Freeware has been a great boon in recent years. At its best it can provide free effective applications for any size of business. At its worst it can be an avenue to problems for your PC or network. One fundamental difference between freeware software and commercial software is the responsibility or assurance that the software is clean of malware. Freeware is without any commercial comeback,  a sort of ‘downloader beware’ scenario.

Rather like Christmas shopping on the web there is an element of excitement when hunting for freeware which if not checked can be dangerous – you find a download option for a freeware application and may think “Great, I want it now”. However, stop, don’t press that button! You might regret it.

So how do you avoid getting perhaps more than you bargained for when looking for freeware solutions?

The answer is rather mundane and boils down to doing your homework/research. Look for references or ‘noise’ on the web about the freeware application you are interested in. Google it and see what you get. If there is evidence of problems/loading issues/performance issues then perhaps it is best avoided. Find out what your friends or other businesses use instead.

As an example, which is well documented on the web, are peer-to-peer file sharing applications. The following both represent an alternative to iTunes. Bearshare is an example of an application, which has evidence of performance issues on a PC if downloaded. Winamp is an alternative, which has a good reputation and no evidence of problems once loaded. So based on the research of both an opinion can be formed.

References:

http://www.techsupportalert.com/best_shareware_sites.htm

Good example of freeware:

http://www.avast.com/free-antivirus-download

According to Jeff Hudson, Venafi CEO, the public and private sector remain vulnerable to attacks like these due to difficulties in properly deploying and managing security systems within the infrastructure, including encryption keys and certificates.

“Let’s be honest and see things as they are truly. This latest reported series of on-going breaches makes an irrefutable case. The bad guys are inside. Period, end of story. Anyone arguing with that is in denial. The malware and the intruders are operating inside organizations today undetected. The best firewalls and intrusion detection obviously aren’t enough. If people want to protect the data, which is what they bad guys are after, it has to be encrypted and the keys must be well managed.”

Hudson said: “It’s interesting that recent media reports point an accusing finger at state-sponsored terrorists and governments. Regardless of which country or agency has been launching these attacks, the bottom line is that the attacks have been successful where government secrets have been leaked.” As some of the attacks on US government and United Nation servers date back five years, it is clear that public sector agencies need to significantly rethink their security practices.

The Venafi CEO went on to explain the most logical method to prevent these kinds of leaks: first, encrypt all data flowing between the agencies’ IT resources, second, encrypt all data that is stored,  and third, enforce authentication, encryption key access control and audit logging for all local and remote access to this data.

While the public sector has largely embraced encryption to secure data from prying eyes, they have struggled to implement adequate access controls and audits for the keys that unlock that data—largely due to the vast number of staff members that need to access the agency’s data in order to complete their duties.

The biggest headache, says Hudson, stems from rotating and resetting encryption keys, authentication credentials and passwords, which many organisations—regularly ignore. In addition, private or asymmetric encryption keys—which protect data that flows between IT resources—are exposed to an array of risks due to lax distribution processes behind the firewall as well as poorly implemented and infrequent rotation of keystore passwords. These private keys to the kingdom are frequently protected with the same password across hundreds of administrative keystores. Administrators also often have direct access to the keystores, duplicate the keys in them for distribution, and reuse the keys on other systems and applications throughout the infrastructure. This represents a significant security risk, and likely violates regulatory mandates for data protection in most organizations.

The ongoing nature of the recently revealed attacks underscores the danger of such poor practices, which allows attackers to continue capitalizing on a single cracked or exposed key year after year.

To truly lock down their resources, Hudson emphasizes, public-sector agencies must deploy a key management system that can help them automate the process  in order to implement best practices. And any system that is deployed, he adds, needs to be bulletproof and capable of operating in environments with large staffs on a consistently reliable basis.

Since the security system needs to stop staff from becoming victims of their own actions, the Venafi CEO says that an automated key management system offers the best option. Such a system mandates the use of the highest levels of security, which human administrators often neglect due to the management headaches and inherent vulnerabilities when human/manual processes are involves. It also ensures quick and efficient key rotation—both on-going and when a potential exposure mandates an immediate response.

The need for such guidance is not overstated. Recently, major corporations, such as Lockheed Martin, L3, NHS, Epsilon, EMC and others, have also experienced unauthorized access that has been the subject of significant, mainstream press coverage. In addition, hackers are increasingly targeting private keys, not only as a means for stealing customer details or intellectual property, but also as valuable assets themselves. With the private keys that sign a company’s software, hackers can launch all sorts of new malware and attacks.

Without leveraging best practices and automated management processes, organizations will never gain complete control of their key and certificate inventories, resulting in significant security, compliance and operational risk—risk that will be realized in access breaches unless organizations, both in the private and public sector, take action.

“Automating the authentication process is a logical first step, because any system that allows remote access to government servers must be as secure as possible and ensure that foreign governments do not gain access to the agency’s data,” Hudson said.

“Once deployed, these key-management systems need to marry the highest level of security with the most efficient administration. But, provided that the required infrastructure is in place, it is perfectly possible to manage the mission-critical security assets like keys and certificates as well as the security needs of tens of thousands of staff members with relative ease,” he added.

For more on the government cyber-attack campaign: http://bbc.in/nI0NdC

Over the decades, Ethernet has evolved as new types of networking architectures have emerged. Today, data centre networks carry traffic for a diverse set of applications – each with different traffic patterns and service requirements. This diverse traffic places extraordinarily high demands on the network, which has driven the next evolutionary step in Ethernet networks – the Ethernet Fabric.

Despite mainstream press claims that classical Ethernet architecture was invented on 22 May, 1973, with Robert Metcalfe’s memo stating the possibilities of its potential, it was in fact in 1976, when Metcalfe and David Boggs published their title paper Ethernet – Distributed Packet Switching For Local Computer Networks, that Ethernet was born. During the 80s, Ethernet’s popularity grew and its uptake mirrored the growth of the burgeoning global IT sector as a whole. Ethernet helped to significantly revolutionise the network storage and management structures of the IT world. With the arrival of the 90s and the advances of the Internet came new challenges; challenges in IT storage and bandwidth arose with the ever increasing development and consumption of information at both public and corporate levels.

These issues remained well into the 21st Century, and with the rapid expansion of the IT industry into new areas, such as virtual machines and Cloud Computing, traditional Ethernet’s limitations (such as its lossy nature) proved problematic.  In time, like the evolution of the Walkman to the iPod and VCR to Blu-Ray, the Ethernet has, after more than three decades, evolved into Ethernet Fabric. Representing the next step in the evolution of Ethernet solutions, Ethernet Fabrics are purpose built for the new virtualised, cloud-optimised data centres.

This paper explores what Ethernet Fabrics are and how they can drive cloud optimised networks and support 21st Century business: how evolution in the network is taking place today.

For many years, data centre networks have relied on Ethernet. Over the decades, Ethernet has evolved to match the new types of architecture that have emerged. Today, data centre networks carry traffic for a diverse set of applications including client/server, Web services, unified communications, virtual machines, and storage; each with their different traffic patterns and network service requirements. For instance, when Ethernet carries block storage traffic, it places stringent demands on the network including lossless packet delivery, deterministic latency and high bandwidth, creating the demand for an Ethernet that could handle all kinds of network requirements.

In a 2010 Gartner survey of more than 1500 internationally based CIOs, participants were asked to identify their top business priorities today and looking forward as far as 2015. The responses indicated today’s focus is on improving business processes and cost savings, whereas looking forward, the emphasis was on improving productivity, driving innovation, gaining competitive advantage, and acquiring new customers. These business priorities drive data centres to deploy new applications quickly and efficiently, provide fast and reliable ‘around-the-clock’ access to information, meet and exceed stringent service levels with zero downtime; all the while driving down costs by maximising investments. In short, IT must move at the speed of business to capitalise on new opportunities and respond to global competition.

High density, multi-core servers, as well as network, server, and storage virtualisation are the technology enablers that address these business needs. Data centres can leverage this set of technologies to pool IT resources and implement cloud architectures that reduce capital and operational expenditures, and at the same time create an infrastructure that rapidly scales and responds to business needs. When data centres leverage these technologies, new networking challenges arise. This effectively means that the network must evolve. It must move from management of physical ports to flows (virtual server to virtual server, or virtual server to virtual storage communication). It must be become simpler to operate, more flexible, more resilient, and much more scalable. These requirements are best met with scalable fabric architectures, while classic Ethernet networks have traditionally required complex architectures and protocols adding higher levels of complexity to operational costs.

Traditional Ethernet networks are hierarchical with three or more tiers. Traffic has to move up and down a logical tree to flow between server racks, adding latency and creating congestion on Inter-Switch Links (ISL). Spanning Tree Protocol (STP) prevents loops by allowing only one active path, or ISL between any two switches. This means that ISL bandwidth is limited to a single connection, since multiple paths between switches are prohibited. Link Aggregation Groups (LAG) were designed so that multiple links between switches were treated as a single connection without forming loops. This means LAG must be manually configured on each port in the LAG and this leads to a lack of flexibility.

Ethernet Fabric prevents loops without using STP. Flatter networks include self-aggregating ISL connections between switches, eliminating manual configuration of LAG ports, while at the same time providing non-disruptive, scalable bandwidth within the fabric. As a result, Ethernet Fabric supports any network topology (tree, ring, mesh, or core/edge), and helps avoid bottlenecks on ISLs as traffic volume grows, since all ISLs are active.

Traditional Ethernet switches require the configuration of each switch port. This includes setting network policies such as QoS, security, VLAN traffic, etc. When only physical servers were connected to the network, this model was sufficient.

Ethernet Fabric maintains distributed intelligence, which allows common configuration parameters to be shared by all switch ports in the fabric. In the case of virtual machine migration, the network policies for that virtual machine are known at every switch port so migration does not require any changes to network configuration.

Ethernet Fabric, switches are smart – they share configuration information, and also know about each other.  When a device connects to an edge port of the fabric, all switches know about that device. As the device sends traffic to other devices, the fabric can identify the shortest loop free path through the fabric and forward frames at the lowest possible latency. New traffic types such as virtual machine migration and storage traffic are latency sensitive, so this ensures this traffic gets to its destination with minimal latency.

Classic Ethernet allows only one path between switches. Improvements such as link aggregation groups (LAG), allow several physical links to act as a single link. This is manually configured on every port in the LAG and is often inefficient limiting bandwidth. If a new switch is added for more connectivity, it becomes increasingly more complex to manually configure multiple LAG connections.

Ethernet Fabric overcomes this. When a new switch connects to the fabric, no manual configuration is required for the ISL. The switch joins the fabric and learns about all the other switches in the fabric and the devices connected to the fabric. No manual configuration of policies or special LAG configuration is necessary.

If multiple inter-switch links are connected between two switches, a logical trunk automatically forms. Traffic is load balanced in hardware so that utilisation is near line rate on every link, keeping it highly efficient. Should a link in a trunk go off line, traffic on the remaining links is not affected and incoming frames are automatically distributed on the remaining links without disruption to the devices sending them.

Classic Ethernet uses STP to define a loop free path, forming a logical hierarchical switch tree. Even when multiple links are connected for scalability and availability, only one link or LAG can be active. This decreases utilisation. When a new link is added or removed, the entire network halts all traffic for seconds and even minutes while it configures a new loop free route – this can prove highly disruptive for storage traffic, virtual machine migration, and In the case of storage traffic, traffic disruption could cause a server crash.

Ethernet Fabric does not use STP to remove loops. They use link state routing with equal cost multipath routes, which always take the shortest path through the network. When a link is added or removed in the fabric, traffic on other links continues to flow without disruption. Link resilience is assured and full utilisation of all links between switches is automatic when the topology is changed, without the need for any manual configuration.

Classic Ethernet switches require management. Each switch has to be configured and each port has to be configured for protocols (STP, RSTP, MSTP, LAG, etc.). As more server racks are added, more switches are added at the top of rack, middle of row or end of row. Each requires configuration and none can share common configuration parameters.

Ethernet Fabric shares configuration information among all switches in the fabric; when a new switch joins the fabric, it automatically receives common information about devices, network policies, security, and QoS. This ultimately simplifies network configuration, reduces mistakes, and reduces operating cost, which as we mentioned at the start of the piece, is the main priority for CIOs all over the world.

As virtualisation and the Cloud become more and more popular in the market place, the need for simplicity in the data centre becomes ever more necessary. This is the next evolution for the CIO and in the near future Ethernet Fabric will provide a great many benefits to companies and CIOs worldwide.

The litany of espionage attacks affecting established commercial organisations over the past year has raised the profile of espionage to new heights. Many people assume the threat of espionage has disappeared. They associate it with the Cold War. They think of novels by John Le Carre and Len Deighton. Of course, the threat has not disappeared. The Director General of MI5 said in a speech a couple of years ago that there were more foreign intelligence officers operating in London now than at any time since the end of the Cold war. With the emergence of global markets and global competition, espionage has evolved and taken on a new meaning.

Businesses are now the target of espionage, carried out by businesses or states or state sponsored businesses. Even so, businesses will assume that espionage is a threat that does not fit on their risk register. They believe that espionage is about stealing state secrets, information about foreign policy or defence or military research, however it is not just about this. For the private sector, the threat of espionage is about protecting intellectual property, business proposals, evidence to support legal activities or other confidential information from competitors.

Espionage might involve covert techniques and sophisticated types of technical and non-technical attacks. The abundance and availability of business and commercial information online or through commercial press sources means that espionage attackers can identify particular networks, computers or individuals on which to target their attacks, often through aggregating lots of disparate bits of information.

There are other challenges too. Some businesses have become so complex that countering the threat of espionage is a challenge in itself or the gulf between decision makers and those responsible for looking after the information that their business depends on is too wide. These organisations seem to live in the hope that their business critical information is adequately protected even from sophisticated attackers.

Businesses can be forgiven for thinking they have enough risks to manage without adding another one to the list: flooding, flu, crime, hacking, employees who do not comply with the rules and accidental data loss. It might be right for a business to accept the risk of espionage but it cannot make that decision wisely unless it is aware of the potential threat it faces. As the number of organisations that have been financially impacted by espionage grows, the need to address this becomes ever more acute. Until recently, there has been very little in the way of professional services to help organisations looking to address espionage proactively with the majority of risk mitigating activities being reactive and always newsworthy.

Counter-espionage is about identifying the vulnerabilities that might be exploited by a competitor and putting in place the controls to mitigate those risks.

This is where Platform as a Service (PaaS) comes into its own. This year, 2011 has, in fact, been identified by Gartner as the year of PaaS, offering increased flexibility for short term projects, and the ability to provision and scale up quickly for resource intensive projects. However, despite its predicted uptake there is still considerable discussion around the definition of PaaS. This may be, in part, because the PaaS market is still relatively immature and is still evolving, a fact that was highlighted in a recent report from Forrester. Also, the analyst John R Rymer noted in his blog: “the PaaS market is a sprawling, fast changing, and immature market.”*

So what is PaaS and what does it provide for developers looking to capitalise on the cloud boom? In essence, PaaS is a loose term that occupies a huge space, between Infrastructure as a Service (IaaS) and Software as a Service (SaaS), although even within this definition, different vendors have different propositions. In broad terms, it is the ‘application infrastructure’, that is, the technology stack and computing platform, delivered as a hosted service. Elements such as the application servers, the customer portal, and the business process management (BPM) technology databases and file systems would all comprise this application infrastructure. It is everything that is required in the cloud application design process, development and lifecycle management.

For developers, it means that applications can be deployed without the cost of buying the hardware and software, freeing development teams from the headaches of managing this aspect of the business themselves. The advantages for developers are clear, particularly for those projects that need to be started quickly without the need to purchase, manage or configure the hardware and software in-house. It also means that wherever you are based you can make use of the computing services of the PaaS provider. Drilling down further, we have the application Platform as a Service (aPaaS), the Gartner defined term which refers to the development and deployment environment for cloud based applications, or as Yefim Natis of Gartner calls it the ‘extended application server’.

Eventually it is quite probable that everything we now term PaaS will, in practice, move towards aPaaS; however, setting semantics aside, it is all about enabling development to be the main focus of activity. What’s more, this new era of cloud development by its nature demands an approach that offers more flexibility and provides a development and deployment environment in which teams can re-use different types of their software, no matter in what language they have been written. This kind of application platform also means that, once written, applications can be taken to any new platform, be it cloud, or mobile, without having to re-write them.

In turn, this means that teams can focus on the development aspects that really matter for a project, delivering applications that bring business functionality and add value, reducing costs and time of development projects; rather than provisioning for and creating the environment on which they are built.

* The Forrester Wave™: Platform-As-A-Service For App Dev And Delivery Professionals, Q2 2011

Believe it or not, approximately half the country, that’s around 30 million people, has a presence on the leading social media site, Facebook. And while for some, the perception is that these sites are lightweight platforms, in truth they are excellent business tools. If used well, social media can also help businesses stay close to their customers. There is a famous anecdote about an American business traveller stranded by the cancellation of his flight. Frustrated that the airline’s service desk could not help him get home he tweeted about the experience. A rival airline picked up the message, offered a seat on its next flight, and won a new loyal customer.

With this in mind we, along with the leading research body YouGov, recently carried out some research into UK attitudes towards social media in a business environment. It used a relatively large sample size of 4,080 people, and the findings were most illuminating.

In the first place, the study revealed that a third of social media users are likely or very likely to post their opinions about a brand or company online. 31% said they would post positive comments, 32% said they would use Facebook for negative thoughts on a business. This means there could be 10 million people ready to tell their peers something about your company, something good or bad.

That is a critical message for businesses everywhere and organisations really need to take social media more seriously. After all, it’s a direct line to what your customers are thinking and because friends and followers pick up on what is said, you can see, instantly, how the market is responding. Is the compliment or complaint a trend or a one-off? Social media can tell you, very quickly and at low cost.

Going back to the very carefully validated sample in the YouGov study; 61% of respondents said that, if they were guaranteed a quick response, they would consider communicating with a brand or company using social media instead of other, more traditional methods.

However, despite this, the study also suggests that this desire is not yet being supported by businesses. Of the respondents who had complained to a company using social media, half had either never received a response or had to wait more than 48 hours for a reply. In social networking two days is an eternity. So, is your business set up to monitor and respond to social media? There is no reason why it should not be. The IT investment is small and, provided you have a flexible, unified communications platform, you should be able to respond on Facebook or Twitter with exactly the same degree of accuracy, authority and control as answering a call or an email.

One final fact from the YouGov study: in the key 25 to 34 year old demographic, 60% of social media users said they are influenced by online comments about a brand or company, both positive and negative comments. In other words, a large proportion of the customers deemed most valuable by the majority of brands will be swayed, one way or the other, by what their friends and peers are saying online.

In a sense this is not new. Since the dawn of the market era people have been having conversations with their friends, in the pub or on the phone, in which they say, “I bought an Acme Widgets gizmo and it’s broken down every time I try to use it”, to which someone responds, “I’ve never had a day’s trouble out of my trusty old Paragon Products tool”. The difference is that, until now, these conversations were ephemera. What social media does is make them tangible: they exist online, and smart companies can ‘listen in’ to these conversations, learn from them and react to them.

These are stark statistics: almost a third will comment on products, and almost two-thirds will take note of those comments. Companies and brands that are not monitoring the online chatter on social media sites are not only missing good market feedback, but they could also be overlooking potentially critical threats to brand values.

It is not just a matter of monitoring the sites. The company needs to have a strategy for intervention, too. Sorting out individual issues on Facebook or Twitter is rarely going to be practical, although remember that the study suggested two-thirds of respondents would consider it rather than phoning or emailing a contact centre, if they thought it would work. But it is certainly the place to spot trends, and to get really early intelligence on an issue before it becomes a crisis.

Of course, it’s not all plain sailing; you do have to be committed to it. While the technology may not require much in the way of investment, you may have to dedicate your best staff to it. The unpredictability of social media means that any comment you post could be read by one person or by millions, so the integrity of your corporate identity is captured in every tweet or status update.

It is a demanding role, certainly, but the benefits in customer satisfaction and brand loyalty can be considerable.

“Most businesses by now have a good understanding about the importance that their digital data plays in their organisation,” explains Aherne. “And in the past years there have been enough media scare stories of data breaches or system failure to put the issue of disaster recovery to the top of the IT managers’ agenda.

“While a business’s data should definitely be protected and backed-up properly, many IT departments are not currently taking full system disaster recovery as seriously as they should.  So in a scenario where a system failure occurs – potentially as a result of fire, theft or hacking – a company may well be able to restore its digital data, but it could take weeks to build the full IT infrastructure from scratch.

 “Historically, having in place a full system disaster recovery arrangement was both complicated and costly, and only the reserve of specialist financial intuitions or other organisations running mission-critical systems. However the rapid rise of virtualisation now means that this type of system protection can be deployed by organisations of all sizes and requirements.

 “Many IT managers are in the process of migrating, or planning their transition towards virtualising their datacenters in a bid to consolidate IT assets for greater efficiency and ease of management.  So in this process they should also consider how they can use virtualisation as a tool for data back-up, but also for disaster recovery of entire workloads – including operating systems, middleware and applications. By virtualising workloads, an IT manager can create a snapshot of their systems, allowing for restoration of everything very quickly.

“Virtualising a workload in this way can also provide a way to protect wholesale migrations to server virtualisation, as it is possible to move on to new systems in a phased approach, without risks of downtime.

 “Using open source systems will ensure that businesses don’t lock themselves into a vendor-specific virtual environment. Platforms that allow the transition from physical to virtual systems, and vice versa, will allow for maximum flexibility during the migration and in the future.”

http://www.novell.com/

Who could have predicted just how all pervasive social networks have become in both our private and professional lives? Time spent in social networks reportedly now accounts for one in every eleven minutes online. As a means of staying in touch with friends and family, sites like the original Friends Reunited and more recently MySpace, Facebook and Twitter have proven their usefulness, while in the professional sphere, for many, LinkedIn has become a crucial business networking tool. And this has all happened in such a relatively short time that we have only just really started to assess the impact these technologies are having on our lives and on the IT estate as a whole.

To give some idea of just how important social media are becoming, Gartner predicts that spending on social software to support sales, marketing and customer service processes alone will exceed a billion dollars worldwide by 2013

And they haven’t just triggered a revolution in our business and personal relationships either. Demonstrators in Egypt, Bahrain, Libya and Tunisia utilised the social networks, Twitter in particular, to rally support for their causes and as a convenient and, if necessary, anonymous means of instant communication to share ideas and ‘tweet’ the latest triumphs and setbacks. So successful were they that Egypt’s erstwhile president Hosni Mubarak felt it necessary to shut down the Internet in the country. This proved to be too little too late for his regime and the social networks claimed their first popular revolutionary victory.

The productivity drain

Lest we forget it wasn’t much more than a decade ago that email became universal. At that time – the mid ’90s – fears were rife that staff would spend all day sending and receiving personal emails, and while I’m sure that this did happen and still does to a certain extent, the impact of the introduction of widespread email usage on productivity was an overwhelmingly positive one.

The same fears have been voiced about social networks, but the clever money seems to be on an approach that stresses acceptance. It may come as a surprise to some, but a number of studies have suggested that using social networking web sites may actually increase staff productivity by up to nine percent compared to those that don’t. While it may seem counterintuitive, some researchers claim that social networking sites give workers short breaks away from work which are beneficial overall.

Most businesses maintain a cautious approach though, and who could blame them? They don’t pay their staff to sit around tweeting about the weather and what they had for lunch all day, clearly. But the more progressive organisations combine a permissive attitude with close monitoring of social network usage while some opt for an outright block. In these days of mobile computing, smartphones and tablets though, this in itself is no guarantee of a social network-free office.

A valuable marketing tool

Marketeers have long been awake to the potential of social networks to plug their products. And many voices in the industry are saying that businesses need to take social media seriously if they are to avoid being left behind in 2011. Bryan Adams, MD of Liverpool-based Ph Creative says companies which treat social media as a key plank of their online strategy are “winning serious amounts of new business every day”.

He predicts there will continue to be a significant shift away from traditional search engine marketing to social media with the likes of user reviews, peer to peer influence and proximity marketing increasingly important. His warning about missing the social networks bus came in response to a Ph-commissioned survey of businesses that revealed a staggering 92 percent are not using best practice techniques for their online activity and 83 percent of firms are ignoring key activities, such as Facebook, which could significantly increase revenue potential.

“Nowadays it is all about how current and trusted your brand is,” said Adams, “but because a lot of social media activity is still in its infancy, businesses which embrace it properly can make giant strides quickly. Unlike more traditional search marketing, a social media strategy is about an ongoing conversation. It isn’t something you can plan or turn on and turn off. Control is dead; in today’s business world it is all about influence. Those businesses which understand this are winning serious amounts of new business every day.

“I would go so far as to predict that the term social media will change in the next couple of years as the word ‘social’ can send out the wrong signals to business leaders.”

The evolving customer relationship

Addressing the rise of the social networks, Gartner predicts that the customer relations management (CRM) software market will enter a three year shake up this year, as a number of key trends take hold. Sales, marketing and customer service technologies, projects and implementations will all see rapid changes over the next few years it states.

“Over the next three years, social CRM will continue its exponential rise, software as a service (SaaS) will become routine, salesforce.com will reshuffle the market order, and consultants and system integrators will sell their own CRM software,” commented Ed Thompson, vice president and analyst at Gartner.

As mentioned above, Gartner predicts that by 2013, spending on social software to support sales, marketing and customer service processes will exceed $1 billion worldwide. This, compared with Gartner’s forecast of more than $12 billion for overall spending on CRM software in 2012, means that social CRM will encompass approximately eight percent of all CRM spending in 2012, up from approximate four percent in 2010. It adds that by 2015, one-third of spending on new CRM software will be Software-as-a-Service (SaaS). (Additional information is available in the Gartner report “Predicts 2011: CRM Enters a Three-Year Shake-Up “. The report is available on Gartner’s website at http://www.gartner.com/resId=1475017)

Social security

It seems that all new technologies bring with them fears about security these days and there are numerous examples of hapless tweeters or Facebook updaters inadvertently being indiscreet and ultimately paying the price when they are reminded that their boss is one of their ‘friends’. Maybe examples like this aren’t a huge problem for businesses, but they do serve as an example that there are plenty of opportunities for business sensitive information to be posted out into the big wide world without any controls.

A nightmare scenario could develop if a user has linked all their social networking accounts together – so they don’t have to post individual updates on each one – anything posted on any one of the services will immediately be forwarded to and posted on the others making it extremely difficult if not impossible to un-post the offending tweet or status update.

There are more pressing risks than social embarrassment though. As always the main threat is from hackers. Having an account hacked could cause the user problems, but the risk that a hacker will gain information through the social networking site that will allow them to attack the user’s organisation is perhaps greater. The social network could also be a potential route for malware to enter a company network.

Amichai Shulman, co-founder of data security specialist Imperva says the social network companies are alert to the risks: “We are starting to feel the winds of change,” he explained. “Recently, Facebook made changes to account security to reduce account hijacking incidents. Just a few weeks ago a new authorisation scheme was put in place that requires one to identify their friends in case of an alleged account take-over.”

The social networks themselves have to take on some responsibility themselves too according to Shulman: “As social networks attempt to increase their user base, penetrate the business environment, and roll out new services (such as Facebook’s new webmail) we should expect social platforms to invest more resources in improving the security posture of the platform. These measures will provide improved protection against application layer attacks, stronger authentication and account control features, and better malware detection systems.”

Education is the answer

While blocking all social network URLs might put an instant brake on social network activity across an organisation, it does seem more than a little like taking a sledgehammer to crack a nut, and no matter how draconian the approach it will not have any effect on the mobile devices increasingly used in this ever more online age.

Perhaps a better and more long-term remedy for most of the issues, challenges and problems posed by social networks is to educate staff about the risks and provide them with the tools and techniques to prevent security lapses and hacking. Effective data security training has to be the way forward.

Determine what you want to achieve and why

IT is about delivering improved business services, not just on ensuring the smooth-running of technology, so make sure you understand what you want to achieve as an organisation and why. Both public and private cloud options should be thoroughly reviewed alongside non-cloud alternatives with the benefits and drawbacks of each being given fair consideration. Moving to cloud computing just because it’s the latest buzz in IT isn’t a good enough reason and your project is likely to fail.

Understand your business drivers as well as the IT drivers

The pressure to achieve efficiency savings may encourage more IT teams to look at moving to a cloud computing model. However, it’s essential that any changes made to IT infrastructure are suited to the needs of the business first rather than being modified to fit the IT department’s preferred cloud platform.

Fail to prepare, prepare to fail

It might seem obvious, but make sure you plan thoroughly and decide how your chosen cloud solution is going to be integrated, managed and monitored. Although it’s possible to access ‘on demand’ cloud services in a matter of minutes with the aid of a credit card, you should not become complacent about the level of planning that is required to ensure that your project is a success.

Reducing complexity is as important as reducing cost

Compared with managing your IT systems exclusively in-house, cloud computing may not be a cheaper option due to the additional costs of accessing cloud services on-demand and having to retrain your staff. Introducing a new cloud supplier to your business could also create more management complexity into your IT infrastructure if you’re uncertain as to how this supplier will be managed and how you are going to link your various applications together.

Think about the risks

Though cloud computing brings undoubted business benefits, organisations also need to consider carefully the potential risks. Is your data going to be held safely and securely on the cloud and are you satisfied that your cloud supplier is reliable and experienced enough to provide your business with the necessary service-level provision you require?

Choose the right partner

It is essential to work with specialist cloud partners that can manage their services in line with your organisation’s requirements. Check that your partner can provide you with an end-to-end service combining service level management, service desk facilities, remote monitoring, advanced reporting capabilities and complete data transparency to help minimise the risk of integrating your systems into the cloud. You should pay particular attention to whether your cloud provider’s service desks run 24/7 so that they can react quickly to keep downtime to a minimum.

Ensure your service level agreement is appropriate for your business

In the event of a business-critical application going down, you need to be reassured that your cloud provider has the expertise and skills to get it up-and-running again as quickly as possible. Ensure that your provider offers service level agreements (SLA’s) that are appropriate for your business which cover almost any eventuality. The most effective cloud partners can offer multiple SLA’s for a single customer giving the business peace-of-mind at all times.

The increase in acceptance towards cloud computing will undoubtedly lead to a surge in uptake as organisations continue to wrestle with having to make deep spending cuts. However despite the many advantages to be gained by embracing cloud applications, they do not represent a magic wand for organisations to solve existing business issues. It’s important to consider the move to cloud computing very carefully and ensure that your organisation is practically and culturally ready to gain the most from what the cloud has to offer.

Gartner defines MDM as a technology-enabled discipline that ensures the uniformity, accuracy, stewardship and semantic consistency of an enterprise’s official, shared master data assets. Organisations use master data for consistency, simplification, uniformity of process, analysis and communication across the business.

“MDM is the latest attempt to solve the old problem of inconsistent versions of important data at the centre of an organisation,” said Andrew White, research vice president at Gartner. “As with any new initiative, there is a lot of hype and confusion, and with hype and confusion comes misunderstanding. Executive sponsors of MDM and MDM programme managers must avoid several common mistakes that have been known to derail MDM initiatives in the past.”

To clarify some of the confusing and conflicting points of view on MDM, Gartner has highlighted the prevalent myths surrounding MDM alongside an explanation of the realities.

Myth 1: MDM Is About Implementing a Technology

Reality: MDM is much less about technology and much more about understanding how business processes are supposed to work.

Myth 2: MDM Is a Project

Reality: MDM is implemented as a programme that forever changes the way the business creates and manages its master data. However, to adopt MDM will require numerous discrete projects.

Myth 3: We Don’t Need MDM; We Have an Enterprise Data Warehouse (EDW)

Reality: MDM should/will span the organisation across all business units and processes (including data stores, operational and analytical).

Myth 4: Implementing ERP Means You Don’t Need MDM

Reality: Enterprise resource planning (ERP) generally means a packaged business application strategy, most often centered on a single, large vendor. ERP implied, but rarely realised for the user organisation, a single process and data model across the organisation.

Myth 5: MDM Is for Large, Complex Enterprises Only

Reality: The principle of MDM is applied whenever two or more business processes must view or share (master) data. This means that most organisations have a need for the discipline of MDM even if they don’t call it that, or if they implement a separate technology called MDM.

Myth 6: Metadata Is ‘the’ Key to MDM

Reality: Metadata is critical to MDM (and many efforts outside MDM), but how metadata is applied in the context of MDM differs by domain, industry, use case and implementation style.

Myth 7: MDM Is an IT Effort

Reality: MDM must be driven by the business, a business case, and supported/enabled by IT.

Myth 8: MDM Is Just Too Big to Do

Reality: MDM can be and is most presently being adopted one domain or province at a time, and one use case at a time.

Myth 9: MDM Is Separate to Data Governance and Data Quality

Reality: MDM includes governance (of master data) and data quality (of master data) — MDM cannot be established without them.

Myth 10: It Doesn’t Matter Which MDM Technology Vendor You Use — They All ‘Do’ MDM

Reality: MDM is complex; rarely do two organisations’ MDM programmes look alike. Vendor MDM capability has also focused on specialisation across data domain, industry, use case, organisation and implementation style. Consequently, vendor selection is critical if organisations are to find the right partner.

Additional information is available in the Gartner report “The 10 Myths and Realities of Master Data Management “. The report is available on Gartner’s website at:

http://www.gartner.com/resId=1448120