June Cover 


Cabling

CommScope

Corning Cable Systems

HellermannTyton

HyperlineSystems

OFS

Panduit

Upsite Technologies

Cable Management

ADC

Chatsworth Products

Power Management

Eaton/Powerware Pulizzi

Testing/Monitoring

Fiber Instrument Sales

GL Communications

Switches

TC Communications

Transition Networks

Wireless Monitoring

Oberon

Environment Monitoring

Network Technologies

Sensaphone

VoIP

Microsoft

Features

February 2008

Trends

Seven trends to shape CIO's role

CNThere will be two types of chief information officers (CIO) in 2008, according to Forrester Research. The first are change-agent CIOs, who are "continually increasing credibility and influence with CEO and line-of-business executives as a source of high-value perspective on the business, and have the skills to shepherd change," Forrester researcher Alex Cullen says. The second are general manager CIOs, who Forrester describes as concentrating their efforts on boosting the efficiency and operational excellence of IT.

"Business is more dependent on technology than ever before, and more conscious of this dependency," Cullen explains. "Surprisingly, business executives may be anxious to accelerate results through the use of technology, but IT execs continue to focus on operational reliability and project delivery. This dichotomy of expectations and priorities, the proverbial fork in the road, is forcing CIOs to decide on their target role in 2008: Either they become the change agent and innovator for the business, or they become general manager for their firms' IT."

The change-agent CIO, Cullen says, "has built an IT organization with senior staff who know their mission, continuously improve their operations, and have developed the skills to anticipate and prepare for business needs." In 2008, these CIOs will:

Strengthen joint IT-business planning through use of model-based planning. Model-based planning tools like business-capability maps promote common business and IT understanding that focuses IT investments for the greatest strategic payback.

Restructure organizations to foster alignment. Change-agent CIOs will structure their organizations to get as close to the business as possible by dispersing staff into business areas to gain business knowledge and act as technology advisors.

Foster strategic planning and architecture as key competencies. Change-agent CIOs, realizing that shaping business perception requires an up-to-date strategy, will ensure that strategic plan development, update and review are ongoing and tuned processes. Strategic plans will eschew lists of projects in favor of roadmaps to the target state.

Strengthen their roles on the executive team and with the board of directors. Change-agent CIOs will identify business model-based opportunities for customer intimacy, operational excellence and innovation. A role advising the board of directors is a logical outcome.

According to Forrester, a general manager CIO creates an organization focused on supplying what customers request and are able to fund. This CIO role is not new, and arguably has been the default role since the dot-com meltdown. In 2008, these CIOs will:

Structure their organizations to drive standardization. These CIOs will continue to centralize their organizations, and organize skills and processes around centers of excellence in order to drive standardization and achieve higher quality and lower costs.

Improve transparency, measurement and monitoring to uncover efficiencies. General manager CIOs will create performance feedback loops from application, project and infrastructure efforts, thereby increasing the effectiveness of operational planning and execution.

Assume management of other corporate "shared" services. General manager CIOs will assume management of non-IT functions and adopt other shared-service organizations that might include anything from facilities management to customer service. The new responsibilities will expand CIOs' career options.

iPhone not meant for enterprises

CNSince its introduction, Apple's iPhone has drawn much interest from business executives. IT operations professionals, however, have remained skeptical about providing support for the devices. According to Benjamin Gray at Forrester Research, there are a number of reasons why IT should not support the iPhone.

The iPhone "does not natively support push business e-mail or over-the-air calendar sync," Gray cites as a primary concern. "The iPhone can sync with Microsoft's Exchange and IBM's Lotus Notes over IMAP and SMTP ports, but an organization's server and security admins have to configure their infrastructure to do so or purchase a mobile gateway from Synchronica or Azaleos. Even then, the iPhone can only check for new e-mail every 15 minutes."

A second concern is that the iPhone does not accommodate third-party applications, including those internally developed. "This is a showstopper for companies with enterprise mobility initiatives that require line-of-business applications like mobile sales force automation or an industry-specific application like mobile claims," Gray asserts.

Security is another problem, especially since encryption of data is not supported. "There is no way for a company to natively secure the data on an iPhone with file or disk encryption, which is a critical consideration now that 73 percent of client security decision makers are interested in disk or desktop encryption," Gray reports.

In addition, the single-most important feature of a mobile device-management solution, according to Forrester, is the ability to remotely lock or wipe a lost or stolen device. As Gray says, however, "The iPhone does not come with any management software, so there is no way for IT to lock a device if or when users call the help desk and explain that they left their non-password-protected iPhone behind in a taxi."

Despite these negatives, Forrester still predicts that the iPhone will find its way into many enterprise environments because C-level executives are buying them and expecting support from IT. Eventually, Forrester predicts, the iPhone will filter down the corporate pyramid, and IT should have a strategy to handle these requests.

Emergency communications outdated

A national survey of U.S. residents, conducted by CDW-Government, suggests that emergency notification capabilities are not evolving with advances in technology and changing information-consumption habits. While wireless subscribers in America are at an all-time high, and one billion text messages are sent by U.S. residents daily, local governments still relay information largely via television and radio, which require access to electricity that may not be available during emergencies.

"In a crisis situation, the ability to receive information right away, when traditional power sources may be unavailable, is critical," says Jim Grass, CDW-G senior director of state and local sales. "Television, radio and text messaging all have a role to play in disseminating emergency information, but only text messaging 'pushes' information to citizens wherever they are."

Americans are most interested in obtaining information about weather threats, terrorist threats or incidents, major roadway closures and health threats via emergency alerts, the CDW-G survey found. Respondents, however, gave their cities, schools and offices mixed reviews on their ability to deliver essential information in an emergency. The hurricane-prone Miami-Fort Lauderdale metropolitan area ranked the highest for its ability to alert citizens, earning a "fair" rating overall.

The survey, which included 1,448 residents in the 20 largest U.S. metropolitan areas, also identified a critical gap between respondents' desire for information and awareness of their communities' emergency-notification programs. Just 10 percent of respondents said their city has a modern emergency notification system, while two-thirds said they were unsure if their city has such a system. Fully one-third said they have no knowledge of or experience with their city emergency notification program.

"Local governments and businesses across the country face modern-day threats, yet many are hampered by emergency communications technology dating to the 1970s," Grass says. "In today's environment, local governments, businesses and schools have a clear mandate to deploy systems that quickly convey relevant information to citizens during an emergency."

Security role is evolving

CNA growing number of organizations recognize information security can provide more than just protection of corporate assets, with the delivery of IT and operational efficiencies and improving overall business performance emerging as critical objectives. That is the word from Ernst & Young's 10th annual global information security survey. The survey canvassed nearly 1,300 senior executives in more than 50 countries.

"Over the past 10 years, we have seen a positive evolution in the role of information security," says Paul van Kessel, global leader of Ernst & Young's technology and security risk services.

Among the survey's key findings:

Information security is better aligned with organizational risk initiatives. Four out of five (82 percent) respondents reporting at least some levels of integration. The number of organizations that have fully integrated information security with risk management has nearly doubled since last year (from 15 percent to 29 percent).

Information security is now credited with improving IT and operational efficiency. More than two-thirds (69 percent) of respondents feel that information security improves IT and operational efficiencies.

Compliance continues to be the primary driver of information security improvements and a top-ranked influencer in risk-management integration.For the third year in succession, respondents (64 percent in 2007) ranked compliance as the principal information security driver.

Privacy and data protection increased significantly as drivers of information security. Fifty-eight percent of this year's respondents placed privacy and data protection in the top three drivers, up from 41 percent in 2006.

The greatest challenge is the availability of experienced and trained resources. More than half of the respondents indicated that the lack of experienced and skilled resources is the number one challenge to delivering information security projects. Correspondingly, more than 60 percent of respondents say they are outsourcing certain elements of information security.

Top five VoIP threats identified

Based on industry trends that include major IP telephony vendors offering SIP solutions, enterprises deploying VoIP and unified communications (UC) beyond the traditionally secure perimeter, and service providers aggressively embracing fixed mobile convergence (FMC), Sipera System's Sipera VIPER Lab has identified the top five VoIP threats for 2008:

  1. Denial-of-service (DoS) and distributed DoS attacks on VoIP networks will become an increasingly important issue.
  2. HTTP or other third-party data services running on VoIP end-points will be exploited for eavesdropping and other attacks.
  3. The hacking community, experienced with exploiting the vulnerabilities in other Microsoft offerings, will turn its attention and tools toward Microsoft OCS.
  4. Hackers will set up more IP PBXs for vishing/phishing exploits. Vishing bank accounts will accelerate, due to ease of exploit and the appeal of easy money.
  5. VoIP attacks against service providers will escalate, using readily available, anonymous $20 SIM cards. Service providers are, for the first time, allowing subscribers to have direct access to mobile core networks over IP, making the spoofing of identities and use of illegal accounts to launch attacks easier.

Krishna Kurapati, Sipera founder/CTO and head of Sipera VIPER Lab, says, "To fully realize the potential of unified communications, organizations need to implement up-to-date security best practices, and proactive UC security and system monitoring."

Short Takes

Secure access

The Technicolor Network Services division of Thomson has deployed LANShield switches from ConSentry Networks to protect the critical network assets of the firm. The switches provide access control and insight into all user activity on the network for this digital video technology company. "We needed to protect both the access to our LAN and the resources on the LAN," says John White, IT manager for the United Kingdom and Asia at Technicolor Network Services. "ConSentry let us easily limit access to only authorized users and provide accurate information on their activities. These features proved to be the key features in our decision."

Wireless campus

Cornell University has started deploying Aruba Network's adaptive wireless LANs across its Ithaca, N.Y., campus. Once fully deployed, the campus, which encompasses more than 20,000 students, 14,000 faculty and staff, and some 260 buildings spread across 745 acres, will include 4,500 wireless indoor and outdoor access points. The first phase of Cornell's deployment involves replacing almost 900 legacy wireless devices with Aruba's wireless access points, including the new 802.11n devices, all managed by Aruba's 80-Gbps MMC-6000 Multi-Service Mobility Controller. The network will be expanded thereafter to cover the entire campus.

10-gig switching

The Tornillo Independent School District, nestled just outside El Paso, Texas, recently decided on a 10-gigabit switching infrastructure with fiber uplinks to boost network performance and improve connectivity for its entire regional infrastructure. At the helm of the project was Armando Gonzales, the district's network administrator. "We did our homework, and chose D-Link because they could provide the solution we needed at the best value," he says. The district bought 30 D-Link xStack DXS-3350SR switches and nine DEM-420X XFP 10G uplink modules to connect the switches via fiber between their campuses and administrative buildings. "The project helped us replace an inadequate foundation with an efficient, reliable 10G network," says Gonzales.

Unified storage

Harvey Mudd College (HMC) has chosen Reldata 9240 Unified Storage Systems to satisfy the storage needs of the school's IT infrastructure. The 9240 systems include 9240 controllers in an active-active failover configuration, RELvos 2.1 virtualization software for enterprise-class unified storage services, 10GbE network connectivity and an SAS disk. "One of the things that has impressed me most about the system is that Reldata delivers a fully comprehensive feature set without extra cost add-ons," says Andy Davenport, systems and networks group leader at HMC. "Thanks to the logical layout of the management interface, we were able to complete the installation without on-site support from Reldata."