IBRS Advisor Team

IBRS Advisor Team

Read latest work...

Connect with IBRS

Have a specific question for IBRS Advisor Team?

Email

The Latest

24 June 2021: Samsung Networks, which was launched early in 2021, has struck a deal with infrastructure supplier PLUS ES to support the deployment of Samsung’s 5G technologies. Given activities from other 5G vendors, it is clear that the 5G rollout in Australia will only accelerate.

Why it’s Important

5G will impact both consumer and business applications, as well as hybrid working. It is not just a matter of speed. With greater bandwidth and different cost points, new services become possible. For example: chatbots passing not to a human agent using text, but a human agent on video. These service delivery innovations need to be tested in terms of how the public will accept them, the operational and staffing changes needed to support them, and finally the IT issues and architecture they will raise (including what to do with all the new data coming in)!

CTOs and innovation teams in organisations with public-facing services need to be experimenting and testing new service delivery options and ideas now, since such services are likely to give a competitive advantage.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

If not already established, form a temporary committee to brainstorm the potential for 5G on:

  • Service delivery
  • Field operations and staff
  • Business processes, both internal and external, and how these can be digitised ‘into the field’
  • Hybrid working

Related IBRS Advisory

  1. 5G potential to deliver economic upsides
  2. Samsung unveils new smartphones
  3. Telecommunications reborn
  4. Redefining what ruggedised means

The Latest

2 July 2021: Amazon released a video summary and report on its sustainability targets and performance. The key take outs are that Amazon is the largest corporate purchaser of renewable energy, with a shift of 42% from non-renewable within one year. The underlying message here is sustainability is no longer a political issue for the corporate sector, but a fiscal imperative.  

Why it’s Important

As outlined in previous IBRS research, all of the hyperscale cloud vendors - Google, AWS, Microsoft, Oracle and Alibaba - have well-documented strategies to reduce their reliance on carbon-based fuel sources. All position sustainability as a competitive advantage, not just against each other, but against on-premises data centres. 

It is likely that cloud vendors will be positioning their sustainability credentials in both business and general news channels, looking to position their brand as a leader on climate action. From a cynical view, this messaging will play well with the existing news cycle of the impact of climate change, from the disastrous bushfires to killer heatwaves in North America, to unseasonable storms and record-setting weather events. From a more optimistic perspective, these vendors will drive genuine solutions to reduce the carbon footprint associated with providing computing service.

Therefore, as cloud vendors set or meet zero carbon energy targets, the issue of sustainable ICT is set to re-emerge as a priority for CIOs and data centre architects.  

IBRS and BIAP (via the IT Leaders Summits) have tracked CIOs interest in the topic of green IT. An IBRS study in 2008 had sustainable ICT being rated as ‘very important’ for 25% of CIOs and ‘somewhat important’ for 59% of CIOs. Since then, interest in sustainable computing has plummeted year-on-year. The IBRS / BIAP data for 2016 had 6% of CIOs rating sustainable ICT as a priority. By 2020, less than 0.5% of CIOs rated sustainable ICT as a priority.

IBRS expects this trend to reverse sharply in 2024-2025 as the leading cloud vendors continue to demonstrate both environmental and financial benefits associated with renewable energy.

Who’s impacted

  • CIO
  • CFO
  • Data centre leads
  • Infrastructure architects

What’s Next?

By 2025 the leading cloud vendors will leverage their position in renewable energy consumption as a selling point for policy-makers to mandate cloud computing and place unattainable goals for architects of on-premises data centres.

Rather than waiting, CIOs should review previous strategies for sustainable ICT, with the expectation that these will need to be updated and reinstated within the next 3-5 years.

Related IBRS Advisory

  1. The Status of Green IT in Australian and New Zealand (2008)
  2. Building your Green IT strategy
  3. Think green IT: Think saving money
  4. Forget Green; think sustainable computing in 2009

Conclusion:

As detailed in IBRS’s 2021 Trends report, the vaccine shot will not end sporadic lockdowns. Organisations should routinely review workplace safety plans and update them based on current public health guidelines. Protective measures should still be in place.

If not already established, organisations should set up a workplace COVID-19 working group, which should include ICT representation. The working group should ensure the company’s compliance with public health recommendations, plan education, and determine how digital services will support the plan.

The Australian context for workplace vaccination policies are complicated by different privacy, duty of care and other workplace and safety regulations. This paper provides an overview of the policies that may impact management decisions as of June 2021.


Read more


The Latest

28 June 2021: After a leak of an early pre-release version of Windows, Microsoft formally announced Windows 11 and have followed up with a series of posts, most aimed at promoting the new user experience of the operating system. A quick look on YouTube will find dozens of reviews and tests of the pre-release version of Windows 11, and from early tests, it appears as if there is little performance impact for the OS. Reviews of Microsoft’s documentation suggest that there is no significant change to how Windows 11 can be deployed. The bulk of the changes appear to be related to how Microsoft’s Office 365 products are put front and centre within the desktop experience. Teams, in particular, takes centre stage. As with the release of Windows 10, Windows 11 will start by building new expectations among consumers, which will in turn drive staff to demand the new environment from their ICT groups. In this sense, the key issues for ICT look to be identical to those faced in 2015.

Why it’s Important

While Microsoft executives famously touted that Windows 10 would be the last Windows, a clear reference to enterprises’ frustrations with continued hardware/software refresh treadmill and the expense of upgrading fleets of desktops en-mass, the statement was never officially enshrined in the product lifecycle. This means that enterprises, at least for the foreseeable future, will need to plan for generational shifts in desktop upgrades, complete with the demands of change management and the potential bulk hardware refreshes.  

The common driver for most organisations looking to refresh their desktop environment (device management, security, application deployment and change management), is to ‘flatten the investment’ needed to keep users up to date. From a device asset management perspective, the goal is to move away from four-to-five year bulk buys and move to a rolling schedule of device refreshes. For software deployment, it's a move to a self-service model. And for the OS, it's a move to a gradually updated, evolving platform.  

All the above have become critical enablers of hybrid working and by extension business continuity. 

Microsoft’s Cloud-based approach to deploying devices and software with Autopilot is highly attractive as it supports the new digital workspace model. How best to migrate to Autopilot from the legacy ‘tiered’ desktop management approach is by far the most common question IBRS is asked in relation to digital workspaces.

Microsoft has noted that Windows 11 can be managed using all current tools and processes that are used to manage Windows 10. This means Windows 11 can be managed using the Cloud-based Autopilot approach and the ‘standardised desktop’ approach via SCCM (System Centre Configuration Manager). Third-party tools such as Ivanti are also expected to work without problem. Therefore, based on available information, there appears to be little additional benefit to Windows 11 over Windows 10 when it comes to deployment and management.

This is not to say that Windows 11 will not have other benefits to enterprises, but the (current) benefits appear to be more related to putting Office 365 services forward.

Who’s impacted

  • CIO
  • Desktop / end user computing teams
  • ICT asset management teams
  • CFO / ICT financial planning teams

What’s Next?

Enterprise desktop teams do not need to rush into Windows 11 planning. Device and software compatibility is expected to be high (despite some initial negative assumptions on YouTube). Instead, organisations should continue to focus their efforts on migrating from the standardised desktop management model to the ‘digital workspaces’ model which focuses on offering self-service capabilities and zero-trust security. In addition, adopting an iterative and ongoing approach to Office 365 change management is needed. Moving to the digital workspaces model will not only reap significant operational benefits over the older standardised desktop approach, but will also ensure a smoother transition to Windows 11 before the 2025 end of support deadline.

Related IBRS Advisory

  1. Digital Workspaces Master Advisory Presentation
  2. SNAPSHOT: Workforce Transformation beyond Mobility and Digital Workspaces
  3. How will you deal with Microsoft’s Pester Power strategy for Windows 10?
  4. The journey of Office 365: A guiding framework Part 3: Post-implementation

The Latest: 

26 June 2021: Zoho briefed IBRS on Zoho DataPrep, it’s new business-user focused data preparation which is being included in its existing Zoho Analytics tool, as well as being available separately as a tool to clean, transform and migrate data. DataPrep is in beta, and will be officially launched on 13th July 2021.

Why it’s Important

Traditionally, cleaning and transforming data for use in analytics platforms has involved scripting and complex ETL (extract, transform and load) processes. This was a barrier to allowing business stakeholders to take advantage of analytics. However, several analytics vendors (most notably Microsoft, Tableau, Qlik, Snowflake, Domo, etc.) have pioneered powerful, drag-and-drop low-code ETL into their products.  

Zoho, which is better known for its CRM, has an existing data analytics platform with Cloud storage, visualisation and reports, and dashboards. While the product is not as sophisticated as its top-drawer rivals, it can be considered ‘good enough’ for many business user’s needs. Most significantly, Zoho Analytics benefits from attractive licensing, including the ability to share reports and interactive dashboards both within an organisation and externally. 

However, Zoho Analytics lacked a business-user-friendly, low-code ELT environment, instead relying on SQL scripting. Zoho DataPrep fills this gap by providing a dedicated, AI-enabled platform for extracting data from a variety of sources, allowing data cleaning and transformations to be applied, with results being pushed into another database, data warehouse and Zoho Analytics. 

All existing Zoho Analytics clients will receive Zoho DataPrep with no change to licensing.

However, what is interesting here is Zoho’s decision to offer its DataPrep platform independent of its Analytics platform. This allows business stakeholders to use the platform as a tool to solve migration and data cleaning, not just analytics. 

IBRS’s initial tests of Zoho DataPrep suggest that it has some way to go before it can compete with the ready-made integration capabilities of Tableau, Power BI, Qlik, and others. In addition, it offers less complex ETL than it’s better established rivals. But, that may not be an issue for organisations where staff have limited data literacy maturity, or where analytics requirements are relatively straightforward.

Who’s impacted

  • CIO
  • Development team leads
  • Business analysts

What’s Next?

The bigger take out from Zoho’s announcement is that ETL, along with all other aspects of business intelligence and analytics, will be both low-code, business-user friendly and reside in the Cloud. ICT departments seeking to create ‘best of breed’ business intelligence architectures that demand highly specialised skills will simply be bypassed, due to their lack of agility. While there will be a role for highly skilled statisticians, data scientists, and machine learning professionals, the days of needing ICT staff that specialise in specific reporting and data warehousing products is passing. 

Related IBRS Advisory

  1. Snowflake Gets PROTECTED Status Security Tick by Aussie Auditor
  2. IBRSiQ: Power BI vs Tableau
  3. Business-First Data Analytics
  4. AWS Accelerates Cloud Analytics with Custom Hardware
  5. IBRSiQ AIS and Power BI Initiatives
  6. Trends in Data Catalogues
  7. When Does Power BI Deliver Power to the People?
  8. Staff need data literacy – Here’s how to help them get it

The Latest

26 May 2021: Google has introduced Datasteam, which the vendor defines as a “change data capture and replication service”. In short, the service allows changes in one data source to be replicated to other data sources in near real time. The service currently connects with Oracle and MySQL databases and a slew of Google Cloud services, including BigQuery, Cloud SQL, Cloud Storage, Spanner, and so forth.

Uses for such a service include: updating a data lake or similar repository with data being added to a production database, keeping disparate databases of different types in sync, consolidating global organisation information back to a central repository.

Datastream is based on Cloud functions - or serverless - architecture. This is significant, as it allows for scale-independent integration.

Why it’s Important

Ingesting data scale into Cloud-based data lakes is a challenge and can be costly. Even simple ingestion where data requires little in the way of transformation can be costly when run through a full ETL service. By leveraging serverless functions, Datastream has the potential to significantly lower the cost and improve performance of bringing large volumes of rapidly changing data into a data lake (or an SQL database which is being used as a pseudo data lake). 

Using serverless to improve the performance and economics of large scale data ingestion is not a new approach. IBRS interviewed the architecture of a major global streaming service in 2017 regarding how they moved from an integration platform to leveraging AWS Kinesis data pipelines and hand-coded serverless functions, and to achieve more or less the same thing that Google Datastream is providing. 

As organisations migrate to Cloud analytics, the ability to rapidly replicate large data sets will grow. Serverless architecture will emerge as an important pattern.

Who’s impacted

  • Analytics architecture leads
  • Integration teams
  • Enterprise architecture teams

What’s Next?

Become familiar with the potential to use serverless / cloud function as a ‘glue’ within your organisation’s Cloud architecture. 

Look for opportunities to leverage serverless when designing your organisations next analytics platform. 

Related IBRS Advisory

  1. Serverless Programming: Should your software development teams be exploring it?
  2. VENDORiQ: Google introduces Database Migration Service

The Latest

26 May 2021: Talend, a big data, analytics and integration vendor, has received ISO 27001:2013 and 27701:2019 certifications. According to the Talend, they are the only big data/integration vendor with this level of certification.  

Why it’s Important

IBRS has observed that even the most security focused organisations often overlook their big data integration and ETL (extract, transform, load) when it comes to assessing business risk. For example, when Microsoft launched its protected Azure services in Canberra, many of the Azure analytics capabilities, such as its machine learning services, were excluded from the platform.

The data being ingested into data lakes, be they on-premises or in the Cloud, will include private information on clients, staff or citizens, and possibly sensitive financial data. But more significantly, taken as an aggregate, this information contains patterns and insights that cyber criminals and state actors may leverage for further attacks.  The value of analysing data at scale to an organisation is just as valuable to criminals.

Who’s impacted

  • Business analytics architecture specialists
  • CISO 
  • Security teams

What’s Next?

Start by reviewing the sensitivity of information moving to the data analytics platform. Such information would be reviewed against the organisation's existing data governance and data classification framework.

Next, review the process of how sensitive information is ingested, manipulated, stored and accessed within the organisation’s analytics platform. Be sure to pay attention to ETL processes: both the technologies and processes involved. 

Finally, review the third-party (vendor) supply chain for all platforms and services involved in data analytics.

Related IBRS Advisory

  1. How does your organisation manage cyber supply chain risk?
  2. IBRSiQ: Risk assessment services and the dark web
  3. VENDORiQ: SolarWinds Incident

The Latest

10 May 2021: ServiceNow is acquiring Lightstep, a specialist vendor for monitoring digital workflows. While ServiceNow already has capabilities for monitoring its low-code applications and workflows, Lightstep will provide deep analytics and performance metrics. 

Why it’s Important

The rise of low-code will necessitate the use of application monitoring tools.  

From a technical perspective, being able to monitor performance of applications that may themselves be comprised of dozens of integrations and span multiple SaaS environments, is an important precursor to meeting user expectations. In low-code environments, gone are the days of being able to monitor server and network performance. Vendors such as ThousandEyes and Lightstep have emerged to provide a more comprehensive (and simplified) view of the complex application infrastructure that is emerging. Buying Lightstep is a smart move for ServiceNow, as it increasingly moves into enabling low-code departmental and public-facing applications. 

Another reason for monitoring low-code is to report back to the business tangible business benefits. While digitising a process can clearly save money, being able to quantify the savings with evidence after a solution has been deployed helps build the case for an expansion of low-code and (in the case of high-value products, such as ServiceNow) justify any increased licensing.

However, an often overlooked benefit of observability is application lifecycle. Observability allows organisations to identify and consolidate duplicate processes across an organisation. Observability also allows organisations to identify digital processes that are not being utilised and determine why, and give clues as to what to do about them.

Who’s impacted

  • Development team leads
  • Business analysts

What’s Next?

Expect low-code vendors to continue investing in workflow monitoring/observability tools, as well as low-code integration capabilities. 

When selecting a low-code application development platform, consider the degree to which being able to monitor workflows and processes will be useful. If using ServiceNow, will the existing capabilities be sufficient, or will investments in products such as Lightstep be needed. If using products such as Nintex, will leveraging their business process modelling tools provide the desired observability.

Related IBRS Advisory

  1. VENDORiQ: ServiceNow to Acquire Vendor Intellibot
  2. VENDORiQ: Creatio - More Low-Code Investments
  3. Aussie vendor radar: Nintex joins the mainstream business process automation vendor landscape

The Latest

19 May 2021: Google has launched Vertex AI, a platform that strives to accelerate the development of machine learning models (aka, algorithms). According to Google and IBRS discussions with early adopters, the platform does indeed dramatically reduce the amount of manual coding needed to develop (aka, train) machine learning models. 

Why it’s Important

The use of machine learning (ML) will have a dramatic impact on decision making support systems and automation over the next decade. For the majority of organisations, ML capabilities will be acquired as part of regular upgrades of enterprise SaaS solutions. Software leaders such as Microsoft, Salesforce, Adobe and even smaller ERP vendors such as Zoho and TechnologyOne, are all embedding ML powered services into their products today, and this will only accelerate.

However, developing proprietary ML models to meet specific needs may very well prove critically important for a few organisations. Recent examples of this include: customise direct customer outreach with specific language tailored to lessen overdue payment, and creating decision support solutions to reduce the occurrence of heatstroke.

IBRS has written extensively on ML development operations (MLOps). However, the future of this disciplin e will likely be AI-powered recommendation engines that aid data teams in the development of ML models. In a recent example, IBRS monitored a data scientist as they first developed an ML model to predict customer behaviour using traditional techniques, and then used a publicly available tool that leveraged ML itself to build, test and recommend the same model. Excluding data preparation, the hand-coded approach took 3 days to complete, while the assisted approach took several hours. But more importantly, the assisted approach tested more models that the data scientist could test manually, and delivered a model that was 3% more accurate than the hand-coded solution.

It should be noted that leveraging ‘low-code’ AI does not negate the need for data scientists or the pressing need to improve data literacy within most organisations. However, it has the potential to dramatically reduce the cost of developing and testing ML models, which lowers the financial risk for organisations experimenting with AI.

Who’s impacted

  • CIO
  • COO
  • CFO
  • Marketing leads
  • Development team leads

What’s Next?

Prepare for low-code AI to become increasingly common and the hype surrounding it to grow significant in the coming two years. However, the excitement for low-code ML should be tempered with the realisation that many of the use cases for ML will be embedded ‘out of the box’ in ERP, CRM, HCM, workforce management, and asset management SaaS solutions in the near future. Organisations should balance the ‘build it’ versus ‘wait for it’ decision when it comes to ML-power services. 

Related IBRS Advisory

  1. Six Critical Success Factors for Machine Learning Projects
  2. Options for Machine Learning-as-a-Service: The Big Four AIs Battle it Out
  3. How can AI reimagine your business processes?
  4. Low-Code Platform Feature Checklist
  5. VENDORiQ: BMC Adds AI to IT Operations
  6. Artificial intelligence Part 3: Preparing IT organisations for artificial intelligence deployment

IBRSiQ is a database of Client inquiries and is designed to get you talking to our advisors about these topics in the context of your organisation in order to provide tailored advice for your needs.


Read more


The Latest

11 May 2021: Jamf is a market leader in Apple iOS device management, with a strong presence in education. It has announced its intention to acquire the zero-trust end-point security vendor Wandera. 

Why it’s Important

Vendors in the device management have two options for continued growth: add new services and grow horizontally within their market (as in VMWare), or specialise in increasingly niche areas. Jamf has remained firmly entrenched in providing Apple device management, so it is a niche (though important) player in device management. Its acquisition of Wandera, hot on the heels of its purchase of Mondad, will broaden its base and help cement its position against the broader players. 

Who’s impacted

  • End user computing/digital workspace teams
  • Security teams

What’s Next?

Globally, the move to working from home saw an uplift in Apple products being connected to enterprise (work) environments. Citing IDC, Jamf reports the penetration of macOS in 2019 was around 17%, and during 2020 this increased to 23%. In addition, globally 49% of smartphones connecting to work environments remain iOS, though this is slightly lower in Australia, where Android has gained small market share in a tight market last year. 

The challenge with supporting a mixed device ecosystem (Windows, Android, macOS, iOS, Chrome) is now more than just securing the end-point, but the entire information ecosystem. VPNs in particular proved difficult to scale and adapt to a myriad of end points. The need to patch reliability and manage software also becomes significantly difficult due to differing rates of change, patch cycles and tools needed. 

Jamf’s acquisition of Wandera will not eliminate these challenges completely, but will at least simplify the Apple slice of the situation. 

Related IBRS Advisory

  1. Requirements Check-List for Mobile Device Management Solutions
  2. Embracing security evolution with zero trust networking

The Latest

Mid May 2021: Mulesoft detailed its new Connectors for SAP during an analyst’s briefing. The SAP connector is most interesting, since it aims to speed up the development of lightweight, agile customer-facing, online self-service capabilities, while building on the weighty (not exactly agile) capabilities of SAP.  

Mulesoft has out-of-box integrations (called connectors) for existing data sources including AWS, Google, GCP, Azure, Snowflake, Salesforce, Splunk, Stripe, Oracle, ServiceNow, Zendesk, Workday Jira, Trello, Azure, SAP, Microsoft Dynamics, etc. Mulesoft has identified 900 common enterprise applications, though only 28% of these have pre-existing integrations. Mulesoft states that on average 35 different apps are needed for a single customer-facing enterprise digital solution. Therefore, it is investing heavily in developing additional connectors for enterprise solutions, with at least 50 planned for release in 2021.

Why it’s Important

In late 2019 and early 2020, IBRS conducted a series of 37 detailed interviews with organisations that found organisations with ERP SaaS platforms supported by low-code workflows and integration, saw at least 3 times (and up to 10 times!) as many customer-facing services delivered annually as compared with on-premise solutions with traditionally managed API integrations. A recent series of 67 interviews confirms these findings.

During COVID-19, the big winners of the ‘prepackaged integration’ model (specifically, the model outlined in the 'Trends for 2021-2026: No New Normal and Preparing For the Fourth Wave of ICT'), were business-to-consumer organisations that quickly pivoted from a myriad of shopfront locations to digital stores in a matter of weeks. As Mulesoft has figured out, this is not just an issue of having the ability to integrate, but having a consolidated core of ERP capabilities to provide core data and processes, surrounded by a fabric of low-code application, workflow and integration services.

Who’s impacted

  • COO
  • CIO
  • Head of sales 
  • DevOps leads
  • Enterprise architects

What’s Next?

Organisations should consider how their current environment - including legacy ERP - can evolve to support the fourth wave of enterprise architecture. This will impact upgrade decisions for ERP and other enterprise applications, the selection of low-code application development and integration tools.  

Related IBRS Advisory

  1. Trends for 2021-2026: No New Normal and Preparing For the Fourth-wave of ICT
  2. Accelerating Remote Services Deployment

The Latest

May 2021: Talend, a vendor of data and analytics tools, released its Data Health Survey Report that claims 36% of executives skip data when making decisions, and instead go “with their gut”. At the same time, the report claims that 64% of executives “work with data everyday”. On the surface, these two figures seem at odds. However, the report goes on to claim 78% of executives “have challenges in making data drive decisions”, and this is largely due to data quality issues. However, the most interesting finding from the report is “those who produce and those who analyse data live in alternative data realities”.

Why it’s Important

At its core, this report highlights the issue of data literacy. The report was compiled from 529 responses from companies with over USD10 million in sales. A quarter of respondents were from the Asia Pacific region. However, IBRS cautions drawing Australia-specific inference, given that different markets have differing levels of data literacy maturity. No details were given for industry, which is also likely to impact data literacy maturity. In fairness, any more detailed analysis of a country or industry would not be feasible, given the sample size. 

The above concerns aside, the report does highlight the importance of data literacy: investments in big data tools are useless unless executives are knowledgeable and well versed in the key concepts of applying analytical thinking to business decisions. IBRS notes that without data literacy, the most common use of new self-service visualisation tools such as Power BI, Looker, Domo, Tableau, Qlik, Zoho and others, is to ‘prove’ executives' gut feelings. In short, too often visualisations tools are used to reinforce the ‘current ways of thinking’ rather than seek areas for improvement.  

The report’s statement that “those who produce and those who analyse data live in alternative data realities”, frequently underpins IBRS inquiries into why business intelligence and analysis programs fail to produce the expected business benefits.

Who’s impacted

  • Business intelligence/analytics teams
  • Senior line-of-business executives
  • Human resources/training teams

What’s Next?

ICT teams responsible for providing business intelligence and analytics services need to cease solely focusing on the tools and technologies and ‘getting data curated’, and spend time exploring which business decisions would most benefit from the application of analytical thinking. However, the ICT teams cannot do this alone. They need to be involved in uplifting data literacy among line-of-business executives and work closely with them to identify the decisions that not only can be addressed with data, but those that would make the biggest difference to organisational outcomes. This does not mean that all aspects of a data scientists role need to be explained to business executives. Rather, training executives in the principles of using data to inquire into issues or disprove current ways of doing things is more important.  

Related IBRS Advisory

  1. Staff need data literacy – Here’s how to help them get it
  2. When Does Power BI Deliver Power to the People?
  3. The critical link between data literacy and customer experience

The Latest

29 April 2021: Cloud-based analytics platform vendor Snowflake has received ‘PROTECTED’ status under IRAP (Australian Information Security Registered Assessors Program).  

Why it’s Important

As IBRS has previously reported, Cloud-based analytics has reached a point in cost of operation and sophistication that it should be considered the de facto choice for future investments in reporting and analytics. However, IBRS does call out that there are sensitive data sets that need to be governed and secured to a higher standard. Often, such data sets are the reasons why organisations decide to keep their analytics on-premises, even if the cost analysis does not stack up against IaaS or SaaS solutions.

The irony here is that IT professionals now accept that even without PROTECTED status, Cloud infrastructure provides a higher security benchmark than most organisations on-premises environments.

However, security must not be overlooked in the analytics space. Data lakes and data warehouses are incredibly valuable targets, especially as they can hold private information that is then contextualised with other data sets.

By demonstrating IRAP certification, Snowflake effectively opens the door to working with Australian Government agencies. But it also signals that hyper-scale Cloud-based analytics platforms can not only offer a bigger bang for your buck, but greatly improve an organisation's security stance.

Who’s impacted

  • CDO
  • Data architecture teams
  • Business intelligence/analytics teams
  • CISO
  • Public sector tech strategists

What’s Next?

Review the security certifications and stance of any Cloud-based analytics tools in use, including those embedded with core business systems, and those that have crept into the organisations via shadow IT (we are looking at you, Microsoft PowerBI!). Match these against compliance requirements for the datasets being used and determine if remediation is required.

When planning for an upgraded analytics platform, put security certification front and centre, but also recognise that like any Cloud storage, the most likely security breach will occur from poor configuration or excess permissions.

Related IBRS Advisory

  1. Key lessons from the executive roundtable on data, analytics and business value
  2. VENDORiQ: AWS Accelerates Cloud Analytics with Custom Hardware
  3. IBRSiQ: AIS and Power BI Initiatives
  4. VENDORiQ: Snowflakes New Services Flip The Analytics Model