, the SD-WAN market “will signifi-

take advantage of being able to manage

CSP [communications service providers]

cantly cannibalise the WAN optimisation

larger amounts of bandwidth whilst using

SD-WAN managed services, which reduce

and, to a lesser extent, the branch router

the most cost-effective internet connec-

management overhead and related costs

market during the next several years”.

tions available.”

by providing comprehensive deployment and management of SD-WAN solutions,

The market for WAN optimisation would

As for which specific verticals in Australia

typically based on product offerings from

be especially impacted, they said, “with

are more likely to gain benefit from adopt-

market-leading SD-WAN vendors.”

WAN optimisation ultimately becoming a subset or secondary market to SD-WAN”.

ing SD-WAN, Hall said: “In terms of buying SD-WAN offerings the customers

As for Australian organisations, IBRS’s

are the big telcos and service providers.

Hall said, “Major service providers will

Given the threat SD-WAN poses to the

Cloud service providers will want to

work directly with the vendors, whilst

WAN optimisation and branch router

use solutions in the services they offer.

building their own in-house expertise.”

markets, the IDC analysts said, “It’s es-

Large organisations that run completely

For example, he said, “Telstra is working

sential for vendors in those markets to

in-house, or that include some cloud or

with Cisco, whilst Singtel/Optus is working

extend their product portfolios, organically

hybrid cloud, that will adopt SD-WAN

with Viptela.”

or through acquisition, to compete in the SD-WAN space.”

are likely to be in sectors like financial services industry, government, retail and

Hall noted, “Third parties offering organi-

large construction organisations.”

sations services and assistance are most

According to IBRS’s Hall, “WAN optimisa-

likely not traditional system integrators,

tion vendors are already rushing to evolve

There are several deployment options

but providers of managed or cloud services,

their solutions into SD-WAN offerings (eg,

available to organisations considering

especially those providing infrastructure

Riverbed). Over time we would expect

adopting SD-WAN, such as dealing directly

as a service (IaaS).”

to hear less about WAN optimisers, as SD-WAN will be where the focus will be.

with vendors and implementing it using

8

in-house resources, or engaging a third

Flow-on effects

party to help.

The adoption of SD-WAN technologies

“There is also going to be a shift away

by organisations may have flow-on effects

from dedicated network appliances as

IDC’s Casemore, Mehra and Chander

for the markets of other related solutions.

specific functionality will offered at a

said, “Enterprises facing skills gaps or

According to IDC’s Casemore, Mehra and

software level,” Hall predicted.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


TECH

Nathan Steiner

Head of Systems Engineering, ANZ, Veeam Software

What’s the next big disruptive play in the technology sectors and what impact will it have?

INSIGHTS

2017

The next big disruptive play will be the proliferation of mass

Is the ICT regulatory and legal environment getting easier or harder, clearer or murkier for your business and your clients’ businesses and why?

IoT, the subsequent explosion of data and the ability to analyse

There are two seismic changes impacting the ICT regulatory and

and leverage it. Organisational data will be the main source of

legal environment. Mobility and IoT are driving the requirement

competitive advantage and the IoT will move delivery of services

for accessibility of services to unprecedented levels. Data and

into real time with the need to be always-on and available. This

its access is the second seismic impact. Data is getting pushed

will have profound impact on the infrastructure underpinning

and delivered closer to the consumer edge, which makes the

such services. The cloud, virtualisation, containers — the step

security, protection, management and access of such data more

from physical server to virtualisation — was one thing, but

complex and harder to manage. Such disruption is challenging

today, businesses have many more options. They need to ask

our existing regulatory and legal frameworks across all market

themselves where to deploy, and this will become one of the

segments. Managing both the ‘risk’ and ‘cost’ complexities in

most important decisions.

alignment with regulatory and legal requirements is one of the few challenges not tackled head-on by organisations as part of

What innovative technologies do you see emerging in your solution categories in 2017, and how will they help your customers?

digital transformation.

2017 will see organisations focus more on hybrid cloud models

policies, privacy policies, ‘the right to be forgotten’.

The outlook is definitely more questions than answers. A good example would be government policies — on data protection

as a way of delivering their applications, data and resources as a set of services to their customers, both internal and external. The last three years have seen significant drive and ideology in the marketplace towards a ‘don’t own stuff ’ mentality, thereby driving towards an all-in approach towards public cloud. Organisations across many market segments have differing regulatory, compliance and service delivery requirements and have realised that the hybrid cloud approach provides the most commercial, strategic and business sense. This will profoundly benefit Veeam customers as our technology and solution strategy is built on providing an availability platform that is hybrid cloud centric. An ability to provide enterprise continuity, workload mobility, visibility and compliance across private, managed and public clouds collectively. We believe that 2017 will be a good year for enterprises to stop

As Veeam’s ANZ Sy ste ms Eng ineer ing Group leader, Nathan Steiner leads, drives and owns Veeam’s Australia and New Zealand technical pre-sales strateg y. He also evangelises Veeam’s technology value proposition and leads, motivates and inspires a team of pre-sales engineers throughout ANZ.

the rat race and focus on a long-term strategy (3–5 years) and start working towards that. That will, of course, require new and innovative technologies.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

11


SILENCE CYBERATTACKS Prevention isn’t a myth. Find out how we’re using artificial intelligence and machine learning to stop threats from ever executing on your endpoints. Learn more at cylance.com .


TECH

Andy Solterbeck

Vice President, Cylance Asia Pacific

INSIGHTS

2017

What’s the next big disruptive play in the technology sectors and what impact will it have?

towards a ‘predict and prevent’ approach to endpoint security

As technology sectors continue to introduce smarter, quicker and

redirect valuable time and budget to ensuring a strong cyber-

cheaper ways of doing things, the most disruptive technologies

security strategy.

have brought questions around the generation and management of vast amounts of data. The most notable being the Internet of Things (IoT), artificial intelligence (AI) and what Gartner has dubbed the ‘algorithmic enterprise’.

and away from the outdated ‘detect and respond’ tactic, which requires full-time threat monitoring, will enable businesses to

What innovative technologies do you see emerging in your solution categories in 2017, and how will they help your customers?

But this environment is increasing the cyber-attack surface and

The most important emerging technology in the cybersecurity

many potential introduced threats are currently unknown. We

space is the unique application of AI and machine learning for

will not know until technologies such as the IoT become more

predicting and preventing attacks at the endpoint. Its logic is

ubiquitous. Here, IoT devices and communication consolidators

largely algorithmic-based and, when coupled with AI’s predictive

are the target as older techniques are being modified for these

nature, offers businesses five unique attributes that can rise to

new platforms including siphoning and theft of data, manipula-

meet the challenge of security in the IoT. They are: what used

tion of data and zombisation and weaponisation.

to take larger data sets can now done with comparably tiny algorithms, leaving behind a smaller footprint; algorithms enable

With newly developed and resource-constrained systems, many

quicker analysis than sifting through large databases; AI can be

previously managed attacks will find new opportunities to oper-

used at all layers of communication, meaning its processes are

ate. This is inevitable and will likely relate to the sheer number

much more effective in predicting and preventing cyber attacks;

of connected devices and their physical security.

AI-based solutions are better designed to meet the projected scale and rising demand of the IoT; and fewer updates are

What are your customers demanding of you now that they weren’t 12 months ago? And what are you anticipating for 2017?

required as AI-based logic maintains a longer life span before an update is needed.

Cybersecurity, in all its aspects, is much more important now than it was even 12 months ago. There are more threats that have become nearly impossible to manage using traditional security tools. Now, the ability to predict and prevent a malicious file before it has had a chance to execute is changing the security landscape. Old cybersecurity techniques using binary matching signatures and behavioural analytics, such as sandboxing, will go the way

Andy Solterbeck is Vice President Asia Pacific at Cylance. He spearheaded the company’s launch from Australia into Asia Pacific and drives strategy and go-to-market for the region. Prior to this role, he held senior technical management roles at Telstra, RSA and SafeNet.

of the dinosaur as organisations realise that these are simply not effective against the scale of modern cyber threats. But most businesses don’t have the expertise, resources or budget to manage a full-scale IT security strategy internally. Moving

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

13


A N A LY S E

THIS

W

When criminals hijack your brand

hile there is a limit to what

computer and encrypts the data so

• Calls from the organisation where the

organisations can do when

that the victim can be blackmailed to

outbound call centre staff ask the customer

criminals misappropriate

get it back; OR, The website pretends

they have called to authenticate themselves.

corporate brands to run

to be the organisation’s website and

This process is considered to be very poor

phishing campaigns against customers,

asks for verifying credentials, such as

practice and is recognised as training the

this does not absolve those organisations

personal details, credit card details or

customers to be easy victims.

of all responsibility. Crime on the internet

login credentials to the actual site (this

continues to be an entirely foreseeable

may then be used by the criminals to

There’s also the potential for compromise

risk, so organisations should review their

execute transactions with the victim’s

of customer records. This is the least likely

customer engagement processes to ensure

credentials).

option, as most ransomware and phishing

they are not training their customers to be easy targets for criminals.

scams are usually scatter-gunned across Depending on the security resources of

as many people as possible, hoping that a

an organisation, it may be among the first

percentage will be both legitimate customers

Australia Post, Telstra, AGL, State Revenue

to know it has been used as the lure in a

AND will fall for the scam.

Office, banks and many other Australian

phishing campaign. Or, it may find out

organisations have had their relationships

when legitimate customers start calling

Takedown services are available from a range

with their customers abused by criminals

to complain about the ransomware, or

of vendors, but leading Australian CISOs

in recent years. Naturally, the criminals use

what the customer may feel was a bad

note that the cost to engage third parties to

high-profile brands to lure their victims. It

customer experience (because it was not

take down phishing sites can escalate very

works like this:

with the actual organisation).

quickly, as there may be thousands of sites, with phishing campaigns that can last for

• The criminals craft a phishing email that

It is important to keep in mind that this

lengthy periods of time. Also, it is very easy

usually includes the logo and corporate

issue has a technical component, but it

for criminals to quickly set up new attack

colours of the organisation they are mis-

is not an IT problem. It is an age-old

sites should one be taken down.

representing themselves as;

confidence trick, brought into the age of the internet.

• They use a global network of compromised

It is vital from a brand perspective, in the maintenance of a trusted relationship with

servers as the mail server to send out the

When an organisation is used as a lure

customers and the market, for an organisa-

phishing emails (email addresses are usually

to attack victims, its exposure has been:

tion that has been hoaxed to get out quickly

harvested from big breaches, eg, LinkedIn,

the misappropriation of the organisation’s

and communicate with the market that the

Dropbox, Yahoo, EBay, Ashley Madison);

logo, corporate colours and even web

brand is being abused.

page style; and potential abuse of a flawed • The phishing email then asks the victim to

business process between the organisa-

The wording needs to be created by the

click on a web link. The link is usually to

tion and its customers. This happens if

organisation’s marketing people, and they

organise for collection of a parcel, verify

the customers are accustomed to getting:

will want IT’s advice on specifics. It may be

bank details, verify a credit card purchase and so on;

easiest to emulate how some of the banks • Emails from the organisation that are

communicate with their clients, eg:

typically promotional and ask the re-

14

• The link takes the victim to a website that uploads ransomware to his or her

cipient to “click here” to claim a prize, login, register, etc.

• “Security notice: NAB will never request personal information such as your PIN/

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


© stock.adobe.com/au/robsonphoto

password or ask you to login to online

addresses, and this has alerted users

servicing directly from an email.”

to hoaxes against specific brands (eg, Telstra, Australia Post). Stay Smart

• “Security notice: ANZ will not send you

Online is a good resource to which

an email or SMS asking you to verify

concerned customers can be pointed,

or provide Account Details, Financial

as most organisations will not want to

Details, or login details for ANZ Phone

have their call centres evolve to provide

Banking, ANZ Internet Banking or ANZ

home computer security support to

Mobile Banking.”

customers.

While an organisation that is being hoaxed

Experienced organisations have found

may not itself be the victim of a crime,

that it is useful to have a mechanism set

it is still important that organisations

up for customers (and staff) to report

report these scams. Some reporting op-

hoax emails and calls. This can be an

tions include:

email address such as hoax@<domain> or scams@<domain> or spoof@<domain>

• Scamwatch, run by the Australian

and it is worth noting the following:

Competition and Consumer Commission. Scamwatch puts out alerts on

• Be aware that malware samples will be

new types of attacks against consumers

sent to this address, so the people receiv-

and businesses, but does not notify the

ing these sample emails must have the

public about specific instances where a

ability to deal safely with this malware.

brand has been hijacked.

James Turner is an IBRS Advisor who specialises in information security, data centres and cloud and mobility security. He has more than a decade of experience in enterprise IT security and data centres, including as Frost & Sullivan’s analyst for IT security. He is chair of the Australian Information Security Association’s Advocacy Group.

• Ensure that wording describing the • ACORN (the Australian Cybercrime

hoax/scam email service does not guar-

Online Reporting Network) was created

antee that the organisation will respond

to be a source of information on how

to every email, but an automated re-

to avoid and/or recover from various

sponse should be set up to signify that

cybercrimes. Note that some security

the email was received.

executives have commented that informing ACORN of a cybercrime does

Finally, it is imperative that the external

not appear to produce any outcome, yet.

communications team understand that the current phishing phenomenon will

• Stay Smart Online, run by the Attorney-

continue as long as it remains lucrative

General’s Department and through

for criminals, so organisations must do

collaboration with many of the security

what they can to help protect their clients.

awareness teams in Australia’s largest

Typically, this will mean changing the

organisations. Stay Smart Online has

customer communication engagement

an alert service that is distributed to

model. Phishing is a foreseeable risk

people who have provided their email

and should be responsibly prepared for.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

15


Paul Shaw, General Manager–Storage, HPE South Pacific

T E C H N I C A L LY

SPEAKING

Protecting next-gen storage Companies looking to modernise their overall IT infrastructure cannot afford to take a relaxed attitude to their data protection strategy.

J

ust as you may be looking to

While it may be tempting to address your

adopt the latest advancements in

current backup and recovery challenges

primary storage technology, now is

by simply acquiring more storage capac-

the right time to also re-evaluate

ity to ‘build’ a larger data warehouse, the

your data protection and backup strategy.

explosive rate and complexity at which

Like having insurance or a fire evacuation

data is growing makes this strategy both

plan, a robust data protection strategy —

unviable and unsustainable.

including a solid back-up and recovery system — is a necessity for businesses.

So here are six questions you need to be asking yourself to ensure your company’s

However, with next-generation storage

strategy is optimised alongside next-

technology such as flash rapidly accelerat-

generation storage technology.

ing the amount of data that an organisation ask whether your data protection strategy

Where does my data protection ‘live’?

can support the flash-centric data centre,

According to IDC, 60% of storage cost

or whether your current backup and re-

is being spent on redundant data. While

covery solution is putting you at risk of

some may choose to overlook this extra

longer recovery times, missed SLAs and

burden on their IT resources, the rapid

reduced business performance.

growth of data will make this an un-

stores and processes, now is the time to

16

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


© stock.adobe.com/au/Cybrain

necessary strain for most organisations

storage snapshot technologies in ways that

nies need to have the agility to not only

if it isn’t already.

integrate with backup devices to reduce

scale their resources, but to also integrate

overall capacity, speed backup and recovery,

new technology. A key consideration

By understanding how your storage is being

simplify management, provide application

you need to make when evaluating your

used, and where copies are being stored,

owners with greater control, and ensure

data protection strategy is to ensure that

you’ll be in a better position to identify

that your business is adequately protected.

your IT architecture is futureproofed — enabling you to seamlessly upgrade

areas of redundancy and deploy deduplication strategies and thin snapshots to reduce

Do I have a plan B?

to technologies such as flash without

overall capacity needs. Ultimately, this will

While companies should take all the neces-

compromising the business or needing

help you make more cost-effective decisions

sary steps to ensure that their ‘plan A’ storage

additional resources to maintain data

around data and storage growth.

infrastructure is as reliable and resilient as

protection standards.

possible, failures can and do happen. You

As technology is increasingly leveraged to

around disaster recovery plans, and ensure

Finding an integrated solution

drive greater innovation at all levels and func-

that these plans are updated on a regular

Ultimately, companies cannot afford to

tions of a company — particularly around the

basis — particularly as you are making

take a relaxed view of their data protec-

creation of new revenue streams — the risk

changes to your infrastructure. This periodic

tion strategy. While developing proper IT

Is ‘shadow IT’ embedded?

need a comprehensive and realistic discussion

of ‘shadow IT infrastructures’ increases. The push to use IT as a competitive differentiator, particularly among developers, has led to multiple teams claiming more resources than needed for their own projects, many

“It may be tempting to opt for the cheapest backup storage medium, but the decision is a far more nuanced one.”

times to circumvent the delays that can result from the full corporate approval process. review typically involves creating operational

policies is critical, you should also work

On the surface, circumventing these pro-

procedures and adopting the right set of

towards adopting a backup solution that

cesses may appear to speed up time to market,

technologies to minimise the impact and

offers the following key features:

but it actually exposes the company to more

time needed to recover from disasters.

• Scale-out architecture — enabling your company to pay as you grow, with the

risks and opens the door to unnecessary duplication or even data loss, since the data

Is my backup cost-efficient?

ability to add virtual capacity, shelves

is not under the supervision of the IT team.

It may be tempting to opt for the cheapest

or nodes.

backup storage medium, but the decision

• Ability to provide deduplication across

on which is the most cost-efficient storage

the enterprise — this will simplify

The benefits of flash storage are well known

infrastructure for your organisation is a far

backup management and optimise

and many organisations are already moving

more nuanced one. It is never a case of ‘one

available storage in large environments.

to an all-flash data centre. But decision-

technology fits all’.

Is it optimised for flash?

• Automated, efficient backup and disaster recovery operations that run from a

makers should think beyond this transition as a simple ‘rip and replace’ operation that

You should balance performance require-

single view — this will reduce complex-

swaps disc drives or other storage media

ments with cost-appropriate mediums based

ity, prevent outages and reduce the time

with flash capacity. You should be look-

on the types of workloads being performed.

needed to get your business back up

ing for flash solutions that are designed

Of course, with various storage systems, you

and running should an outage occur.

to seamlessly integrate with your current

need to ensure that the architecture employed

• Application-aware consistency — cor-

backup/recovery and business applications.

is able to seamlessly integrate these various

rupt data copies are of little use when

Modernising your traditional hard disk

components.

recovery is needed and time is of the essence. Ensure that the integration

storage with modern flash architectures is the perfect opportunity to reconsider your

Is my strategy futureproof?

between your primary and protection

data protection approach. For example, you

With technological advancements and

storage is application-consistent to en-

should be looking towards maximising your

ever-changing business demands, compa-

sure consistency and data integrity.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

17


The IoT’s role in health and aged care

Fadi Geha, CEO, Simble

Mobility devices, the IoT and app development are helping providers improve healthcare outcomes while also boosting their own balance sheets.

W

hat do 30 to 60% declines

Over the last 10 years there has been a steady

in the share prices of

uptake of mobile device usage through the

Australia’s publicly listed

introduction of smartphones, tablets and

aged-care providers indi-

wearables. Along with this has come a high

cate about changes sweeping through the

level of maturity in the applications that

sector? They show that these companies have

reside on these devices, plus there has been

not kept pace with the changes and reforms

the advent of the Internet of Things (IoT).

that are rapidly disrupting the industry.

The IoT has long been talked about, but it is now at a very mature level, enabling provid-

While those reforms are designed to ensure

ers to implement both ‘active monitoring’

Australia has the best possible system for

and ‘passive monitoring’ solutions, ensuring

its ageing population, pressure is mounting

greater transparency around their carers and

on providers to differentiate themselves.

increasing service levels for clients.

Providers must ensure that they not only new clients while reducing costs to protect

Active monitoring with carer apps

their operating budgets and profit margins.

While there is a myriad of software compa-

Mobility has a significant role to play in this

nies that provide client management systems,

transformation.

these systems do not generally translate well

retain their current clients but also attract

18

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


© stock.adobe.com/au/Kaspars Grinvalds

onto mobile devices as they try to replicate

appliance utilisation, medication dispensed,

or she does not feel that ‘Big Brother’ is

the whole system. A smarter approach is to

as well as timing of entries and exits via

watching. When looking to implement this

engage a software solutions provider that

door sensors.

technology, a solution should be sought that

specialises in mobility and uses a platform

can be installed with minimum fuss and

with a robust and intelligent middleware

This information is then transmitted in

can also be uninstalled and re-used with

layer to perform rapid development of

real time back to a middleware layer which,

no damage to the home. Estimates show

multiple mobile applications that handle

using either manually configured actions or

that by implementing passive monitoring,

only what is required. One such app would be used by the carer. In most cases the carer only needs to know their scheduled client visits for the day, what tasks they need to perform for the client and also the shortest route between clients.

“Estimates show that by implementing passive monitoring, the provider can save around $5000 to $10,000 per client per year.”

From a provider viewpoint, the ability to not only push this information out in real time, but also have the information that is

artificial intelligence, can then send alerts or

the provider can save around $5000 to

entered by the carer sent back in real time,

alarms to the provider, carer or loved one.

$10,000 per client per year, depending on

gives assurance that the carer has performed

the level of care required.

their tasks at the time they were scheduled.

Through the use of artificial intelligence,

Carers are then only remunerated for their

historical data, dwell, power and motion

time on-site as well as travel time for the

sensors, the activity of a client can be

What to look for in an IoT provider

shortest routes.

monitored. If they sit down in their favourite

When exploring IoT technology it is im-

chair and turn on the television at 2 pm

portant to ensure that a solution provider

Estimates put savings at around $3000 per

every afternoon to watch their favourite

has a solid track record in designing and

carer per year. More importantly, through

show and this consistently happens for

developing mobile solutions that interface

the use of smart middleware that can pro-

a defined period of time, an alert can be

to a secure middleware platform that pro-

vide alerts and alarms, the client experiences

triggered from the middleware to notify

vides not just data retention, but analytics,

a better quality of service while the carer

the appropriate people to ensure that the

machine learning (AI) and easy-to-use

can also be monitored with KPIs.

client is alright in the event that the normal

dashboards for viewing clients’ data in

activity does not occur.

real time.

While RFID tags have been around for

Another example of this is in dementia

In addition to this, it is important to ensure

more than 20 years and are very effective

management of clients, either in the home

that the provider has either pre-built con-

for performing tasks such as asset tracking,

or in assisted care. Through the use of

nectors to your client management system,

other applications of the technology have

machine-washable RFID tags attached to

your CRM and your accounting package,

emerged. These include beacons and smart

the client’s clothing and beacon technol-

or has the necessary skills in-house to

hubs that use reading technologies such as

ogy, virtual gating or geofencing can be

custom develop a connector that meets

Bluetooth, BLE and ZigBee, which have

implemented to ensure that the client does

your specific need(s).

been used to enable smart home technology.

not wander outside a specific geographic

Passive monitoring

In the aged-care and home-care sectors, this

perimeter — and that if they do, carers or

Finally, a technology provider should be

staff are alerted immediately.

able to rapidly build role-specific mobile

technology has evolved to enable providers

applications that can be changed as required

to install a small smart hub in the client’s

The key to passive monitoring is that it

to ensure that they are cost effective, and

home and monitor — in an unobtrusive

needs to be unobtrusive within the home

which make your internal change manage-

manner — details such as continuous heart

or village so that while the client receives

ment requirements, including uptake, as

rate, location, activity levels, temperature,

the best care possible from the provider, he

easy as possible.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

19


TECH

Steve Manley

Vice President, NetApp ANZ

INSIGHTS

2017

What’s the next big disruptive play in the technology sectors for 2017 and what impact will it have? Third Platform technologies and solutions are accelerating the need for organisations to think differently and fail fast in order to stay competitive. The application economy is flourishing and data underpins this to drive cost efficiencies, new revenue streams and better customer experiences.

Customers will be looking for easy and accessible data management services to enable simple deployment of these emerging technologies.

Is the ICT regulatory and legal environment getting easier or harder, clearer or murkier for your business and your clients’ businesses and why? The explosion of data in today’s digital economy has resulted

It’s not only critical transactional data that requires storing

in a fundamental shift from using data to run the business, to

and sharing; now, organisations are collecting other masses

recognising that data is the business. With data being so valuable

of data (typically unstructured) such as social content, click-

to enterprises, it has become the new currency of the digital

stream data or audio and video data to help drive that next

age. This pace of innovation is no doubt a critical competitive

piece of innovation.

weapon; however, ICT regulations or laws typically cannot keep up.

It will be exciting to see the culmination of innovative products

We are continually discovering new ways of using and sharing

and services available in the market powered by valuable data no

data as part of the innovation cycle. As a result, it is important

longer held in silos. Connected things, robotics and blockchain

that organisations ensure best practice in managing and protect-

technology are just some examples of multibillion-dollar invest-

ing their data, even when regulations and laws lag behind. Given

ment areas that will continue to create fierce market competition

that cloud technologies typically act as a catalyst and accelera-

in 2017 and beyond.

tor for innovation within organisations, it’s also important to adopt a data fabric strategy that enables control of where the

What innovative technologies do you see emerging in your solution categories in 2017?

data resides and the ability to seamlessly move it to where it needs to be located.

As IT architectures evolve to accommodate new cloud infrastructure and new applications, a wider dynamic range of storage technologies will emerge. Hyper-converged infrastructure (HCI) is one of the architectures that has so far addressed the demand for simplicity and reduces the need for administrative resources to manage storage. Expect the next wave of HCI solutions to deliver the flexibility and scalability needed for building web-scale infrastructure. This includes the ability to adapt the ratio of compute to stor-

With over 20 years of experience in the IT industry and always passionate about finding a better way to drive success for customers through technology, Steve Manley is responsible for defining the business strategy and direction of NetApp across Australia and New Zealand.

age, enabling the upgrade of compute independent of storage, and scale in an easy and cost-effective manner. Other storage technologies such as archive-class storage and massive persistent memory are next in line for adoption.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

21


FROM THE FRONTLINE Jonathan Nally

The unified comms convoy

Keeping companies connected over Australia’s vast distances

As more and more enterprises finally ditch the PABX for the latest in unified comms, the benefits become readily manifest.

I

n order to maintain competitiveness

— unified comms is not only beneficial,

it a single telephony system across its five

and relevance in our rapidly evolv-

it has become an essential element of

sites and extending the network’s reach to

ing world, enterprises of all kinds

every good business strategy.

the highly mobile workforce.

and greatest communications methods.

Outback comms

Hosted Voice offers a fully managed IP

The notion of unified communications

Based just outside Adelaide and with four

telephony solution including voicemail,

has been around for a long while, of

depots in regional centres in South Aus-

unified messaging, click to dial, mobility

course, but the pace of change — and

tralia and the Northern Territory, McArdle

and conferencing services, with the option

the possibilities unleashed by the mobile

Freight operates in some of the remotest

for contact centre, call recording and toll-

communications revolution — means

parts of the country. Until recently, the

free number services.

business, government agencies and NGOs

company had relied on a PABX telephone

have powers at their fingertips what would

system for its head office, with separate

As part of the package, McArdle Freight

have seemed like science fiction not too

lines into its branches. However, as most of

commissioned a dedicated data connec-

many years ago.

its team is on the road, it has been heavily

tion, giving it a guaranteed quality of

dependent on the mobile phone network.

service for voice traffic.

ing the enterprise space, we spoke with

To simplify and streamline its commu-

“In addition to the communications fea-

representatives of three very different

nications, the company has implemented

tures… the main benefit for us is the guar-

organisations. And the message is clear

ShoreTel’s Hosted Voice solution, giving

anteed performance of our data connection,

need to keep up with the latest

To find out how unified comms is benefit-

22

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


O U R PA N E L Tamara McArdle, Office Manager, McArdle Freight

Dominic Reppucci, CIO, Centacare

Phillip Phillipou, Manager Information Services, Wellington Shire Council

particularly the fast upload speed,” said

“The mobile app is the icing on the cake.

Rural comms

Tamara McArdle, the company’s office

Our staff members don’t want to be car-

Wellington Shire Council is the third larg-

manager. “That means we can operate

rying around both a personal mobile and

est municipality in Victoria, responsible

our accounting system as a cloud-based

a work one. This way, they can use the

for 11,000 square kilometres of Victorian

application and look to move more of our

app on their own mobile device and have

countryside stretching from the Great

applications over to the cloud. That will

all the benefits of unified communications

Dividing Range and High Country down

give our staff easier and more flexible ac-

while they are on the road, on the same

to Bass Straight. The region has a diverse

cess to the systems that run our business.”

phone they use every day,” said McArdle.

economy that includes grazing, oil and

McArdle Freight has given its team mem-

“We operate over an incredibly large area

and construction. The council employs

bers an allowance to purchase their own

from Darwin and Adelaide — over 3000

450 people in a variety of roles, from

mobile phones as part of a BYOD policy.

kilometres north to south. We have a whole

administration to garbage collection.

Now, with the mobile app installed on

fleet of drivers we need to contact all the

each device, all staff members have the

time,” said McArdle.

gas production, manufacturing, defence

“We had very old communications technologies in place across the council, which

same UC functionality that they enjoy on an office handset. Also, when in range of

With the new solution in place, “we will have

led to organisational inefficiencies and

Wi-Fi, the mobiles operate on that data

transparency”, she added. “We will be able

frustration on behalf of staff who had to use

connection rather than over the more

to see each other, and use the best channel

the legacy [PABX] telephony systems on

expensive cellular network.

available at the time to reach someone.”

a day-to-day basis,” said Phillip Phillipou,

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

23


disparate systems in its internal communi-

“They can use the app on their own mobile device and have

cations. Over time, communications had

all the benefits of unified communications while they are on

become complex across the organisation’s

the road.” – Tamara McArdle, McArdle Freight

a big role to play in streamlining that.

46 sites, and Skype for Business has had

Secondary reasons for pursuing the manager information services, at Wel-

telecommunications costs,” said Phillipou.

solution were to reduce costs associated

lington Shire Council.

“Importantly, these are all savings that are

with Centacare’s telephony systems and

returned back to the community, which

provide an alternative solution for rural

is a great outcome for council.”

clients via Skype counselling services.

newer, more modern offices — the council

Safe and sound

“Prior to deploying this solution we were

partnered with IT consultants IComm to

For Adelaide-based social care organi-

using a manual phone system through an

explore best options and settled on Skype

sation Centacare, employee safety was

external contractor which had no flex-

for Business. “We found Skype for Business

the key driver for its adoption of Skype

ibility and offered very limited options for

would improve our staff ’s efficiency by

for Business and the development of a

automated notifications and reporting,”

allowing personnel to get out in the field

bespoke mobile application.

said Reppucci. “Staff had to manually

Needing a new solution — particularly in the context of an upcoming move to

call the service operator and notify them

more,” said Phillip. “By making our staff less restricted and desk-bound it would

“Our staff conduct over 3000 counselling

that their client meeting was commenc-

lead to better customer service delivery

sessions per year, the majority of which

ing, and then call them back following.

to our community.”

are home visits in sometimes dangerous

Often they had trouble getting through

and unfamiliar locations,” said Dominic

in the first place and would have to wait

Full deployment took six months, but

Reppucci, Centacare’s CIO. “The applica-

until they received a call back.

since implementing Skype for Business,

tion that we’ve developed protects them

the council has seen overall improvements

in these situations by sending automated

“We’ve been able to see significant benefits

in the way staff interact, collaborate and

alerts to the wider team if a staff member

in terms of cost savings on flights and

communicate with one another.

is in danger.”

other travel costs for staff who can now

The system facilitates mobile communica-

The web-based application syncs with

externally with clients,” said Reppucci.

tion, as workers can collaborate within

staff calendars automatically to input

“Other benefits include increased flex-

Microsoft Office documents using instant

when an appointment with a client should

ibility with communication systems and

messaging, screen share, voice chat or

start and finish, and lists the client’s name

streamlined approach across all our sites.”

video call, and stage virtual meetings.

and address. When the appointment is

use Skype to communicate internally and

scheduled to conclude, the system noti-

Reppucci said an unexpected benefit

“Skype for Business has allowed us to bet-

fies staff to log out of their appointment.

has been the use of translation services,

ter improve our operations and integrate

“If they haven’t, it rings back every five

which Centacare is currently testing with

staff and services — be those people and

minutes for three times after, and if staff

its staff and clients.

activities located out in the field or in the

don’t answer, it automatically alerts their

office,” said Phillip.

manager,” said Reppucci. “This way, we

“There’s also been greater flexibility with

know in a maximum of 20 minutes

phone system response groups and faster

As well as efficiency and morale improve-

after an appointment is scheduled to

on-boarding processes for new staff via

ments, Skype for Business has also led to

end whether a staff member might be

Skype for Business,” he said. “With our

real, direct cost savings.

in danger.”

new system, holidays and out-of-office

“[It has] helped Wellington Shire Council

In addition to addressing employee safety,

while in the past we would have to call

reduce hard costs in areas like printing and

Centacare’s goal with Skype for Business

the external contactor directly to change

toner, along with significantly reducing our

was to break down the silos created by

the phone systems.”

times are preconfigured automatically,

24

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


Optimise the power of your IT architecture with Eaton Monitor with EMP

Organise with Rack

5 practical steps to optimising power

Distribute with PDU

Step 1: Protect Protect your valuable IT assets from power issues and ensure business continuity. Step 2: Distribute Improve power distribution to increase efficiency and reduce operating costs.

Control with IPM

Step 3: Organise Organise IT equipment in your IT rack reliably and efficiently and reduce cooling costs. Step 4: Manage Integrate your power management infrastructure with your virtual environment and manage it all through a single pane of glass.

Cable management

Protect with UPS

Contact Eaton on 1300 UPS UPS http://powerquality.eaton.com/ANZ/Optimise

Step 5: Maintain and Monitor Maintain your power devices properly to extend their life and achieve a greater peace of mind.


Gordon Makryllos

Managing Director, ANZ, Eaton

TECH INSIGHTS

2017

What’s the next big disruptive play in technology and what impact it will have?

There’s also increasing use of central, real-time management

Large numbers of businesses are tapping into public and

equipment energy consumption, so cost can be allocated within

private clouds today, and even greater numbers will join them

business units or billed more accurately to data centre clients.

in coming years. However, cloud computing subjects data centres to significant new pressures. Cloud infrastructures make extensive use of virtualisation and higher powered servers, such as blade servers, technologies that dramatically increase rack-level power and cooling requirements. Moreover, cloud data centres tend to be dynamic environments in which virtualised workloads migrate freely among physical hosts. This increases IT agility but can also result in blown circuits and other electrical problems that lead to service outages. To master these challenges, organisations should adopt technologies and techniques that increase the reliability and redundancy of their physical and virtual environments, including power and cooling systems. These can range from modular power components and passive cooling schemes to

software being used to monitor more and more individual

What innovative technologies do you see emerging in 2017, and how will they help your customers? We’re now seeing robust demand for best-of-breed power and cooling systems that maximise capacity, minimise waste and allow users to dramatically raise the capacity, scalability and durability of their systems while lowering operating costs, and enabling them to take advantage of today’s most important new technologies. Our service provider customers are also now working with us to integrate new power management products into legacy data centres as the cost-saving benefits of a modern power management system outweigh the integration cost. From a wider market perspective, in the next five years we expect

data replication solutions and live migration software, as well

power management software will start to be integrated with

as proper monitoring and control. Together with hybrid cloud

energy authority control systems paving the way for a ‘smart

infrastructures, such tools and strategies can help companies

grid’ where facilities can consume as well as generate energy.

enjoy the power of cloud computing reliably and cost-effectively.

What will be the biggest growth opportunities for your customers in 2017, and why? What with growing competition, rising customer expectations and the mission-critical nature of systems in business, ‘downtime’ is not an option for our customers. Customers want greater visibility of their entire IT infrastructure, expect information to be made available in real time, need enough uptime to implement contingency plans and want information on total power consumed by individual devices in a single interface. As a result, we’re seeing a requirement for power management software, which allows data centres to control their energy usage during peak demand periods to lower their

Gordon Makryllos is Managing Director–Australia/New Zealand for Eaton’s electrical business, where he is responsible for overall business operations and sales in support of the company’s portfolio of power quality solutions for data centre and industrial applications. Previously, he held senior management positions with Orange Business Services, Schneider Electric, Telstra and IBM.

utility power costs.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

27


WITH A GREATER VANTAGE POINT, A GREATER ADVANTAGE.

Zebra gives you the big picture. Real-time information is key in today’s data-centric world. And Zebra’s intelligent, enterprise-level solutions provide you with instant connectivity and unrivaled visibility. See the vision at ZEBRA.com/visibility


TECH

Wayne Harper

INSIGHTS

CTO, Zebra Technologies

2017

What’s the next big disruptive play in the technology sectors and what impact will it have?

What technologies do you see emerging in 2017, and how will they help your customers?

We’re continuing to see an increased rate of computerisation

Among our transport and logistics customers, we’re seeing an

and automation across any number of industries. This isn’t

increasing reliance on beacons and sensors that utilise NFC

revolutionary in and of itself, but it’s taken a leap forward

and/or Bluetooth functionality for micro-locating purposes.

again thanks to the increased use of augmented reality (AR)

Essentially, these allow companies to maintain a much higher

in business applications. AR is very new territory, and the

standard of data concerning the whereabouts of their deliver-

best means of implementation are still being worked out.

ies. Currently, the transport and logistics sector in Australia is under tremendous pressure to deliver; every change for the

This is the nature of any new technology, but it will be

better, no matter how small it is, is eagerly seized on by the

particularly interesting to see whether or not a standardised

industry as a whole.

model emerges. Alibaba, for example, has already implemented facilities that allow virtual shoppers to pay for items simply

And while transport and logistics-based businesses have been

by nodding. This would not be ideal for everyone, of course,

the primary adopters of this technology, we’ve also seen con-

but it will help pave the way for more sophisticated innova-

siderable interest from the hospitality and healthcare fields. In

tions in the future.

hospitality, a sensor-controlled room can reduce the need for people to carry around swipe cards. In health care, staff can

The continued expansion of automation theoretically means

move about freely as required, while patients can be confined

that operations will be smoother and more predictable. But

to appropriate areas of a facility.

almost paradoxically, more time will need to be invested into training staff for if and when something goes wrong.

Which will be the biggest growth opportunities for your customers in 2017, and why? Staff training has always been a tricky area for businesses. While it will always be necessary in one form or another, for businesses to stay competitive it’s essential that they are able to get staff to be more effective, more quickly. As a result, the ability to speed up the induction and training of new staff members is a big growth opportunity for customers in 2017, if leveraged correctly. This seems to be an outgrowth of trends that we’ve recognised

Wayne Harper is CTO and Senior Technology Director APAC for Zebra Technologies, and has been with the company and its recent acquisition — Motorola Solutions’ enterprise business — for 20 years, during which time he has held many senior technical and sales positions.

based on 2016 sales. We’ve found that there were increased sales of Android-based scanning devices, which have traditionally been more effective at helping bring staff up to speed quickly than their Windows-based counterparts.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

29


B O D Y The best NBN outcome T A L K needs a better discussion Australia needs a more productive discussion to give us the NBN we deserve.

because it is increasingly difficult for them

view is that we will need to rebuild much

to separate fact from opinion.

of the NBN within 10 to 15 years’ time, perhaps sooner, if we continue with the

Personally, I’m tired of people claiming

current rollout. This has not been factored

that calling out flaws in the current NBN

into the long-term NBN financials.

strategy amounts to an attack on the organisation building it, or to adopting a partisan

There are rumours of a return to a more

Y

political stance. It doesn’t. We need expert

fibre-based proposition, perhaps deploying

ou might have noticed dur-

organisations and individuals to speak up

fibre to the driveway (FTTdp) in place of

ing the recent federal election

and provide facts-based advice so that we

the problematic copper FTTN. The govern-

campaign that we hardly heard

can return to a more enlightened, preferably

ment has already conceded that Optus’ HFC

a word about innovation, much

bipartisan, discourse.

network is unusable, which is something

guessing that private polling by the major

A recent Essential poll found that 88% of

course. Communications Minister Mitch

political parties highlighted the NBN as a

Australians see the internet becoming an

Fifield has committed to a review of NBN

‘hot button issue’ best avoided. Likewise,

essential service, like water and electricity,

wholesale pricing in the face of criticism from

our mainstream media has largely become

yet only 22% think that the current NBN

the industry and amid suggestions that the

disenchanted with the subject, possibly

model will meet our future needs. The latest

current regime is stalling customer take-up.

less the national broadband network. I’m

that was widely predicted in tech circles of

Ipsos broadband survey ranked Australia at the bottom of the global pile when it comes

The NBN is our biggest single nation-

to consumer satisfaction. Of 26 comparable

building infrastructure project since the

countries, we were 23rd in terms of dis-

construction of the Snowy Mountains

satisfaction.

Hydro-Electric Scheme. Whereas the ‘Snowy’ was primarily of benefit to people in NSW

To me this suggests there is a greater-than-

and Victoria, providing universal broadband

ever need to review our broadband strat-

will improve the lives of all Australians.

egy. There is obviously a problem if even the general public with limited technical

Focusing short term on construction costs

knowledge can discern that something is

ignores wider returns on investment through

not quite right.

the economy and to the social fabric of Australia, including greater productivity,

Laurie Patton, CEO, Internet Australia

I have some sympathy for our current prime

better education and health outcomes, and

minister, who, when he was communications

the increased viability of both metropolitan

minister, was reportedly told to kill off the

and non-metropolitan areas as sustainable

NBN. Fortunately, Mr Turnbull only placed

places to live and work. It’s time we opted

it on ‘life support’. The result was the so-

for #BetterBroadband before it is too late.

called multitechnology mix model relying

30

Internet Australia

on ageing copper wires and 25-year-old Pay

The author’s views expressed here are not

TV cables — a short-term fix at best. My

necessarily those of Internet Australia.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


SPONSORED CONTENT

Better prepare your network for cyber-risks

I

32

n November 2016, the Australian Government appointed Dr Tobias Feakin, a security and cyber policy researcher, as the first Australian Ambassador for Cyber Affairs. This appointment, which was made as part of Australiaâ&#x20AC;&#x2122;s $230 million Cyber Security Strategy (CSS), underlines the magnitude and potential severity that successful cyber threats pose to Australian businesses. The changing mix of technologies being used within businesses is also increasing risks, with the wider deployment of mobile applications and the Internet of Things (IoT)

infrastructure creating new opportunities for cybercrime. Mobility is already a necessity for businesses. As the use of mobility technologies increases across Australia, so do security threats. Smartphones and other mobile devices are creating a prime target for criminals. The rapid uptake of bring-your-own-device (BYOD) and wearable technology products such as Apple Watch to the workplace will increase an already high workplace demand for mobile apps in 2017. To meet this increased demand for mobile apps, developers are now working under

intense pressure with razor-thin profit margins. It is clear that in many cases app security and testing are being sacrificed to achieve quick app deployment at low cost. The result is business infrastructure that is more easily hijacked by criminals. In 2016, the explosive popularity of the PokĂŠmon Go mobile app was a case in point. Without warning, the location-based augmented reality game became a worldwide fad, installed by hundreds of millions of users onto their phones and tablets, becoming the most popular game in mobile history after just a few days. Many of the

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


© stock.adobe.com/au/monsitj

devices it was installed onto also connected to corporate networks. Soon afterwards, it became apparent that there were weaknesses in the app that led to security concerns and privacy breaches. According to John Gonzalez, Regional Director ANZ for Extreme Networks, Pokémon Go illustrates why every business needs to be prepared to deal with the unexpected risks caused by the apps installed on their employee-owned smartphones and tablets. “Businesses need both real-time visibility and control of what is happening over their

network infrastructure. Technologies that allow application information flows to be automatically detected, measured and controlled are now essential for cyber-risk management, and should be embedded across your entire wireless and wired network infrastructure.” Many IT departments lack the resources to anticipate unknown security attacks, but still need to allow users a lot of freedom to access network infrastructure using their own devices, under BYOD policies. According to the Aberdeen Group, to have real knowledge about your infrastructure, you must have end-to-end visibility of which applications are running on your network. This includes who is accessing the network and on what devices, which applications they are using across the network, and whether the network and its systems are delivering high levels of performance. Aberdeen Group claims that IT teams which have access to deep visibility and actionable network analytics are far better able to quickly respond to security threats before end-users are seriously impacted. A study conducted by the Aberdeen Group also found that IT departments which have access to “best-in-class” network visibility tools also have higher ‘very satisfied’ or ‘extremely satisfied’ user satisfaction rates, as well as reduced times for IT department ‘break-fix’ resolutions. Overall, the study demonstrated that end-to-end visibility and application control have a tangible pay-off for end-users, leading to a typical annual 1% year-over-year decline of user complaints, compared to a typical annual increase in complaints of 8% for organisations that did not implement the capabilities. This means that it is now critically important to implement workflows and infrastructure that deliver higher levels of visibility of device and application usage across the entire network infrastructure, without requiring significant administration overheads or a hit to performance. Mr Gonzalez said, “When an application hits your network, you need the ability

to not only see it, but to automatically make decisions on how you want to handle it. Ideally, you will want contextual security policies that provide fine grained access control, so you can permit, deny, prioritise, rate limit, tag, redirect and audit network traffic based on a user identity, time and location, device type and other environmental variables. Extreme Networks clients are able to implement these types of sophisticated controls across their wireless and wired networks, from the point of connection to the datacentre, without impacting on network performance.” To reduce your cyber-risks from mobile applications, your organisation should consider benchmarking which applications are already in use on the network, measuring the performance impact on the network of these applications, and determine what ‘policy’ your IT team will take regarding the ongoing use of any specific application. Policy items to consider for any particular application include rate limiting performance, or ‘sand-boxing’ the application to limited use situations, or specific infrastructure. Because of the huge number of mobile apps that are released every month, it is critically important to take steps to automate as much of this effort as possible, or at the very least, find ways to minimise the amount of your IT team’s time required to deal with the task. Technologies such as application fingerprinting and app profile databases can help IT teams to quickly evaluate the expected behaviour and level of threat of many common applications. These app fingerprinting technologies offer the potential for network infrastructure to automatically update permissions on the fly without incurring administrative delays and overheads, shutting the door on cyberrisks as they become known.

Extreme Networks www.extremenetworks.com

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

33


TECH

Daniel Cran

Managing Director APAC, LogMeIn

INSIGHTS

2017

What will be the next big disruptive play in technology and what impact will it have?

What will be the biggest growth opportunities for your customers in 2017 and why?

The next big disruptive play is to activate the potential of

We are seeing a growing number of companies turning to

existing technologies and uncover innovative ways to engage

remote support as the secret to increased customer satisfac-

with customers that fit their lives. But this doesn’t make the

tion and retention, productivity and profitability. The rise in

task of achieving customer and business success any easier.

connected consumer products is enabling businesses to gain unprecedented and direct access to their customers, and those

In a study of 8000 consumers globally, LogMeIn and Vanson

in the financial and manufacturing industries will reap the

Bourne found that while 67% of Australia and New Zealand

greatest benefits from video-aided support.

(ANZ) consumers surveyed are likely to do business with the same company again following a good mobile experience, this dropped to 9% following a bad experience. In other words, 91% of ANZ consumers may walk away from a company after a bad customer experience while using their smartphone, whether via an app or website. The disruptive play here is not to jump on new platforms, but to develop and improve existing channels where customers are happy to engage with you.

As an example, the UK’s leading insurance provider for students, Endsleigh, began using LogMeIn’s remote support product Rescue Lens to enable claim agents to see and remotely assist with the claims process as if it were directly in front of them. This has allowed Endsleigh to settle certain claims by collecting evidence through Rescue Lens, removing the need to travel to the customer’s home and shrinking the typical five-day turnaround down to a single day. With the challenges that connected customers present, video-aided customer support will present fresh opportunities for innova-

What challenges or trends emerged in 2016 that the industry wasn’t prepared for?

tors across all industries to secure a competitive advantage over new sector entrants.

Security in the Internet of Things (IoT) has emerged as one of the key challenges for product companies. While manufacturers are great at designing and developing their products, many are not prepared to manage the security of their newly connected devices. They have been hit with the reality that the IoT is not just another IT principle and many have underestimated the huge leap required to implement an IoT strategy. Yes, the IoT is creating new levels of customer connectivity and intimacy. But this unprecedented volume of information has resulted in households and businesses increasingly becoming unsecured data depositories. With consumers’ privacy and

Daniel Cran is the APAC Director at LogMeIn, responsible for managing local and international teams, building strateg ic partnerships and networking throughout the Asia–Pacific region. Previously, D a n i e l m a n a ge d re g i o n a l customer experience across global technology and logistics companies such as Experian, Fliway and Spring Global Mail.

safety expectations rising, this has wreaked havoc on industry players caught unprepared.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

35


Guy Eilon, Senior Director & General Manager, Forcepoint ANZ

T E C H N I C A L LY

SPEAKING

The threat inside Employees are your most valuable resource… but they can also be your biggest security risk.

W

hen data breaches make

in fact the result of actions from companies’

headlines, it’s often be-

biggest asset: their employees.

cause the hacking is by nefarious organisations

The rise of the insider threat

like Lizard Squad, or because it exposes

In Australia, the threat from inside an

sensational personal data as was the case

organisation is real and immediate. Re-

in the Ashley Madison scandal. While these

search commissioned by Forcepoint this

cases make a big splash in the media, the

year revealed that over 90% of Australian

reality is that the majority of data breaches

organisations believe they have been a target

fly under the radar.

of an internal data leakage — with only 6% categorically denying any exposure to a data

In the modern economy, being subject to a

breach. We often don’t hear about breaches

cyber attack is not only possible but prob-

like this, as companies are currently under

able. According to a global report by IBM,

no obligation to report them.

around 53 million security incidents took

36

place last year alone. While the headlines

Employees are a company’s greatest asset, but

would lead us to believe that these are due

also the main point of vulnerability as they

to sophisticated cybercrime from foreign

are often targeted by external parties to gain

adversaries, over 60% of these incidents were

access to the network. Human error, lack of

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


The stakes for businesses are high, with a Ponemon Institute/ IBM survey finding the average cost of an Australian data breach was $2.82 million.

Businesses also need to be open to the pos-

Implementing a solution

sibility that there are disgruntled employees

As the threat and cost of data leakage grows,

who intentionally leak data to an outside

businesses need to put security solutions

organisation. One of the most common

in place. These solutions need to focus on

intentional breaches comes from employees

data loss prevention through behavioural

who take corporate data or intellectual prop-

analytics to provide the best defence against

erty with them when they leave a company

the biggest risk — the insider threat. This

— in some cases to join a direct competitor.

approach integrates technology with an understanding of people and processes to

High stakes

mitigate a threat before it happens.

© stock.adobe.com/au/Boggy

The stakes for businesses are high, with a Ponemon Institute/IBM survey finding the

Monitoring tools can accelerate companies’

average cost of an Australian data breach

efforts to prevent data theft and loss from

was $2.82 million. Given data is likely to be

hijacked systems, rogue insiders, stolen cre-

an organisation’s most valuable asset, this

dentials and negligent end users by enabling

figure is unsurprising. Over time, reliance

security professionals to see early warning

on digital tools and mechanisms is only set

signs of abnormal behaviours, capture a

to increase, so staying ahead of cyberthreats

record of desktop activity and intervene

will continue to be of growing importance

before sensitive data is lost or stolen.

to Australian businesses. Ultimately an insider threat solution needs This is particularly true with the massive

to connect the dots, capturing human

training or negligence causes the greatest

uptake of online systems, which not only

behaviours arising from carelessness, lack

number of insider data breaches by volume,

includes new technologies but also truly

of training or malicious intent that may

with 66% of survey respondents the target

digital ways of living. With the advancement

be warning signs of an impending breach.

of an accidental insider threat, 39% exposed

of digitisation in the way personal informa-

to a socially engineered insider threat and

tion is shared, networks built and contacts

Weighing up the risks

32% exposed to a purposeful or malicious

maintained, organisations are developing

In an increasingly competitive and digitalised

data leakage.

sophisticated online tools and platforms to

world, businesses need to closely guard their

support mobile employees. In fact, according

confidential data and intellectual property.

While negligent insiders are not malicious

to a recent survey by PwC, international

For many, success or failure can come down

in nature, they can cause significant damage

assignment levels have increased 25% over

to the protection of these critical assets.

to an organisation. Typically this includes:

the last decade and could see another 50%

unintentionally sending confidential data to

growth by 2020.

the wrong recipients or intended recipients

While business owners and security staff alike will need to weigh up the risks for their

who should not be receiving the data in the

Which businesses are at risk? Every company

organisation, one thing is clear — without

first place; losing a laptop, mobile device or

that relies on digital infrastructure or IT

a comprehensive security solution in place

USB drive; and sharing too much informa-

networks in their day-to-day operations.

that protects against the insider threat, it

tion through social media channels. Other

In one way or another every company is a

may only be a matter of time until those

examples include accidentally deleting or

technology company, so they all need to be

businesses have to face the financial and

modifying company records.

prepared when it comes to cybersecurity.

reputational repercussions.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

37


KEY WORDS

F

Automate quote-to-cash

for a competitive edge

rom the moment a customer

down the drain. Automating processes will

process. As customers update their orders,

takes an interest in your product

cut down cycle times drastically and allow

or change terms and conditions in their

or service, they form an impres-

you to be more responsive to customers’

contract, the invoice will automatically

sion that is long-lasting. But how

needs. Fast quotes are the path to smarter,

contain all the latest and most accurate

can you turn that into brand loyalty? Short

more effective selling by helping you

information.

answer — create an engaging and efficient

shorten sales cycles, eliminate deal ero-

customer experience from consideration

sion and accelerate revenue. Automating

all the way to purchase, or quote-to-cash.

quoting can decrease your approval cycle

This is an end-to-end sales automation

times by 75%, and by tying your quotes

process that is proving to be a major

to contracts, you can cut contract cycle

value-add for enterprises when it comes

times in half.

to improving customer experience. Here Make renewals painless. Gartner has

it is in four steps.

found that 80% of a company’s revenue Make personalisation easy. Empowered

will come from 20% of existing custom-

by social networks and digital devices,

ers. Renewals are paramount to revenue,

customers are increasingly dictating what

so customer satisfaction should be a

they want, and when and where they want

core priority for all companies. Focus on

it. There’s no doubt that personalisation

positive experiences that drive and create

in purchasing has become king, such

return customers, which in turn will drive

as Amazon’s suggestions of products

ongoing relationships. Having streamlined

consumers might like to buy based on

quoting and contract processes, as well

purchasing history.

as clear visibility of deal terms, will help

Aniqa Tariq is the Sydney-based Managing Director of Bluewolf Australia and New Zealand, an IBM company. Tariq has more than 15 years of global business experience with roles in forecasting, new product development, business development, IT, sales and marketing.

make renewals more painless. Satisfied Similar technology is now available to

customers can receive a quote, electroni-

sales agents to provide faster quotes and

cally sign, and be renewed within a day.

proposals. What used to take days can now be done in minutes by syncing e-commerce

Simplify billing and order management.

with a configured, price quote solution that

One of the most overlooked aspects of the

enables full catalogue synchronisation and

customer life cycle is invoicing, which has

complex product offerings in a simplified

typically been relegated to the back-end

manner. Customers can select the combina-

machinations of ERP systems. This is ill-

tions that match their needs, and receive

advised since invoices are often the last

recommendations for other products.

touch point that customers have with your business. Wouldn’t it make more sense to

Be responsive to needs. How many times

have invoice information managed with

have you had questions about a product

all the rest of your customer information?

but there was no-one around to help you?

38

It’s an extremely frustrating situation, and

Simplify billing management by integrat-

one in which the customer satisfaction goes

ing it into to your entire quote-to-cash

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


© stock.adobe.com/au/StockRocket

Breaking bad business habits The role of integration in creating best-of-breed enterprises

Michael Evans, Managing Director APJ, Dell Boomi

In today’s digital era, enterprises need to move away from traditional processes and governance towards an iPaaS solution.

F

ifteen years ago, the main tech-

cloud adoption increased, and may soon

tions that have been acquired over time

nology story for large enterprises

match or exceed on-premises options.

to enable seamless flow of data. This

was one-size-fits-all ERP suites

simple, low-cost and scalable cloud in-

that offered integrated financial,

This transition has granted passage to in-

tegration is helping organisations choose

ordering, manufacturing, stock control,

tegration platform-as-a-service (iPaaS).

tailored solutions for each business

HR and payroll systems. It was never the

And it’s a rising market. According to

unit’s specific needs while encompassing

best solution technically, but at least all

Gartner, “The enterprise iPaaS market

a modern hybrid architecture. This in

the modules worked together.

expanded notably during 2015, exceeding

turn introduces measurable efficiencies

$400 million and growing more than

for organisations where multinetwork,

But the commercialisation of cloud com-

50% in terms of providers' subscription

multicloud applications can be easily

puting and the platform it has provided

revenue when compared to 2014.”

managed with simple customisation tools, automatic upgrades and mainte-

to allow the integration of disparate (but

nance by the service provider.

best-of-breed) systems means CXOs no

Large organisations — or even individual

longer have to compromise when selecting

departments within those companies

the best solution for their businesses, and

— don’t want to be held hostage in-

The impact on productivity and subse-

their stakeholders.

side inflexible and rigid environments.

quently the bottom line is significant.

They need specialised resources to ad-

iPaaS lowers total cost of ownership

This has alleviated a number of hindrances

dress their unique challenges to remain

of an enterprise’s systems by enabling

associated with former business processes.

competitive in a tough economy. Today,

efficiencies through the likes of citizen

For example, a consulting firm recently

it’s about introducing separate providers

integration and golden records within a

identified that ERP implementation costs

for finance, e-commerce, point of sale,

single-instance, multitenant framework.

were significantly higher in 2015 than 2014,

telemanagement and so on.

This eliminates key issues associated with the one-size-fits-all approach, namely the

climbing from US$2.8 to US$4.5 million. In the same period, a higher number of

With iPaaS, enterprises can integrate

need to keep everyone trained so that

ERP projects failed. Meanwhile, SaaS and

these systems and other cloud applica-

the system is used properly.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

39


Better Data. Better Analytics. Business Intelligence and Analytics Data Integration Data Quality and MDM

www.informationbuilders.com.au


Rado Kotorov VP Product Marketing, Information Builders

TECH INSIGHTS

2017

What’s the next big disruptive play in the technology sectors and what impact will it have?

Which challenges or trends emerged in 2016 that the industry wasn’t prepared for?

One disruption typically follows another. So the biggest disrup-

digital transformation in nearly every industry. From healthcare

tion today is Internet of Things (IoT) sensors, but the biggest

to manufacturing, it’s hard to find an area of business that

disruption tomorrow will be the new types of analytics available

was not affected by sensors, digital records or automation.

for that sensor data. Sensors collect data on very granular levels

Indeed, digitalisation intensified and this meant more data.

Technology’s ability to deliver a competitive advantage saw a

— seconds and milliseconds. Such level of detail will enable us to see things that we have never seen before. Just as with the

This is where BI and analytics had to play a crucial role

invention of the microscope, the invention of the new types of

— in the conversion process from row data to value. And

data analytics will open the doors to unprecedented discoveries.

for the value to materialise, the BI and analytics had to be operationalised, or in other words made an integral part of

What will be the biggest growth opportunities for your customers in 2017 and why?

the money-making business processes.

Driving analytics into operational decision-making. Money

CIO. In my opinion, we are about to turn corners on this

is made and lost in operations, and most of the decisions in

and indeed materialise the benefits of BI and analytics. And

operations today are made based on gut feeling. That means

the reason I predict that is precisely because the CIOs are

that many of those decisions are wrong. Companies are learn-

leading the digitisation of operational processes. For the first

ing quickly that standardising the decision-making process and

time, the CIOs are becoming owners of business processes.

Therefore, BI and analytics became the top priority for the

implementing fact-based decision-making standards are the fastest ways to enhance performance and competitiveness. As a key Google executive stated in an interview, a key part of Google’s digital culture is for everyone to make decisions based on facts.

What innovative technologies do you see emerging in your solution categories in 2017, and how will they help your customers? The two key technologies are artificial intelligence and search. Both of these technologies have long histories, but now they are making their way into operational applications. AI gives people faster access to insights and also allows for the automation of many decision tasks. Search gives business users not only faster access to information and insights but also the ability to find more relevant contexts to understand better those facts and insights. As one chief of a police department put it, search has turned every street cop into a detective as they can immediately connect the facts through search.

Dr Rado Kotorov is Vice President of Product Marketing for Information Builders and works both with the Business Intelligence and the iWay product divisions to provide thought leadership, analyse market and technology trends, aid in the development of innovative product roadmaps and create rich programs to drive adoption of BI, analytics, data integrity and integration technologies. Prior to his current role, he was Executive Director of Strategic Product Management and Competitive Strategy.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

41


© stock.adobe.com/au/liravega

James Walker, Managing Director, Computer One

T E C H N I C A L LY

SPEAKING

Education is the key to ransomware defence SMEs need to ensure their staff, from the CEO to the IT team, are prepared to repel ransomware attacks.

42

C

yber attacks have been part

Recently, we’ve seen alarming reports

of Australian organisations’

about ransomware activity in Australia.

landscape for a long time

The ACCC’s 12th Small Business in Focus

now, and as businesses em-

report revealed that the ACCC received

bark on a ‘digital first’ approach we are

7600 enquiries and complaints from small

seeing the cyber threat landscape expand-

businesses in the first half of 2016, with

ing. Today, there are more cyber attacks,

ransomware sited as one of the biggest

data leaks and ransomware activities than

problems, with small businesses losing $1.6

ever before.

million in scam activities.

This isn’t surprising, and most organisa-

Furthermore, Australia was recently found

tions around the world have been expecting

to be the second most targeted country for

cyber attacks to grow. What is concerning

ransomware attacks, and SMEs were revealed

is that hackers are using more and more

as the most targeted organisations. It’s clear

sophisticated strategies, including ransom-

that Australian SMEs have a serious chal-

ware, and are increasingly targeting SMEs.

lenge, which is only going to grow with time.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


Up against organised cybercrime

in educating their teams, they would greatly

Unfortunately, many companies don’t

decrease the likeliness of falling victim to

properly train their staff on cybersecurity

When looking at the sophistication of

ransomware attacks.

issues and still underestimate the consequences of staff using weak passwords

cybercrime today, especially ransomware, and considering that the sophistication

Most importantly, decision-makers need to

to access their applications. Educating

and frequency of attacks is increasing, it is

understand the value of their organisation’s

employees on the potentially severe con-

fair to view cybercrime as organised crime.

data. Despite multiple warnings, organisa-

sequences of a simple careless mistake is

Today’s hackers have become very powerful,

tions continue to store more and more data

the best way to empower each individual

mostly because IT now has a role to play

without increasing their security, or training

to prevent ransomware.

in every part of a business’s organisational

their teams about the value of the informa-

structure and strategy.

tion they are working with and exchanging

Security should be everyone’s concern,

with clients and other third parties.

from the CEO to customer service operators — not only IT. Ransomware can be

Contrary to many other attacks where organisations might get part of their data

Running fictional scenarios is a great way

fought only if security is put at the heart

corrupted or have their IT systems down

of making organisations, and particularly

of the business strategy — on the same

for several hours (which already can be very

CEOs or key business decision-makers,

level as any other goal, and it should have

damaging), ransomware’s primary aim is to

realise how much they would lose financially

its own KPIs.

get money from the organisation targeted.

and in terms of reputation if part of their data were stolen or inaccessible for a certain

Getting the right expertise

In a recent study by the Pomenon Institute,

period of time, and only restored if they

It is important for business leaders to un-

the cost for companies was revealed as being

were willing to pay significant amounts to

derstand that with the increasing complexity

up to US$2.64 million per attack with an

hackers. Making security a business priority

of the cyberthreat landscape, IT teams need

average of US$142 per lost or stolen record

is key to making sure IT teams get enough

to be regularly trained on the latest hack-

— a loss which can dramatically affect large

support to protect against ransomware.

ers’ strategies. If those teams aren’t trained

organisations, and which can potentially put SMEs out of business. The problem with ransomware is that it can

“The problem with ransomware is that it can come from

come from many different sources, making

many different sources, making it very difficult for SMEs

it very difficult for SMEs with limited IT

with limited IT budgets and security expertise to counter.”

budgets and security expertise to counter. Hackers increasingly use ransomware against SMEs because these enterprises often don’t

Empowering staff

properly and don’t know about the latest

consider themselves as potential targets, or

IT teams are, of course, the most obvious

threats, they won’t be able to alert the staff

think they can’t fight back against such

stakeholders when it comes to guaranteeing

or provide guidelines or recommendations

sophisticated attacks. In April 2016, a CERT

the security of an organisation. However,

to prevent more attacks. Nor will they be

Australia expert stated that most Australian

when it comes to ransomware, end users are

able to alert the appropriate executives or

organisations fall victim to ransomware

key and education once again plays a role.

teams about the need to increase security spend by investing in relevant technologies.

because they make basic mistakes. Hackers are often successful because they

Education is the key

appeal to end users’ carelessness. Most

SMEs represent a large part of Australia’s

Having worked with Australian SMEs for

ransomware pushes online users into click-

economy, and will continue being targeted

over 20 years, I have realised that the first

ing on an infected pop-up advertisement,

by ransomware as they continue to digitise

problem encountered when talking about

visiting an infected website or downloading

and collect valuable data. It actually doesn’t

security is a lack of knowledge on the

an infected file from an email. The second

matter whether or not a hacker thinks your

matter, both from the executive and IT

step of the process is locking the victim’s files

data is important — if you think it’s im-

management levels. If SMEs invested time

and asking for a ransom to ‘unlock’ them.

portant, then you are a potential target.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

43


products

RUGGED TABLET The Panasonic fully rugged Android 10.1â&#x20AC;ł Toughpad FZ-A2 tablet provides military-standard rugged capabilities to a broader range of Australian enterprises. It delivers protection against drops and shocks, heat and cold, vibration, contamination, dust, rain and more. The product combines Intel and Android productivity with full ruggedisation and is suited to a range of mobile users. It is suitable for highly mobile outdoor workers in challenging conditions. With its sunlight-viewable 10-finger multitouch IPS display, flexible configurable ports and business expansion capability, plus enterprise-class security, the product is suitable for use in the field. In addition, it has the ability to work below zero or above 50°C and the touchscreen can be used in the rain or while wearing gloves. Panasonic Australia Pty Limited www.panasonic.com.au

VIDEO WALL CONTROLLER The Black Box VideoPlex4 video wall controller can be daisy-chained to other modular controllers so the user can add as many displays as required. Screens of any size can be mirrored, rotated, separated or aligned, providing various options to craft a video wall. This standalone controller delivers high-resolution DVI

ENCRYPTED DRIVE

video to up to four video screens, creating video walls that are simple and effective.

The Kingston DataTraveler 2000 encrypted

The product allows users to control display screens via

drive is designed to be secure. It features an

USB from any PC or laptop. Configuration is simple

alphanumeric keypad that locks the drive with

and a preview function allows users to see the results

a word or number combination for easy-to-use

on their own screen before they go live. Rugged and

PIN protection. Its auto-lock feature is activated

durable, the controller is designed for 24/7 operation

when the drive is removed from a device and

in virtually any environment.

it deletes the encryption key after 10 failed

Black Box Network Services Australia

intrusion attempts.

www.blackbox.com/en-au

The product has hardware-based, full-disk AES 256-bit data encryption in XTS mode. Encryption is performed on the drive, not on the host computer, and no trace of the PIN is left on the system. Kingston Technology Far East www.kingston.com

44 w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


work

T

Flash to the rescue when things get tight

he University of Melbourne had a reliable SAN-based

consistently, Pure has enabled the University of Melbourne to

storage system that was performing to expectations,

run higher performing VMWare tier storage at a lower cost.

but had reached full capacity, resulting in delays

“We had solid infrastructure but Pure gave us the ability to

provisioning new virtual machines while space was

re-use existing storage. So we can ensure that customers who use

reclaimed and leading to complex maintenance requirements.

our student-facing systems, such as lecture capture and learning-

Clearly, the university needed new storage technology that would

management systems, are not going to experience slow query

provide ongoing support for

times resulting from the storage

high workload requirements.

layer,” said Poynton.

“Virtualisation workloads spike

Poynton said seamless scaling

during enrolment and results

is another important benefit. “We

periods, so we were looking for a

now have the capacity to deploy

system with seamless scalability,”

new services and applications

said Drew Poynton, manager–

much faster than we could in

storage, servers and backup.

the past,” Poynton said. “We

Poynton investigated flash

no longer need to worry that

and fibre channel options and

our storage environment will

settled on an all-flash solution

hit capacity and slow down the

from Pure Storage. “When

whole system.” Furthermore,

it comes to virtual machine

the

Pure

workloads, flash reduces any

footprint is significantly smaller

chance of storage being the

than the old system, which enables

bottleneck. On top of Pure’s

better use of physical space. On

simplicity, its price point was

top of this, the Pure1 Cloud has

comparable to high-end spinning

simplified the physical monitoring

disk so the decision was a no-

of storage with zero management

brainer,” he said.

overhead.

The university’s ‘gold tier’ virtual server workloads, including

“The Pure1 platform provides the UNIX and virtualisation

Microsoft SQL, now sit on two of Pure Storage’s FlashArraym//50s,

teams with greater visibility into the storage layer, so they can

while the ‘silver’ and ‘bronze’ tiers of storage are deployed on

work more collaboratively with the storage team and each other,”

disk-based SANs. With Pure in place, the IT department has

said Poynton. “This also means less time is spent managing

been able to repurpose the legacy ‘gold tier’ storage into other

storage issues, so time and resources can be redeployed back

pools to improve the performance and capacity of lower tiers.

into strategic business initiatives.”

The benefits were immediately apparent, the most important

As well as being a superior technical solution, Pure has

being the increased usable capacity from the deduplication and

delivered key business advantages to the university. “Pure has

compression technologies embedded into the Purity operating

helped simplify our business not only from an IT perspective but

system. The all-flash solution also resulted in faster data access and

from a financial perspective. With Pure’s Forever Flash model

lower latency for the virtual workloads, and the Microsoft SQL

we have ongoing support and consistent storage maintenance

environment is running up to three times faster than it was on

costs and can upgrade our storage without large capital spends.

the former system. And while the legacy storage was performing

This means we can budget accurately,” said Poynton.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

45


Adam Salter and Peter Brabant, Jones Day, Sydney

T E C H N I C A L LY

SPEAKING

Don’t fall into a privacy breach The ins and outs of Australian privacy laws — how they practically affect businesses and what to look out for.

I

n an increasingly digital age, more

Australian Privacy Principles

and more businesses are collecting,

The key obligations under Australian

using, storing and transferring data

privacy law are set out in the Australian

critical to their operations than

Privacy Principles (APPs) which are con-

ever before. On the face of it, Austral-

tained within the Privacy Act 1988 (Cth)

ian privacy laws that govern these very

(Privacy Act). The APPs regulate the use,

functions appear dense, overly pre-

management and disclosure of:

scriptive and practically burdensome. This article navigates the ins and outs

• Personal information, common exam-

of these laws so far as they practically

ples of which include an individual’s

impact upon the privacy, data protec-

name, address, signature, telephone

tion and cybersecurity capabilities of

number, date of birth and bank account

businesses, including a snapshot of Australia’s upcoming mandatory data

46

breach notification scheme.

details; and • Sensitive information, which attracts a higher degree of regulation, including

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


© stock.adobe.com/au/tashatuvango

numerous other Australian privacy related

sioner found that Comcare improperly

laws (not considered here), including data

disclosed his personal information in

retention by telecommunication service

breach of APP 6.1.

providers and collection of health records by health service providers.

Cross border data transfers. APP Entities must take reasonable steps prior to disclo-

Privacy policy. APP Entities must create

sure of personal information to overseas

and maintain an up-to-date privacy policy

recipients to ensure that such recipients

(APP 1.3). This is the starting point for

do not breach the APPs (APP 8). Reason-

individuals to understand (and, where

able steps include having agreements in

relevant, consent to) matters regarding

place with overseas group entities and

the management of their personal infor-

third-party service providers to ensure

mation. A privacy policy must contain,

their compliance with the APPs in dealing

at a minimum, those matters set out in

with the disclosed personal information.

APP 1.4. This issue is becoming increasingly prevaCollection of personal information.

lent in light of the growing use of cloud

The key APPs regarding the collection

storage and offshore data processing.

of personal information are:

Importantly, disclosing entities may be accountable, in certain circumstances, for

1. An APP Entity must only collect

acts or practices of overseas recipients that

personal information if it reasonably

are in breach of the APPs (s. 16C of the

needs that information for its business

Privacy Act).

(APP 3.2). 2. An APP Entity must obtain an individual’s consent to collect sensitive

There are certain exceptions to APP 8, including where:

information (APP 3.3). information about an individual’s racial

3. An APP Entity must notify an indi-

1. The disclosing entity reasonably be-

or ethnic origin, political opinions,

vidual when personal information is

lieves that the overseas recipient is

membership of a political, professional

collected, including describing the

subject to a legal system that has the

or trade association, religious beliefs or

purpose for which the information

effect of protecting an individual’s in-

is collected (APP 5).

formation in a substantially similar way

affiliations, philosophical beliefs, sexual orientation or practices, criminal record,

4. An APP Entity must only use or

health information, genetic information

disclose personal information for the

for the individual to enforce that law; or

or biometric information.

purpose for which it was collected

2. The disclosing entity informs the indi-

to the APPs, and there are mechanisms

(APP 6.1). Personal information can

vidual that if he or she consents to the

The APPs apply to “APP entities”, namely

also be used or disclosed for a sec-

disclosure of the personal information,

public entities and private organisations

ondary purpose if it is related to the

the entity will not be required to take

(and their related bodies corporate, in-

primary purpose (and directly related

reasonable steps to ensure that the

cluding those outside of Australia) with

in the case of sensitive information).

overseas recipients do not breach the

an Australian connection and a total

APPs, and the individual consents to

annual turnover of more than $3 million

In September this year, the Australian

(APP Entities).

Information Commissioner (Commis-

this disclosure.

sioner) fined Comcare $3000 for breach-

Security of personal information. APP

ing an injured public servant’s privacy

Entities must take reasonable steps to

Below is a summary of the key APPs and

when it improperly shared details of

ensure that personal information it holds

some practical tips for compliance by APP

his work-related injury to his previous

is secure (APP 11.1). Once an APP Entity

Entities. In addition to the APPs, there are

employer and its insurer. The Commis-

no longer needs the personal information,

The key APPs

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u

>

47


breach, the kinds of personal informa-

© stock.adobe.com/au/Nmedia

tion involved and any steps the affected individuals should take (for example, changing passwords). • Failure to comply is deemed to be an interference with the privacy of the individual/s concerned. The Commissioner has the power to investigate, make determinations, seek enforceable undertakings and impose civil penalties (of up to $1.8 million) for serious or

“We foresee the real potential for litigation arising from mandatory data breach notification.”

repeated infringements. If the Bill becomes law, responding efficiently and effectively to a data breach will be imperative. APP Entities should

it must destroy the information or ensure

should notify the Commissioner and the

consider preparing internally to minimise

that it is de-identified (APP 11.2).

individuals to whom the breach relates.

the risk of a breach, including by review-

The Commissioner has issued a Guide to

On 19 October 2016, the Federal Govern-

policies and procedures, and externally,

securing personal information: ‘Reasonable

ment introduced the Privacy Amendment

including by understanding and preparing

steps’ to protect personal information (up-

(Notification of Serious Data Breaches) Bill

for the mandatory reporting requirements

dated in January 2015) that lists factors

2016 (Cth) (Bill). The Bill has bipartisan

to regulatory authorities and affected

that are relevant in determining what

support and is likely to become law.

customers or clients.

The factors include the nature of the APP

Some key issues for APP Entities to be

We foresee the real potential for litiga-

Entity; the amount and sensitivity of

aware of and prepare for are as follows.

tion arising from mandatory data breach

ing and strengthening computer systems,

steps are reasonable in the circumstances.

the personal information held; and the

notification. This could be action for

practical implications of implementing

• It will require APP Entities to notify the

failing to report a breach, failing to report

the security measure, including time and

Commissioner and affected individuals

a breach in accordance with the require-

cost involved.

of serious data breaches. A ‘serious

ments of the law or supply contracts

breach’ occurs when there has been au-

with consumer or business customers, or

What data security standard companies

thorised access or disclosure of personal

potentially facing class action litigation

must implement is a topical issue glob-

information, or personal information is

from a class of individuals whose data

ally. A recent decision of a United States

lost and unauthorised access or disclo-

was breached.

court offered a somewhat obtuse ruling

sure is likely. Accordingly, it covers both

as to what constitutes “reasonable data

cases of deliberate unauthorised access,

Since the introduction of mandatory

security” for US companies in complying

such as hacking incidents, as well as

data breach notification laws in various

with the Federal Trade Commission Act.

losses or theft of laptops, hard drives

states across the US from 2003, there has

or documents.

been a significant amount of class action

Mandatory data breach notification

litigation against companies involved in • For the breach to be ‘serious’, it must

data breaches. Mandatory notification

Australian businesses are currently not

be likely to result in serious harm to

may facilitate class actions by provid-

legally required to report data breaches.

the relevant individuals.

ing claimants with early notification of

The Commissioner has published guide-

48

breaches, and assist in identifying the

lines that recommend that companies

• An APP Entity must notify, in the form

who are subject to a serious data breach

of a statement, a description of the

affected class of individuals and the type of claim to be made.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


IT Conference Calendar Women in ICT Leadership Summit 20–24 February (Melbourne) Bringing together inspirational leaders to explore obstacles and opportunities that have arisen with constant and rapid change. bit.ly/2eqyfMM

Annual Records & Information Officers’ Forum 20–24 February (Melbourne) An event for records and information managers to network and learn from one another for improved business outcomes. bit.ly/2eLUqgx

NextGen Government 21–23 February (Sydney) Enabling transformation, analysing leading projects and examining

spectrum squeeze: safety agencies’ data dilemma roundtable: learning from private enterprise HealtHcare: data drives real-time insights

Digital formula: Paul Shetler’S

radical mission at dto

OCTOBER 2015 • ISSUE 29 PP100021607

it auditing’s vital role ● mobile-friendly makeovers GTR OCTOBER 2015 | 1

the processes and technologies that underpin digital government. questevents.com.au/nextgengovernment-2017

National FutureSchools Expo & Conference 23–24 March (Melbourne) A central exhibition and five parallel conferences expected to attract over 80 exhibitors and around 2400 education professionals. futureschools.com.au

Connect Expo 29–30 March (Melbourne) Brings together senior leaders from business, government and the investment community to discuss and experience the latest emerging technology. connectexpo.com.au

DatacenterDynamics Converged 27 June (Sydney) A one-day conference and expo that will cover important topics on IT and data centre strategy, as well as design and operations, cloud adoption and security. dcdconverged.com

Technology in Government 1–2 August (Canberra) Brings together senior technologists and communications experts to learn, network and source ICT solutions for the ongoing transformation within government. acevents.com.au

YOUR DESTINATION FOR PUBLIC SECTOR ICT INDUSTRY NEWS AND INFORMATION

Subscribe today to the Government Technology Review (GTR) email newsletter and enjoy: • Breaking news to your inbox every week • Choice of a quarterly print or digital magazine • In-depth analysis from industry experts and analysts • Products, case studies, interviews and opinion pieces

Simply visit: www.technologydecisions.com.au/subscribe 49

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


OFF THE

CUFF

A

Living on the edge in stormy weather

s South Australia’s recent storms

iency for a cloud implementation. The first

(which knocked out the state’s

is a hybrid strategy using simple devices to

entire power supply) showed,

support specific, defined applications. An

natural disasters are unpredict-

example is a cloud storage gateway, which

able and powerful. What is predictable,

is a local device that acts as a network

however, is that IT clients and consumers

appliance or server that translates cloud

now demand uninterrupted access to their

storage APIs such as SOAP or REST.

data and applications regardless of the weather. For this reason, avenues to future-

The second approach is more complex

proof data infrastructure against downtime

and involves employing small, micro

should always be top of mind. Combining

data centres of 10 racks or fewer. Such

cloud with an edge computing strategy is

data centres are often available as pre-

one way to ensure this availability.

engineered, configure-to-order systems that can be assembled on-site. Or, they

In the case of natural disasters, organi-

may be fully assembled in a factory in a

sations with a centralised data centre

single enclosure and simply dropped on-

architecture can be affected — regardless

site. These single-enclosure systems come

of whether the centralisation is cloud, on

in durable versions that can withstand

premise or colocation. With this consid-

harsh environmental conditions.

ered, organisations should be looking at a re-architecture with a hybrid approach

A third option is to create geographic

to leverage a mix of edge technology and

dispersion by employing a series of

geographic dispersion.

regional data centres. These are larger

Adam Wilkinson drives Schneider Electric’s on-premise data centre, network and edge computing business. He has more than 20 years’ experience in IT, 15 of them with Schneider Electric/APC and Dimension Data.

facilities, with 10 racks or more, that Edge places computing power, control,

have more processing power and storage

storage and applications closer to the end

capacity than a micro data centre. In es-

users who are using them. Cloud comput-

sence though the idea is the same, but

ing is already quite reliable, but combining

this option enables cloud applications and

it with an edge computing strategy results

storage to live closer to the users who

in faster response times and a considerable

are employing them, improving response

increase in dependability. Edge will trans-

time while also adding another layer of

form a cloud computing implementation

reliability and resilience.

from a wholly centralised architecture to a distributed environment. Disruptions

Natural disasters are certainly unpredict-

would be limited to just the point in the

able, but data infrastructures cannot afford

network where it occurred, instead of the

to be. Combining cloud computing with

entire cloud implementation.

a robust edge computing strategy is one of the key ways organisations can ensure

50

There are three key options for employing

they are running effectively 24/7, whatever

edge computing in order to increase resil-

the weather.

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u


>> $60.00*

SUBSCRIBE

(non-IT professionals) to Technology Decisions and you will pay

a year

* within Australia. Please apply for International rates.

QUALIFY

>>> FREE

for Technology Decisions and we will deliver you 4 information-packed editions FREE.

all year

The magazine is available FREE to IT and business professionals. Go to the website now and complete the simple registration form. w w w. t e c h n o l o g y d e c i s i o n s . c o m . a u / s u b s c r i b e You can choose to receive the print magazine and/or the eMag. To ensure you are updated with key information between issues, sign up for the twice weekly eNewsletter too!

A.B.N. 22 152 305 336 www.wfmedia.com.au

Head Office: Cnr Fox Valley Road & Kiogle Street (Locked Bag 1289), Wahroonga 2076 Australia Ph +61 2 9487 2700 Fax +61 2 9489 1265

Editor Jonathan Nally jonathan@technologydecisions.com.au

Copy Control Mitchie Mullins copy@wfmedia.com.au

Publishing Director/MD Geoff Hird ghird@wfmedia.com.au

Advertising Sales

Art Director/Production Manager Julie Wright jwright@wfmedia.com.au Art/Production Tanya Barac, Odette Boulton, Colleen Sam Circulation Manager Sue Lavery circulation@wfmedia.com.au

Print Post Approved PP 100009359 ISSN 2201 - 148X

If you have any queries regarding our privacy policy please email privacy@westwick-farrow.com.au

Sales Manager Liz Wilson Ph 0403 528 558 lwilson@wfmedia.com.au Asia Tim Thompson Ph 0421 623 985 tthompson@wfmedia.com.au

All material published in this magazine is published in good faith and every care is taken to accurately relay information provided to us. Readers are advised by the publishers to ensure that all necessary safety devices and precautions are installed and safe working procedures adopted before the use of any equipment found or purchased through the information we provide. Further, all performance criteria was provided by the representative company concerned and any dispute should be referred to them. Information indicating that products are made in Australia or New Zealand is supplied by the source company. Westwick-Farrow Pty Ltd does not quantify the amount of local content or the accuracy of the statement made by the source.

Printed and bound by SOS Print+Media Group

w w w . t e c h n o l o g y d e c i s i o n s . c o m . a u



Technology Decisions November 2016