Thursday 7 March 2013

The Emperor's New Clothes


CIOs are increasingly under pressure for doing more with less as we see the economy slowing down. This would mean typically cutting down the IT costs from every corner without reducing the services. If we do it smartly, possibly we have the opportunity. Relatively untouched is the network piece in our infrastructure services which is not often talked about. But in my view, this also provides a window of opportunity not just in terms of costs but agility as well.

Small and medium businesses and even some large ones as well can think of having Wi-Fi network as the means of providing connectivity to users. According to experts, the cost for deploying and managing a wireless network can be anywhere from 15-40 percent lower per employee versus wired alternatives for some companies which has a potential of going up to 70 percent depending on the selection of providers and solutions.

There are a variety of reasons why Wi-Fi is not so popular among businesses. One of the reasons is the concern of security of Wi-Fi devices and that its management and control is not up to the mark. The other reasons are related to network speed. Wireless has been primary designed for individual consumption and not geared up to serve the large business community.

Usually the Wi-Fi network is vulnerable to attacks likes eavesdropping, MITM (Man in the Middle), peer-to-peer and exploiting the unintended client connection. These are not very uncommon and usually you will find it happening on public places where your data may get exploited by scrupulous hackers waiting for the opportunity.

Usually, the following considerations are used for making wireless secure:-

a) Password Protected Wifi: Though there are people who think this makes it secure, there are tools such as "wireshark" which has the capability of rendering the Wi-Fi security useless.

b) Captive Portals: Captive portals do secure Wi-Fi networks for service providers but does not secure the Wi-Fi user from attacks. The false sense of security is in user's mind.

c) VPN: Though considered as safest, the grief it causes far outweighs at times the benefit it delivers. Also, it is vulnerable to be exploited as applications installed in the personal computers to enter into the corporate network. A motivated hacker can disrupt VPN in Wi-Fi network and cause a lot of pain and force the user to browse without it.

d) SSL encryption: There are techniques such as SSLTRIP which can strip off SSL security. Most end users will find it difficult to notice it.

These covers are like the emperor who parades before his subjects in his new clothes, a child cries out, "But he isn't wearing anything at all!". Many of us have read this short tale of "The Emperor's New Clothes" by Hans Christian Andersen in our childhood.

Arguably, we have to think out of the box for these solutions. The emperor would need new clothes and there are solutions in the market which make it happen. What we need is intelligent planning to build user experience through innovation. There are quite a few organizations that have come out with secured Wi-Fi network which combines software and hardware protection to protect Wi-Fi networks and provide speed. This makes a huge difference to those who would like to do more with less. With these products, we see the boom in adoption of wireless network over wired network.

To me, cloud controlled wireless access for Small and Medium Enterprises (SMEs) will be big boom and the buzz word in the market in the year 2013 and may create a mega-trend in infrastructure cost savings. In addition, the wireless networks provide you agility by reducing the cycle time of implementation alongside the cost savings and fits into the popular agenda of cost and agility. In my endeavor to create a better ICT world, I would like to engage with anyone who will be interested in this direction.

Note: This blog was first published in www.dynamiccio.com and reposted now here.

Thursday 28 February 2013

An evening on cloud


On 22nd February 2013, I had an opportunity to be a part of an event on Cloud Computing in Pune, India. The event was unique due to the presence of different thought leaders which includes cloud consultants, CIOs, academicians, service providers, IT leaders capable of providing 360 degree view on various aspects cloud. This was pure thought provoking discussion which lasted for nearly two hours.

Discussion started with the debate over the barriers. As per Prof Sunil, Director, SITM “resistance to change” is the primary barrier, which is coupled with “awareness” and lack of “education”. Mr Sharat Airani, Chief IT of Forbes Marshal felt that sometimes “Cloud Scares”. Cloud is widely discussed and debated but lack of knowledge of what complexity it will introduce allows fear to take over. This is also followed by concerns for security as the mindset is not towards taking risk. Security concerns create an unknown discomfort. One more barrier which members felt is inability to articulate the true benefits of cloud to the end customer. As per Mr Sridhar S, AVP-IT, Vodafone India, “what is there for me” should be clearly articulated to end customers to get buy-in.

Discussion progressed further on challenges of implementation. As per the learned participants the solution has to talk the language of business and walk with them. The thought processes in cloud is mostly driven by supplier side but in general everyone felt the need for driving the discussion from demand side. As per Mr Sridhar the approach of implementation should be phased rather big bang and should follow change management approach. Mr Sridhar said “Another way is to have smaller applications or peripheral processes on the cloud first, to open people up to the idea of cloud.”

The group debated on competency and understood that there is a larger need to educate industry and students on cloud. As per Prof Patil, the curriculum needs to be revisited for cloud and there is a need for tighter integration of students, academicians and industry to generate awareness. An idea of “Cloud Management Forum” from Prof Patil with industry and academic participation was also floated. George Thomas, GM - Delivery, Bilcare Research, observed that every time technology changes, there is a change in the requirement of workforce and skills etc. needed and as the young generation learns faster on an average, there is a general trend where the next generation replaces the earlier.

On financial considerations the group felt that cloud is an excellent opportunity for converting capex into opex and different financial models for exploiting cloud can be leveraged by customers depending on the usage. Cost is not the only consideration we should adopt to cloud but as a major contributor which makes the business lucrative. As per Mr Dilip Ittyera, CEO, Aikon Labs, “It actually gets much tougher to implement cloud in an enterprise. Showing the company clear-cut ways to “save the dollar” is the way to make the cloud sell better.”  As per Mr George, “Although costs of a business have grown over the years, companies are now expecting a larger return on their investment, in comparison.” Further to this, Mr Sridhar said “Cloud has to show how my end customers will benefit. That will drive CIOs to map business objectives with IT initiatives”.

On cloud’s impact on outsourcing, the group had interesting views. A key aspect that was expressed was control but this challenge has been there at the time of outsourcing. Industry is going through the same cycle of discussion on control over IT environment and data. Along with various issues like cultural differences communication, synchronization issues, the added fact of reduced control as perceived by the company might act as a deterrent. As per Mr Sharat, “As far as mistrust regarding the fact that the owner cannot see where his data is stored, outsourcing is being undertaken widely and the data is sent to and fro multiple times and stored at various locations. So the issue of security of  the data should not be that crucial”. As per Mr Sharat, if sensitive payroll data can reside in third party premise then the concern over data security and reluctance over cloud needs to be revisited. Mr Sridhar further added “With organizations outsourcing even their core processes, companies are not as worried about tangibility of their data storage.”

The overall theme centered on the awareness and unknown fear of security which came up several time during the discussion, which cloud providers need to overcome. The need for collaboration with Government was felt at a later date to ease out cloud adoption to make it successful in the year 2013. A key aspect that was expressed was control over the data. The group felt that eventually cloud adoption will happen and as per Mr George, that new technologies take their time to be accepted and although cloud brought about a sense of insecurity within the internal IT teams of companies, the adoption of cloud would eventually happen. The discussion ended with positive note on cloud from various speakers along with caution to various challenges. Mr Dilip expressed his confidence on cloud as he successfully launched his product on the cloud and his experience has been so far good in terms of smooth and convenient management.



The key takeaway was that to create more awareness and work on standardization of cloud to make it successful through deeper industry engagement. In the next few months, CIOSpecialist and Blazeclan Technologies will take endeavors for cloud adoption which includes more thought provoking session and finding opportunities for adoption and formation of forums to work with the industry for better management of cloud using the available ecosystem. The event was supported by Blazeclan Technologies and managed through CIOSpecialist ecosystem and platform.

Friday 25 January 2013

A Face Off Over Cloud Computing


Recently, I met with a consultant friend over a cup of coffee. During the conversation, he asked me a straight question:  "What are the barriers in adoption of cloud? " With all his consulting experience in the area of cloud computing, I knew this was a googly. This topic has been debated in-depth on several forums, round tables, cocktail dinners, and technology media; hence not a new question to have been asked by this gentleman. I, in turn, posed a counter question: "What answers do you get from others?" After a long-drawn silence, he said: "I seldom get the true picture".

This vindicated my apprehension that this was not an easy question which I could get away with by talking about security, standards, SLAs and vendor lock-in etc. To initiate a healthy debate, I am going to put forward my thoughts and observations which may go against the popular sentiments. Hence, my unconditional apologies if the truth appears to be harsh or if I make mistakes in expressing myself. 

In my view, the true reasons behind cloud adoption are different from what we think. Unfortunately, many constraints mentioned by consumers of cloud are packed with answers and solutions. Still, we share the same views over and over again and it becomes a perceived truth.  In my view, some of the reasons which prevent cloud adoption are:-

a) Lack of Understanding: Though there are many people who claim that they understand cloud very well, in fact many of them are not in sync with ground realities; and I am no exception. The more I went deep into it, the more myths got busted. In the absence of knowledge, myths and hypes rule the roost; and many of these are created by technology vendors to suit their convenience. Most people believe that security is an issue. I ask small and medium business (SMB) consumers that can they protect their data better than what large cloud providers can do?

b) Organizational Politics: It will raise many an eyebrow as to why organizational politics comes in the way of cloud initiatives. I suggest everyone to read the book Animal Farm by George Orwell, wherein an initiative to build a wind mill in the farm was at the epicentre of politics among animals. Those who opposed were actually in favour of it and those who took the initiative were branded as opponents. You can always find a correlation with a real-world situation and may actually be able to relate to some of the characters. 

Sometimes you have a marketing team who would like the initiative to be under its hat or you have another department who thinks that it should be the rightful owner. Thanks to commoditization of technology that it is more of a business challenge rather than technology and it is time to rethink jurisdictions and redefine the line of control. Very often, internal IT infrastructure chiefs may oppose cloud because they feel they are losing control or the power to spend.

c) Capex Vs Opex: This topic is less debated but it also needs to be looked at carefully. It is perceived that most cloud spending is in opex and hence no scope of capitalisation of cloud. For specific shareholding interests, the cloud will be discouraged for financial reasons unless the CIO is able to convince how cloud can be capitalised. 

d) Understanding of Value: Most cloud providers have tried to convince their customers that the real value lies in cost savings. Cost is much more tangible, lucrative and easy to sell. A perception has been built around the expectation of savings. In reality, however, when you look at the total cost of operations, which includes implementation, license, support etc, it may not always be a delight. The opportunity which exists, for sure, is cycle time reduction in provisioning the servers which is the biggest benefit of cloud. In my humble opinion, the true value should be shown in terms of cycle time, followed by cost reduction so that it does not create any hype.

e) Conflict of Interests: There are many cloud providers who happen to be hardware manufactures as well. Cloud has a possibility of cannibalizing one business unit because of another. This is a dichotomy, and conflict of interest is bound to arise. How the organisations deal with these conflicts is something interesting. But in private, there are many who believe that this has an implication on how cloud is perceived or the speed at which it may be adopted. In my view, constructive destruction is necessary at times for survival and the growth of cloud may lead to increase in demand for hardware.

f) Lack of Connect: I feel that there is a lack of connect between various parties and a true understanding can come if we debate the issues more often. On a lighter note, cocktails and dinners over cloud definitely serve our tummy and sometimes our brain too. It is now time to have a more serious dialogue on what industry wants to do on cloud. If public cloud is comparatively more secure, provides better SLAs, and there are ways to capitalise, cut down cycle time and save costs, we have the answers to a lot of questions. We should not wait any longer.

My aim is to ignite a healthy debate to uncover the mysteries that are a result of thoughts which may not be relevant today. If there are genuine concerns, we have to find answers. We have to work on standards and ensure that we adopt cloud faster, if it is worth the time and effort.  

My humble request to IT chiefs is to participate in this debate and take cloud to the next level in 2013; so that the next time we have coffee together, we talk about "cloud broker architecture" and not "cloud adoption".

Note: This blog was originally posted in www.dynamiccio.com and now being reposted here. The author is same in both the places.